From 8f9e05e482293f862823fcca12d9eddfb3723131 Mon Sep 17 00:00:00 2001 From: Thomas Boop <> Date: Mon, 28 Feb 2022 16:17:29 -0500 Subject: [PATCH 01/13] Update to node 16 (#689) * Update to node 16 * update setup-node version * Update check-dist.yml update setup node version * update dist/index.js --- .github/workflows/check-dist.yml | 4 ++-- .github/workflows/test.yml | 2 +- action.yml | 2 +- dist/index.js | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index d5d68d6..7762863 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -24,10 +24,10 @@ jobs: steps: - uses: actions/checkout@v2 - - name: Set Node.js 12.x + - name: Set Node.js 16.x uses: actions/setup-node@v1 with: - node-version: 12.x + node-version: 16.x - name: Install dependencies run: npm ci diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 87360d3..c0ee6e8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/setup-node@v1 with: - node-version: 12.x + node-version: 16.x - uses: actions/checkout@v2 - run: npm ci - run: npm run build diff --git a/action.yml b/action.yml index 91d3982..1bf8bea 100644 --- a/action.yml +++ b/action.yml @@ -69,6 +69,6 @@ inputs: converted to HTTPS. default: false runs: - using: node12 + using: node16 main: dist/index.js post: dist/index.js diff --git a/dist/index.js b/dist/index.js index 8542f7d..1dab10c 100644 --- a/dist/index.js +++ b/dist/index.js @@ -4229,7 +4229,7 @@ module.exports = require("punycode"); /***/ 215: /***/ (function(module) { -module.exports = {"name":"@octokit/rest","version":"16.43.1","publishConfig":{"access":"public"},"description":"GitHub REST API client for Node.js","keywords":["octokit","github","rest","api-client"],"author":"Gregor Martynus (","contributors":[{"name":"Mike de Boer","email":""},{"name":"Fabian Jakobs","email":""},{"name":"Joe Gallo","email":""},{"name":"Gregor Martynus","url":""}],"repository":"","dependencies":{"@octokit/auth-token":"^2.4.0","@octokit/plugin-paginate-rest":"^1.1.1","@octokit/plugin-request-log":"^1.0.0","@octokit/plugin-rest-endpoint-methods":"2.4.0","@octokit/request":"^5.2.0","@octokit/request-error":"^1.0.2","atob-lite":"^2.0.0","before-after-hook":"^2.0.0","btoa-lite":"^1.0.0","deprecation":"^2.0.0","lodash.get":"^4.4.2","lodash.set":"^4.3.2","lodash.uniq":"^4.5.0","octokit-pagination-methods":"^1.1.0","once":"^1.4.0","universal-user-agent":"^4.0.0"},"devDependencies":{"@gimenete/type-writer":"^0.1.3","@octokit/auth":"^1.1.1","@octokit/fixtures-server":"^5.0.6","@octokit/graphql":"^4.2.0","@types/node":"^13.1.0","bundlesize":"^0.18.0","chai":"^4.1.2","compression-webpack-plugin":"^3.1.0","cypress":"^3.0.0","glob":"^7.1.2","http-proxy-agent":"^4.0.0","lodash.camelcase":"^4.3.0","lodash.merge":"^4.6.1","lodash.upperfirst":"^4.3.1","lolex":"^5.1.2","mkdirp":"^1.0.0","mocha":"^7.0.1","mustache":"^4.0.0","nock":"^11.3.3","npm-run-all":"^4.1.2","nyc":"^15.0.0","prettier":"^1.14.2","proxy":"^1.0.0","semantic-release":"^17.0.0","sinon":"^8.0.0","sinon-chai":"^3.0.0","sort-keys":"^4.0.0","string-to-arraybuffer":"^1.0.0","string-to-jsdoc-comment":"^1.0.0","typescript":"^3.3.1","webpack":"^4.0.0","webpack-bundle-analyzer":"^3.0.0","webpack-cli":"^3.0.0"},"types":"index.d.ts","scripts":{"coverage":"nyc report --reporter=html && open coverage/index.html","lint":"prettier --check '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js package.json","lint:fix":"prettier --write '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js package.json","pretest":"npm run -s lint","test":"nyc mocha test/mocha-node-setup.js \"test/*/**/*-test.js\"","test:browser":"cypress run --browser chrome","build":"npm-run-all build:*","build:ts":"npm run -s update-endpoints:typescript","prebuild:browser":"mkdirp dist/","build:browser":"npm-run-all build:browser:*","build:browser:development":"webpack --mode development --entry . --output-library=Octokit --output=./dist/octokit-rest.js --profile --json > dist/bundle-stats.json","build:browser:production":"webpack --mode production --entry . --plugin=compression-webpack-plugin --output-library=Octokit --output-path=./dist --output-filename=octokit-rest.min.js --devtool source-map","generate-bundle-report":"webpack-bundle-analyzer dist/bundle-stats.json --mode=static --no-open --report dist/bundle-report.html","update-endpoints":"npm-run-all update-endpoints:*","update-endpoints:fetch-json":"node scripts/update-endpoints/fetch-json","update-endpoints:typescript":"node scripts/update-endpoints/typescript","prevalidate:ts":"npm run -s build:ts","validate:ts":"tsc --target es6 --noImplicitAny index.d.ts","postvalidate:ts":"tsc --noEmit --target es6 test/typescript-validate.ts","start-fixtures-server":"octokit-fixtures-server"},"license":"MIT","files":["index.js","index.d.ts","lib","plugins"],"nyc":{"ignore":["test"]},"release":{"publish":["@semantic-release/npm",{"path":"@semantic-release/github","assets":["dist/*","!dist/*.map.gz"]}]},"bundlesize":[{"path":"./dist/octokit-rest.min.js.gz","maxSize":"33 kB"}],"_resolved":"","_integrity":"sha512-gfFKwRT/wFxq5qlNjnW2dh+qh74XgTQ2B179UX5K1HYCluioWj8Ndbgqw2PVqa1NnVJkGHp2ovMpVn/DImlmkw==","_from":"@octokit/rest@16.43.1"}; +module.exports = {"name":"@octokit/rest","version":"16.43.1","publishConfig":{"access":"public"},"description":"GitHub REST API client for Node.js","keywords":["octokit","github","rest","api-client"],"author":"Gregor Martynus (","contributors":[{"name":"Mike de Boer","email":""},{"name":"Fabian Jakobs","email":""},{"name":"Joe Gallo","email":""},{"name":"Gregor Martynus","url":""}],"repository":"","dependencies":{"@octokit/auth-token":"^2.4.0","@octokit/plugin-paginate-rest":"^1.1.1","@octokit/plugin-request-log":"^1.0.0","@octokit/plugin-rest-endpoint-methods":"2.4.0","@octokit/request":"^5.2.0","@octokit/request-error":"^1.0.2","atob-lite":"^2.0.0","before-after-hook":"^2.0.0","btoa-lite":"^1.0.0","deprecation":"^2.0.0","lodash.get":"^4.4.2","lodash.set":"^4.3.2","lodash.uniq":"^4.5.0","octokit-pagination-methods":"^1.1.0","once":"^1.4.0","universal-user-agent":"^4.0.0"},"devDependencies":{"@gimenete/type-writer":"^0.1.3","@octokit/auth":"^1.1.1","@octokit/fixtures-server":"^5.0.6","@octokit/graphql":"^4.2.0","@types/node":"^13.1.0","bundlesize":"^0.18.0","chai":"^4.1.2","compression-webpack-plugin":"^3.1.0","cypress":"^3.0.0","glob":"^7.1.2","http-proxy-agent":"^4.0.0","lodash.camelcase":"^4.3.0","lodash.merge":"^4.6.1","lodash.upperfirst":"^4.3.1","lolex":"^5.1.2","mkdirp":"^1.0.0","mocha":"^7.0.1","mustache":"^4.0.0","nock":"^11.3.3","npm-run-all":"^4.1.2","nyc":"^15.0.0","prettier":"^1.14.2","proxy":"^1.0.0","semantic-release":"^17.0.0","sinon":"^8.0.0","sinon-chai":"^3.0.0","sort-keys":"^4.0.0","string-to-arraybuffer":"^1.0.0","string-to-jsdoc-comment":"^1.0.0","typescript":"^3.3.1","webpack":"^4.0.0","webpack-bundle-analyzer":"^3.0.0","webpack-cli":"^3.0.0"},"types":"index.d.ts","scripts":{"coverage":"nyc report --reporter=html && open coverage/index.html","lint":"prettier --check '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js package.json","lint:fix":"prettier --write '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js package.json","pretest":"npm run -s lint","test":"nyc mocha test/mocha-node-setup.js \"test/*/**/*-test.js\"","test:browser":"cypress run --browser chrome","build":"npm-run-all build:*","build:ts":"npm run -s update-endpoints:typescript","prebuild:browser":"mkdirp dist/","build:browser":"npm-run-all build:browser:*","build:browser:development":"webpack --mode development --entry . --output-library=Octokit --output=./dist/octokit-rest.js --profile --json > dist/bundle-stats.json","build:browser:production":"webpack --mode production --entry . --plugin=compression-webpack-plugin --output-library=Octokit --output-path=./dist --output-filename=octokit-rest.min.js --devtool source-map","generate-bundle-report":"webpack-bundle-analyzer dist/bundle-stats.json --mode=static --no-open --report dist/bundle-report.html","update-endpoints":"npm-run-all update-endpoints:*","update-endpoints:fetch-json":"node scripts/update-endpoints/fetch-json","update-endpoints:typescript":"node scripts/update-endpoints/typescript","prevalidate:ts":"npm run -s build:ts","validate:ts":"tsc --target es6 --noImplicitAny index.d.ts","postvalidate:ts":"tsc --noEmit --target es6 test/typescript-validate.ts","start-fixtures-server":"octokit-fixtures-server"},"license":"MIT","files":["index.js","index.d.ts","lib","plugins"],"nyc":{"ignore":["test"]},"release":{"publish":["@semantic-release/npm",{"path":"@semantic-release/github","assets":["dist/*","!dist/*.map.gz"]}]},"bundlesize":[{"path":"./dist/octokit-rest.min.js.gz","maxSize":"33 kB"}]}; /***/ }), From a12a3943b4bdde767164f792f33f40b04645d846 Mon Sep 17 00:00:00 2001 From: Thomas Boop <> Date: Tue, 1 Mar 2022 12:46:45 -0500 Subject: [PATCH 02/13] update readme for v3 (#708) * update readme for v3 * update readme with changes * nit grammar --- | 45 ++++++++++++++------------------------- src/misc/generate-docs.ts | 2 +- 2 files changed, 17 insertions(+), 30 deletions(-) diff --git a/ b/ index 775cee5..b185d46 100644 --- a/ +++ b/ @@ -2,7 +2,7 @@ GitHub Actions status

-# Checkout V2 +# Checkout V3 This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it. @@ -14,27 +14,14 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl # What's new -- Improved performance - - Fetches only a single commit by default -- Script authenticated git commands - - Auth token persisted in the local git config -- Supports SSH -- Creates a local branch - - No longer detached HEAD when checking out a branch -- Improved layout - - The input `path` is always relative to $GITHUB_WORKSPACE - - Aligns better with container actions, where $GITHUB_WORKSPACE gets mapped in -- Fallback to REST API download - - When Git 2.18 or higher is not in the PATH, the REST API will be used to download the files - - When using a job container, the container's PATH is used - -Refer [here]( for previous versions. +- Updated to the node16 runtime by default + - This requires a minimum [Actions Runner]( version of v2.285.0 to run, which is by default available in GHES 3.4 or later. # Usage ```yaml -- uses: actions/checkout@v2 +- uses: actions/checkout@v3 with: # Repository name with owner. For example, actions/checkout # Default: ${{ github.repository }} @@ -123,7 +110,7 @@ Refer [here]( for previous ## Fetch all history for all tags and branches ```yaml -- uses: actions/checkout@v2 +- uses: actions/checkout@v3 with: fetch-depth: 0 ``` @@ -131,7 +118,7 @@ Refer [here]( for previous ## Checkout a different branch ```yaml -- uses: actions/checkout@v2 +- uses: actions/checkout@v3 with: ref: my-branch ``` @@ -139,7 +126,7 @@ Refer [here]( for previous ## Checkout HEAD^ ```yaml -- uses: actions/checkout@v2 +- uses: actions/checkout@v3 with: fetch-depth: 2 - run: git checkout HEAD^ @@ -149,12 +136,12 @@ Refer [here]( for previous ```yaml - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: main - name: Checkout tools repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: repository: my-org/my-tools path: my-tools @@ -164,10 +151,10 @@ Refer [here]( for previous ```yaml - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Checkout tools repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: repository: my-org/my-tools path: my-tools @@ -177,12 +164,12 @@ Refer [here]( for previous ```yaml - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: main - name: Checkout private tools - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: repository: my-org/my-private-tools token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT @@ -195,7 +182,7 @@ Refer [here]( for previous ## Checkout pull request HEAD commit instead of merge commit ```yaml -- uses: actions/checkout@v2 +- uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} ``` @@ -211,7 +198,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 ``` ## Push a commit using the built-in token @@ -222,7 +209,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - run: | date > generated.txt git config github-actions diff --git a/src/misc/generate-docs.ts b/src/misc/generate-docs.ts index a1c845d..57d2888 100644 --- a/src/misc/generate-docs.ts +++ b/src/misc/generate-docs.ts @@ -120,7 +120,7 @@ function updateUsage( } updateUsage( - 'actions/checkout@v2', + 'actions/checkout@v3', path.join(__dirname, '..', '..', 'action.yml'), path.join(__dirname, '..', '..', '') ) From 2d1c1198e79c30cca5c3957b1e3b65ce95b5356e Mon Sep 17 00:00:00 2001 From: Thomas Boop <> Date: Tue, 1 Mar 2022 13:02:13 -0500 Subject: [PATCH 03/13] update test workflows to checkout v3 (#709) --- .github/workflows/check-dist.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/licensed.yml | 2 +- .github/workflows/test.yml | 8 ++++---- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index 7762863..01ca805 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set Node.js 16.x uses: actions/setup-node@v1 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index e96bed6..a771bc0 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Initialize CodeQL uses: github/codeql-action/init@v1 diff --git a/.github/workflows/licensed.yml b/.github/workflows/licensed.yml index c7c9dbe..72ce2db 100644 --- a/.github/workflows/licensed.yml +++ b/.github/workflows/licensed.yml @@ -9,6 +9,6 @@ jobs: runs-on: ubuntu-latest name: Check licenses steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - run: npm ci - run: npm run licensed-check \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c0ee6e8..2fc85eb 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,7 +14,7 @@ jobs: - uses: actions/setup-node@v1 with: node-version: 16.x - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - run: npm ci - run: npm run build - run: npm run format-check @@ -32,7 +32,7 @@ jobs: steps: # Clone this repo - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Basic checkout - name: Checkout basic @@ -150,7 +150,7 @@ jobs: steps: # Clone this repo - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Basic checkout using git - name: Checkout basic @@ -182,7 +182,7 @@ jobs: steps: # Clone this repo - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Basic checkout using git - name: Checkout basic From d50f8ea76748df49594d9b109b614f3b4db63c71 Mon Sep 17 00:00:00 2001 From: Edward Thomson Date: Fri, 25 Mar 2022 09:52:31 -0400 Subject: [PATCH 04/13] Add v3.0 release information to changelog (#740) --- | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ b/ index 6f40def..df9a6f1 100644 --- a/ +++ b/ @@ -1,10 +1,13 @@ # Changelog +## v3.0.0 + +- [Update to node 16]( + ## v2.3.1 - [Fix default branch resolution for .wiki and when using SSH]( - ## v2.3.0 - [Fallback to the default branch]( From 5126516654c75f76bca1de45dd82a3006d8890f9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]> Date: Thu, 31 Mar 2022 10:09:15 -0400 Subject: [PATCH 05/13] Bump minimist from 1.2.5 to 1.2.6 (#741) Bumps [minimist]( from 1.2.5 to 1.2.6. - [Release notes]( - [Commits]( --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]> --- package-lock.json | 68 +++-------------------------------------------- 1 file changed, 3 insertions(+), 65 deletions(-) diff --git a/package-lock.json b/package-lock.json index bd4ba57..9a3d6f4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1929,12 +1929,6 @@ "picomatch": "^2.2.3" } }, - "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "normalize-path": { "version": "3.0.0", "resolved": "", @@ -3325,12 +3319,6 @@ "picomatch": "^2.2.3" } }, - "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "normalize-path": { "version": "3.0.0", "resolved": "", @@ -5389,12 +5377,6 @@ "picomatch": "^2.2.3" } }, - "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "normalize-path": { "version": "3.0.0", "resolved": "", @@ -7714,12 +7696,6 @@ "minimist": "^1.2.5" } }, - "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "semver": { "version": "6.3.0", "resolved": "", @@ -9368,12 +9344,6 @@ "picomatch": "^2.2.3" } }, - "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "normalize-path": { "version": "3.0.0", "resolved": "", @@ -11389,12 +11359,6 @@ "picomatch": "^2.2.3" } }, - "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "normalize-path": { "version": "3.0.0", "resolved": "", @@ -12940,12 +12904,6 @@ "picomatch": "^2.2.3" } }, - "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "normalize-path": { "version": "3.0.0", "resolved": "", @@ -13700,12 +13658,6 @@ "picomatch": "^2.2.3" } }, - "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "normalize-path": { "version": "3.0.0", "resolved": "", @@ -14633,12 +14585,6 @@ "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", "dev": true }, - "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "normalize-path": { "version": "3.0.0", "resolved": "", @@ -15730,14 +15676,6 @@ "dev": true, "requires": { "minimist": "^1.2.0" - }, - "dependencies": { - "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - } } }, "kleur": { @@ -15934,9 +15872,9 @@ } }, "minimist": { - "version": "1.2.5", - "resolved": "", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", + "version": "1.2.6", + "resolved": "", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==", "dev": true }, "ms": { From add3486cc3b55d4a5e11c8045058cef96538edc7 Mon Sep 17 00:00:00 2001 From: Tingluo Huang Date: Tue, 5 Apr 2022 13:01:33 -0400 Subject: [PATCH 06/13] Patch to fix the dependbot alert. (#744) * Patch to fix the dependbot alert. * . * . * . --- .licenses/npm/node-fetch.dep.yml | 2 +- dist/index.js | 32 +++++++++++++++++++++++++++++--- package-lock.json | 6 +++--- src/misc/ | 2 +- src/misc/ | 14 +++++++------- src/misc/ | 2 +- 6 files changed, 42 insertions(+), 16 deletions(-) diff --git a/.licenses/npm/node-fetch.dep.yml b/.licenses/npm/node-fetch.dep.yml index 938f089..b49a78a 100644 --- a/.licenses/npm/node-fetch.dep.yml +++ b/.licenses/npm/node-fetch.dep.yml @@ -1,6 +1,6 @@ --- name: node-fetch -version: 2.6.5 +version: 2.6.7 type: npm summary: A light-weight module that brings window.fetch to node.js homepage: diff --git a/dist/index.js b/dist/index.js index 1dab10c..271b054 100644 --- a/dist/index.js +++ b/dist/index.js @@ -10195,7 +10195,7 @@ Object.defineProperty(Response.prototype, Symbol.toStringTag, { }); const INTERNALS$2 = Symbol('Request internals'); -const URL = whatwgUrl.URL; +const URL = Url.URL || whatwgUrl.URL; // fix an issue where "format", "parse" aren't a named export for node <10 const parse_url = Url.parse; @@ -10458,9 +10458,17 @@ AbortError.prototype = Object.create(Error.prototype); AbortError.prototype.constructor = AbortError; = 'AbortError'; +const URL$1 = Url.URL || whatwgUrl.URL; + // fix an issue where "PassThrough", "resolve" aren't a named export for node <10 const PassThrough$1 = Stream.PassThrough; -const resolve_url = Url.resolve; + +const isDomainOrSubdomain = function isDomainOrSubdomain(destination, original) { + const orig = new URL$1(original).hostname; + const dest = new URL$1(destination).hostname; + + return orig === dest || orig[orig.length - dest.length - 1] === '.' && orig.endsWith(dest); +}; /** * Fetch function @@ -10548,7 +10556,19 @@ function fetch(url, opts) { const location = headers.get('Location'); // HTTP fetch step 5.3 - const locationURL = location === null ? null : resolve_url(request.url, location); + let locationURL = null; + try { + locationURL = location === null ? null : new URL$1(location, request.url).toString(); + } catch (err) { + // error here can only be invalid URL in Location: header + // do not throw when options.redirect == manual + // let the user extract the errorneous redirect URL + if (request.redirect !== 'manual') { + reject(new FetchError(`uri requested responds with an invalid redirect URL: ${location}`, 'invalid-redirect')); + finalize(); + return; + } + } // HTTP fetch step 5.5 switch (request.redirect) { @@ -10596,6 +10616,12 @@ function fetch(url, opts) { size: request.size }; + if (!isDomainOrSubdomain(request.url, locationURL)) { + for (const name of ['authorization', 'www-authenticate', 'cookie', 'cookie2']) { + requestOpts.headers.delete(name); + } + } + // HTTP-redirect fetch step 9 if (res.statusCode !== 303 && request.body && getTotalBytes(request) === null) { reject(new FetchError('Cannot follow redirect with body being a readable stream', 'unsupported-redirect')); diff --git a/package-lock.json b/package-lock.json index 9a3d6f4..5269d6f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15895,9 +15895,9 @@ "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==" }, "node-fetch": { - "version": "2.6.5", - "resolved": "", - "integrity": "sha512-mmlIVHJEu5rnIxgEgez6b9GgWXbkZj5YZ7fx+2r94a2E+Uirsp6HsPTPlomfdHtpt/B0cdKviwkoaM6pyvUOpQ==", + "version": "2.6.7", + "resolved": "", + "integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==", "requires": { "whatwg-url": "^5.0.0" }, diff --git a/src/misc/ b/src/misc/ index f5066fd..81987b6 100755 --- a/src/misc/ +++ b/src/misc/ @@ -5,4 +5,4 @@ set -e src/misc/ echo 'Running: licensed cached' -_temp/licensed-3.3.1/licensed status \ No newline at end of file +_temp/licensed-3.6.0/licensed status \ No newline at end of file diff --git a/src/misc/ b/src/misc/ index 192091e..973e8e2 100755 --- a/src/misc/ +++ b/src/misc/ @@ -2,23 +2,23 @@ set -e -if [ ! -f _temp/licensed-3.3.1.done ]; then +if [ ! -f _temp/licensed-3.6.0.done ]; then echo 'Clearing temp' - rm -rf _temp/licensed-3.3.1 || true + rm -rf _temp/licensed-3.6.0 || true echo 'Downloading licensed' - mkdir -p _temp/licensed-3.3.1 - pushd _temp/licensed-3.3.1 + mkdir -p _temp/licensed-3.6.0 + pushd _temp/licensed-3.6.0 if [[ "$OSTYPE" == "darwin"* ]]; then - curl -Lfs -o licensed.tar.gz + curl -Lfs -o licensed.tar.gz else - curl -Lfs -o licensed.tar.gz + curl -Lfs -o licensed.tar.gz fi echo 'Extracting licenesed' tar -xzf licensed.tar.gz popd - touch _temp/licensed-3.3.1.done + touch _temp/licensed-3.6.0.done else echo 'Licensed already downloaded' fi diff --git a/src/misc/ b/src/misc/ index e66e03b..d2e1877 100755 --- a/src/misc/ +++ b/src/misc/ @@ -5,4 +5,4 @@ set -e src/misc/ echo 'Running: licensed cached' -_temp/licensed-3.3.1/licensed cache \ No newline at end of file +_temp/licensed-3.6.0/licensed cache \ No newline at end of file From dcd71f646680f2efd8db4afa5ad64fdcba30e748 Mon Sep 17 00:00:00 2001 From: Thomas Boop <> Date: Thu, 14 Apr 2022 14:13:20 -0400 Subject: [PATCH 07/13] Enforce safe directory (#762) * set safe directory when running checkout * Update --- | 4 + __test__/git-auth-helper.test.ts | 9 +- dist/index.js | 169 +++++++++++++++++------------ src/git-auth-helper.ts | 52 ++++++--- src/git-source-provider.ts | 179 ++++++++++++++++--------------- 5 files changed, 244 insertions(+), 169 deletions(-) diff --git a/ b/ index df9a6f1..cc333cf 100644 --- a/ +++ b/ @@ -1,5 +1,9 @@ # Changelog +## v3.0.1 +- [Fixed an issue where checkout failed to run in container jobs due to the new git setting ``]( +- [Bumped various npm package versions]( + ## v3.0.0 - [Update to node 16]( diff --git a/__test__/git-auth-helper.test.ts b/__test__/git-auth-helper.test.ts index e14e948..80ccbcb 100644 --- a/__test__/git-auth-helper.test.ts +++ b/__test__/git-auth-helper.test.ts @@ -643,10 +643,11 @@ describe('git-auth-helper tests', () => { expect(gitConfigContent.indexOf('http.')).toBeLessThan(0) }) - const removeGlobalAuth_removesOverride = 'removeGlobalAuth removes override' - it(removeGlobalAuth_removesOverride, async () => { + const removeGlobalConfig_removesOverride = + 'removeGlobalConfig removes override' + it(removeGlobalConfig_removesOverride, async () => { // Arrange - await setup(removeGlobalAuth_removesOverride) + await setup(removeGlobalConfig_removesOverride) const authHelper = gitAuthHelper.createAuthHelper(git, settings) await authHelper.configureAuth() await authHelper.configureGlobalAuth() @@ -655,7 +656,7 @@ describe('git-auth-helper tests', () => { await fs.promises.stat(path.join(git.env['HOME'], '.gitconfig')) // Act - await authHelper.removeGlobalAuth() + await authHelper.removeGlobalConfig() // Assert expect(git.env['HOME']).toBeUndefined() diff --git a/dist/index.js b/dist/index.js index 271b054..c86f050 100644 --- a/dist/index.js +++ b/dist/index.js @@ -6572,9 +6572,13 @@ class GitAuthHelper { yield this.configureToken(); }); } - configureGlobalAuth() { - var _a; + configureTempGlobalConfig(repositoryPath) { + var _a, _b; return __awaiter(this, void 0, void 0, function* () { + // Already setup global config + if (((_a = this.temporaryHomePath) === null || _a === void 0 ? void 0 : _a.length) > 0) { + return path.join(this.temporaryHomePath, '.gitconfig'); + } // Create a temp home directory const runnerTemp = process.env['RUNNER_TEMP'] || ''; assert.ok(runnerTemp, 'RUNNER_TEMP is not defined'); @@ -6590,7 +6594,7 @@ class GitAuthHelper { configExists = true; } catch (err) { - if (((_a = err) === null || _a === void 0 ? void 0 : _a.code) !== 'ENOENT') { + if (((_b = err) === null || _b === void 0 ? void 0 : _b.code) !== 'ENOENT') { throw err; } } @@ -6601,10 +6605,25 @@ class GitAuthHelper { else { yield fs.promises.writeFile(newGitConfigPath, ''); } + // Override HOME +`Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes`); + this.git.setEnvironmentVariable('HOME', this.temporaryHomePath); + // Setup the workspace as a safe directory, so if we pass this into a container job with a different user it doesn't fail + // Otherwise all git commands we run in a container fail +`Adding working directory to the temporary git global config as a safe directory`); + yield this.git + .config('', repositoryPath !== null && repositoryPath !== void 0 ? repositoryPath : this.settings.repositoryPath, true, true) + .catch(error => { +`Failed to initialize safe directory with error: ${error}`); + }); + return newGitConfigPath; + }); + } + configureGlobalAuth() { + return __awaiter(this, void 0, void 0, function* () { + // 'configureTempGlobalConfig' noops if already set, just returns the path + const newGitConfigPath = yield this.configureTempGlobalConfig(); try { - // Override HOME -`Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes`); - this.git.setEnvironmentVariable('HOME', this.temporaryHomePath); // Configure the token yield this.configureToken(newGitConfigPath, true); // Configure HTTPS instead of SSH @@ -6657,11 +6676,14 @@ class GitAuthHelper { yield this.removeToken(); }); } - removeGlobalAuth() { + removeGlobalConfig() { + var _a; return __awaiter(this, void 0, void 0, function* () { - core.debug(`Unsetting HOME override`); - this.git.removeEnvironmentVariable('HOME'); - yield io.rmRF(this.temporaryHomePath); + if (((_a = this.temporaryHomePath) === null || _a === void 0 ? void 0 : _a.length) > 0) { + core.debug(`Unsetting HOME override`); + this.git.removeEnvironmentVariable('HOME'); + yield io.rmRF(this.temporaryHomePath); + } }); } configureSsh() { @@ -7326,40 +7348,48 @@ function getSource(settings) { core.startGroup('Getting Git version info'); const git = yield getGitCommandManager(settings); core.endGroup(); - // Prepare existing directory, otherwise recreate - if (isExisting) { - yield gitDirectoryHelper.prepareExistingDirectory(git, settings.repositoryPath, repositoryUrl, settings.clean, settings.ref); - } - if (!git) { - // Downloading using REST API -`The repository will be downloaded using the GitHub REST API`); -`To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH`); - if (settings.submodules) { - throw new Error(`Input 'submodules' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`); - } - else if (settings.sshKey) { - throw new Error(`Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`); - } - yield githubApiHelper.downloadRepository(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.repositoryPath); - return; - } - // Save state for POST action - stateHelper.setRepositoryPath(settings.repositoryPath); - // Initialize the repository - if (!fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git'))) { - core.startGroup('Initializing the repository'); - yield git.init(); - yield git.remoteAdd('origin', repositoryUrl); - core.endGroup(); - } - // Disable automatic garbage collection - core.startGroup('Disabling automatic garbage collection'); - if (!(yield git.tryDisableAutomaticGarbageCollection())) { - core.warning(`Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.`); - } - core.endGroup(); - const authHelper = gitAuthHelper.createAuthHelper(git, settings); + let authHelper = null; try { + if (git) { + authHelper = gitAuthHelper.createAuthHelper(git, settings); + yield authHelper.configureTempGlobalConfig(); + } + // Prepare existing directory, otherwise recreate + if (isExisting) { + yield gitDirectoryHelper.prepareExistingDirectory(git, settings.repositoryPath, repositoryUrl, settings.clean, settings.ref); + } + if (!git) { + // Downloading using REST API +`The repository will be downloaded using the GitHub REST API`); +`To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH`); + if (settings.submodules) { + throw new Error(`Input 'submodules' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`); + } + else if (settings.sshKey) { + throw new Error(`Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`); + } + yield githubApiHelper.downloadRepository(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.repositoryPath); + return; + } + // Save state for POST action + stateHelper.setRepositoryPath(settings.repositoryPath); + // Initialize the repository + if (!fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git'))) { + core.startGroup('Initializing the repository'); + yield git.init(); + yield git.remoteAdd('origin', repositoryUrl); + core.endGroup(); + } + // Disable automatic garbage collection + core.startGroup('Disabling automatic garbage collection'); + if (!(yield git.tryDisableAutomaticGarbageCollection())) { + core.warning(`Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.`); + } + core.endGroup(); + // If we didn't initialize it above, do it now + if (!authHelper) { + authHelper = gitAuthHelper.createAuthHelper(git, settings); + } // Configure auth core.startGroup('Setting up auth'); yield authHelper.configureAuth(); @@ -7415,27 +7445,21 @@ function getSource(settings) { core.endGroup(); // Submodules if (settings.submodules) { - try { - // Temporarily override global config - core.startGroup('Setting up auth for fetching submodules'); - yield authHelper.configureGlobalAuth(); + // Temporarily override global config + core.startGroup('Setting up auth for fetching submodules'); + yield authHelper.configureGlobalAuth(); + core.endGroup(); + // Checkout submodules + core.startGroup('Fetching submodules'); + yield git.submoduleSync(settings.nestedSubmodules); + yield git.submoduleUpdate(settings.fetchDepth, settings.nestedSubmodules); + yield git.submoduleForeach('git config --local 0', settings.nestedSubmodules); + core.endGroup(); + // Persist credentials + if (settings.persistCredentials) { + core.startGroup('Persisting credentials for submodules'); + yield authHelper.configureSubmoduleAuth(); core.endGroup(); - // Checkout submodules - core.startGroup('Fetching submodules'); - yield git.submoduleSync(settings.nestedSubmodules); - yield git.submoduleUpdate(settings.fetchDepth, settings.nestedSubmodules); - yield git.submoduleForeach('git config --local 0', settings.nestedSubmodules); - core.endGroup(); - // Persist credentials - if (settings.persistCredentials) { - core.startGroup('Persisting credentials for submodules'); - yield authHelper.configureSubmoduleAuth(); - core.endGroup(); - } - } - finally { - // Remove temporary global config override - yield authHelper.removeGlobalAuth(); } } // Get commit information @@ -7447,10 +7471,13 @@ function getSource(settings) { } finally { // Remove auth - if (!settings.persistCredentials) { - core.startGroup('Removing auth'); - yield authHelper.removeAuth(); - core.endGroup(); + if (authHelper) { + if (!settings.persistCredentials) { + core.startGroup('Removing auth'); + yield authHelper.removeAuth(); + core.endGroup(); + } + authHelper.removeGlobalConfig(); } } }); @@ -7472,7 +7499,13 @@ function cleanup(repositoryPath) { } // Remove auth const authHelper = gitAuthHelper.createAuthHelper(git); - yield authHelper.removeAuth(); + try { + yield authHelper.configureTempGlobalConfig(repositoryPath); + yield authHelper.removeAuth(); + } + finally { + yield authHelper.removeGlobalConfig(); + } }); } exports.cleanup = cleanup; diff --git a/src/git-auth-helper.ts b/src/git-auth-helper.ts index 233b3e6..385142a 100644 --- a/src/git-auth-helper.ts +++ b/src/git-auth-helper.ts @@ -19,8 +19,9 @@ export interface IGitAuthHelper { configureAuth(): Promise configureGlobalAuth(): Promise configureSubmoduleAuth(): Promise + configureTempGlobalConfig(repositoryPath?: string): Promise removeAuth(): Promise - removeGlobalAuth(): Promise + removeGlobalConfig(): Promise } export function createAuthHelper( @@ -80,7 +81,11 @@ class GitAuthHelper { await this.configureToken() } - async configureGlobalAuth(): Promise { + async configureTempGlobalConfig(repositoryPath?: string): Promise { + // Already setup global config + if (this.temporaryHomePath?.length > 0) { + return path.join(this.temporaryHomePath, '.gitconfig') + } // Create a temp home directory const runnerTemp = process.env['RUNNER_TEMP'] || '' assert.ok(runnerTemp, 'RUNNER_TEMP is not defined') @@ -110,13 +115,34 @@ class GitAuthHelper { await fs.promises.writeFile(newGitConfigPath, '') } - try { - // Override HOME - - `Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes` - ) - this.git.setEnvironmentVariable('HOME', this.temporaryHomePath) + // Override HOME + + `Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes` + ) + this.git.setEnvironmentVariable('HOME', this.temporaryHomePath) + // Setup the workspace as a safe directory, so if we pass this into a container job with a different user it doesn't fail + // Otherwise all git commands we run in a container fail + + `Adding working directory to the temporary git global config as a safe directory` + ) + await this.git + .config( + '', + repositoryPath ?? this.settings.repositoryPath, + true, + true + ) + .catch(error => { +`Failed to initialize safe directory with error: ${error}`) + }) + return newGitConfigPath + } + + async configureGlobalAuth(): Promise { + // 'configureTempGlobalConfig' noops if already set, just returns the path + const newGitConfigPath = await this.configureTempGlobalConfig() + try { // Configure the token await this.configureToken(newGitConfigPath, true) @@ -181,10 +207,12 @@ class GitAuthHelper { await this.removeToken() } - async removeGlobalAuth(): Promise { - core.debug(`Unsetting HOME override`) - this.git.removeEnvironmentVariable('HOME') - await io.rmRF(this.temporaryHomePath) + async removeGlobalConfig(): Promise { + if (this.temporaryHomePath?.length > 0) { + core.debug(`Unsetting HOME override`) + this.git.removeEnvironmentVariable('HOME') + await io.rmRF(this.temporaryHomePath) + } } private async configureSsh(): Promise { diff --git a/src/git-source-provider.ts b/src/git-source-provider.ts index 42a12e0..0913229 100644 --- a/src/git-source-provider.ts +++ b/src/git-source-provider.ts @@ -36,68 +36,77 @@ export async function getSource(settings: IGitSourceSettings): Promise { const git = await getGitCommandManager(settings) core.endGroup() - // Prepare existing directory, otherwise recreate - if (isExisting) { - await gitDirectoryHelper.prepareExistingDirectory( - git, - settings.repositoryPath, - repositoryUrl, - settings.clean, - settings.ref - ) - } + let authHelper: gitAuthHelper.IGitAuthHelper | null = null + try { + if (git) { + authHelper = gitAuthHelper.createAuthHelper(git, settings) + await authHelper.configureTempGlobalConfig() + } - if (!git) { - // Downloading using REST API -`The repository will be downloaded using the GitHub REST API`) - - `To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH` - ) - if (settings.submodules) { - throw new Error( - `Input 'submodules' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.` - ) - } else if (settings.sshKey) { - throw new Error( - `Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.` + // Prepare existing directory, otherwise recreate + if (isExisting) { + await gitDirectoryHelper.prepareExistingDirectory( + git, + settings.repositoryPath, + repositoryUrl, + settings.clean, + settings.ref ) } - await githubApiHelper.downloadRepository( - settings.authToken, - settings.repositoryOwner, - settings.repositoryName, - settings.ref, - settings.commit, - settings.repositoryPath - ) - return - } + if (!git) { + // Downloading using REST API +`The repository will be downloaded using the GitHub REST API`) + + `To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH` + ) + if (settings.submodules) { + throw new Error( + `Input 'submodules' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.` + ) + } else if (settings.sshKey) { + throw new Error( + `Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.` + ) + } - // Save state for POST action - stateHelper.setRepositoryPath(settings.repositoryPath) + await githubApiHelper.downloadRepository( + settings.authToken, + settings.repositoryOwner, + settings.repositoryName, + settings.ref, + settings.commit, + settings.repositoryPath + ) + return + } - // Initialize the repository - if ( - !fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git')) - ) { - core.startGroup('Initializing the repository') - await git.init() - await git.remoteAdd('origin', repositoryUrl) + // Save state for POST action + stateHelper.setRepositoryPath(settings.repositoryPath) + + // Initialize the repository + if ( + !fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git')) + ) { + core.startGroup('Initializing the repository') + await git.init() + await git.remoteAdd('origin', repositoryUrl) + core.endGroup() + } + + // Disable automatic garbage collection + core.startGroup('Disabling automatic garbage collection') + if (!(await git.tryDisableAutomaticGarbageCollection())) { + core.warning( + `Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.` + ) + } core.endGroup() - } - // Disable automatic garbage collection - core.startGroup('Disabling automatic garbage collection') - if (!(await git.tryDisableAutomaticGarbageCollection())) { - core.warning( - `Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.` - ) - } - core.endGroup() - - const authHelper = gitAuthHelper.createAuthHelper(git, settings) - try { + // If we didn't initialize it above, do it now + if (!authHelper) { + authHelper = gitAuthHelper.createAuthHelper(git, settings) + } // Configure auth core.startGroup('Setting up auth') await authHelper.configureAuth() @@ -170,34 +179,26 @@ export async function getSource(settings: IGitSourceSettings): Promise { // Submodules if (settings.submodules) { - try { - // Temporarily override global config - core.startGroup('Setting up auth for fetching submodules') - await authHelper.configureGlobalAuth() - core.endGroup() + // Temporarily override global config + core.startGroup('Setting up auth for fetching submodules') + await authHelper.configureGlobalAuth() + core.endGroup() - // Checkout submodules - core.startGroup('Fetching submodules') - await git.submoduleSync(settings.nestedSubmodules) - await git.submoduleUpdate( - settings.fetchDepth, - settings.nestedSubmodules - ) - await git.submoduleForeach( - 'git config --local 0', - settings.nestedSubmodules - ) - core.endGroup() + // Checkout submodules + core.startGroup('Fetching submodules') + await git.submoduleSync(settings.nestedSubmodules) + await git.submoduleUpdate(settings.fetchDepth, settings.nestedSubmodules) + await git.submoduleForeach( + 'git config --local 0', + settings.nestedSubmodules + ) + core.endGroup() - // Persist credentials - if (settings.persistCredentials) { - core.startGroup('Persisting credentials for submodules') - await authHelper.configureSubmoduleAuth() - core.endGroup() - } - } finally { - // Remove temporary global config override - await authHelper.removeGlobalAuth() + // Persist credentials + if (settings.persistCredentials) { + core.startGroup('Persisting credentials for submodules') + await authHelper.configureSubmoduleAuth() + core.endGroup() } } @@ -218,10 +219,13 @@ export async function getSource(settings: IGitSourceSettings): Promise { ) } finally { // Remove auth - if (!settings.persistCredentials) { - core.startGroup('Removing auth') - await authHelper.removeAuth() - core.endGroup() + if (authHelper) { + if (!settings.persistCredentials) { + core.startGroup('Removing auth') + await authHelper.removeAuth() + core.endGroup() + } + authHelper.removeGlobalConfig() } } } @@ -244,7 +248,12 @@ export async function cleanup(repositoryPath: string): Promise { // Remove auth const authHelper = gitAuthHelper.createAuthHelper(git) - await authHelper.removeAuth() + try { + await authHelper.configureTempGlobalConfig(repositoryPath) + await authHelper.removeAuth() + } finally { + await authHelper.removeGlobalConfig() + } } async function getGitCommandManager( From 0ffe6f9c5599e73776da5b7f113e994bc0a76ede Mon Sep 17 00:00:00 2001 From: Tingluo Huang Date: Wed, 20 Apr 2022 21:37:43 -0400 Subject: [PATCH 08/13] Add set-safe-directory input to allow customers to take control. (#770) * Add set-safe-directory input to allow customers to take control. --- .github/workflows/test.yml | 38 ++++++++++++++++++++++++ | 5 ++++ __test__/git-auth-helper.test.ts | 3 +- __test__/input-helper.test.ts | 1 + action.yml | 3 ++ dist/index.js | 51 ++++++++++++++++++++++++-------- src/git-auth-helper.ts | 19 ++---------- src/git-source-provider.ts | 35 ++++++++++++++++++++-- src/git-source-settings.ts | 5 ++++ src/input-helper.ts | 3 ++ src/state-helper.ts | 13 ++++++++ 11 files changed, 144 insertions(+), 32 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2fc85eb..0e77c57 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -205,3 +205,41 @@ jobs: path: basic - name: Verify basic run: __test__/ --archive + + test-git-container: + runs-on: ubuntu-latest + container: bitnami/git:latest + steps: + # Clone this repo + - name: Checkout + uses: actions/checkout@v3 + with: + path: v3 + + # Basic checkout using git + - name: Checkout basic + uses: ./v3 + with: + ref: test-data/v2/basic + - name: Verify basic + run: | + if [ ! -f "./basic-file.txt" ]; then + echo "Expected basic file does not exist" + exit 1 + fi + + # Verify .git folder + if [ ! -d "./.git" ]; then + echo "Expected ./.git folder to exist" + exit 1 + fi + + # Verify auth token + git config --global --add "*" + git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main + + # needed to make checkout post cleanup succeed + - name: Fix Checkout v3 + uses: actions/checkout@v3 + with: + path: v3 \ No newline at end of file diff --git a/ b/ index b185d46..7619c06 100644 --- a/ +++ b/ @@ -92,6 +92,11 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl # # Default: false submodules: '' + + # Add repository path as for Git global config by running `git + # config --global --add ` + # Default: true + set-safe-directory: '' ``` diff --git a/__test__/git-auth-helper.test.ts b/__test__/git-auth-helper.test.ts index 80ccbcb..a6731c2 100644 --- a/__test__/git-auth-helper.test.ts +++ b/__test__/git-auth-helper.test.ts @@ -777,7 +777,8 @@ async function setup(testName: string): Promise { sshKey: sshPath ? 'some ssh private key' : '', sshKnownHosts: '', sshStrict: true, - workflowOrganizationId: 123456 + workflowOrganizationId: 123456, + setSafeDirectory: true } } diff --git a/__test__/input-helper.test.ts b/__test__/input-helper.test.ts index a31b11c..1a8e5c9 100644 --- a/__test__/input-helper.test.ts +++ b/__test__/input-helper.test.ts @@ -85,6 +85,7 @@ describe('input-helper tests', () => { expect(settings.repositoryName).toBe('some-repo') expect(settings.repositoryOwner).toBe('some-owner') expect(settings.repositoryPath).toBe(gitHubWorkspace) + expect(settings.setSafeDirectory).toBe(true) }) it('qualifies ref', async () => { diff --git a/action.yml b/action.yml index 1bf8bea..96c535e 100644 --- a/action.yml +++ b/action.yml @@ -68,6 +68,9 @@ inputs: When the `ssh-key` input is not provided, SSH URLs beginning with `` are converted to HTTPS. default: false + set-safe-directory: + description: Add repository path as for Git global config by running `git config --global --add ` + default: true runs: using: node16 main: dist/index.js diff --git a/dist/index.js b/dist/index.js index c86f050..c7bc695 100644 --- a/dist/index.js +++ b/dist/index.js @@ -3592,7 +3592,7 @@ var __importStar = (this && this.__importStar) || function (mod) { return result; }; Object.defineProperty(exports, "__esModule", { value: true }); -exports.setSshKnownHostsPath = exports.setSshKeyPath = exports.setRepositoryPath = exports.SshKnownHostsPath = exports.SshKeyPath = exports.RepositoryPath = exports.IsPost = void 0; +exports.setSafeDirectory = exports.setSshKnownHostsPath = exports.setSshKeyPath = exports.setRepositoryPath = exports.SshKnownHostsPath = exports.SshKeyPath = exports.PostSetSafeDirectory = exports.RepositoryPath = exports.IsPost = void 0; const coreCommand = __importStar(__webpack_require__(431)); /** * Indicates whether the POST action is running @@ -3602,6 +3602,10 @@ exports.IsPost = !!process.env['STATE_isPost']; * The repository path for the POST action. The value is empty during the MAIN action. */ exports.RepositoryPath = process.env['STATE_repositoryPath'] || ''; +/** + * The set-safe-directory for the POST action. The value is set if input: 'safe-directory' is set during the MAIN action. + */ +exports.PostSetSafeDirectory = process.env['STATE_setSafeDirectory'] === 'true'; /** * The SSH key path for the POST action. The value is empty during the MAIN action. */ @@ -3631,6 +3635,13 @@ function setSshKnownHostsPath(sshKnownHostsPath) { coreCommand.issueCommand('save-state', { name: 'sshKnownHostsPath' }, sshKnownHostsPath); } exports.setSshKnownHostsPath = setSshKnownHostsPath; +/** + * Save the sef-safe-directory input so the POST action can retrieve the value. + */ +function setSafeDirectory() { + coreCommand.issueCommand('save-state', { name: 'setSafeDirectory' }, 'true'); +} +exports.setSafeDirectory = setSafeDirectory; // Publish a variable so that when the POST action runs, it can determine it should run the cleanup logic. // This is necessary since we don't have a separate entry point. if (!exports.IsPost) { @@ -6572,7 +6583,7 @@ class GitAuthHelper { yield this.configureToken(); }); } - configureTempGlobalConfig(repositoryPath) { + configureTempGlobalConfig() { var _a, _b; return __awaiter(this, void 0, void 0, function* () { // Already setup global config @@ -6608,14 +6619,6 @@ class GitAuthHelper { // Override HOME`Temporarily overriding HOME='${this.temporaryHomePath}' before making global git config changes`); this.git.setEnvironmentVariable('HOME', this.temporaryHomePath); - // Setup the workspace as a safe directory, so if we pass this into a container job with a different user it doesn't fail - // Otherwise all git commands we run in a container fail -`Adding working directory to the temporary git global config as a safe directory`); - yield this.git - .config('', repositoryPath !== null && repositoryPath !== void 0 ? repositoryPath : this.settings.repositoryPath, true, true) - .catch(error => { -`Failed to initialize safe directory with error: ${error}`); - }); return newGitConfigPath; }); } @@ -7352,7 +7355,18 @@ function getSource(settings) { try { if (git) { authHelper = gitAuthHelper.createAuthHelper(git, settings); - yield authHelper.configureTempGlobalConfig(); + if (settings.setSafeDirectory) { + // Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail + // Otherwise all git commands we run in a container fail + yield authHelper.configureTempGlobalConfig(); +`Adding repository directory to the temporary git global config as a safe directory`); + yield git + .config('', settings.repositoryPath, true, true) + .catch(error => { +`Failed to initialize safe directory with error: ${error}`); + }); + stateHelper.setSafeDirectory(); + } } // Prepare existing directory, otherwise recreate if (isExisting) { @@ -7500,7 +7514,17 @@ function cleanup(repositoryPath) { // Remove auth const authHelper = gitAuthHelper.createAuthHelper(git); try { - yield authHelper.configureTempGlobalConfig(repositoryPath); + if (stateHelper.PostSetSafeDirectory) { + // Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail + // Otherwise all git commands we run in a container fail + yield authHelper.configureTempGlobalConfig(); +`Adding repository directory to the temporary git global config as a safe directory`); + yield git + .config('', repositoryPath, true, true) + .catch(error => { +`Failed to initialize safe directory with error: ${error}`); + }); + } yield authHelper.removeAuth(); } finally { @@ -17303,6 +17327,9 @@ function getInputs() { (core.getInput('persist-credentials') || 'false').toUpperCase() === 'TRUE'; // Workflow organization ID result.workflowOrganizationId = yield workflowContextHelper.getOrganizationId(); + // Set in git global config. + result.setSafeDirectory = + (core.getInput('set-safe-directory') || 'true').toUpperCase() === 'TRUE'; return result; }); } diff --git a/src/git-auth-helper.ts b/src/git-auth-helper.ts index 385142a..8a1c7c3 100644 --- a/src/git-auth-helper.ts +++ b/src/git-auth-helper.ts @@ -19,7 +19,7 @@ export interface IGitAuthHelper { configureAuth(): Promise configureGlobalAuth(): Promise configureSubmoduleAuth(): Promise - configureTempGlobalConfig(repositoryPath?: string): Promise + configureTempGlobalConfig(): Promise removeAuth(): Promise removeGlobalConfig(): Promise } @@ -81,7 +81,7 @@ class GitAuthHelper { await this.configureToken() } - async configureTempGlobalConfig(repositoryPath?: string): Promise { + async configureTempGlobalConfig(): Promise { // Already setup global config if (this.temporaryHomePath?.length > 0) { return path.join(this.temporaryHomePath, '.gitconfig') @@ -121,21 +121,6 @@ class GitAuthHelper { ) this.git.setEnvironmentVariable('HOME', this.temporaryHomePath) - // Setup the workspace as a safe directory, so if we pass this into a container job with a different user it doesn't fail - // Otherwise all git commands we run in a container fail - - `Adding working directory to the temporary git global config as a safe directory` - ) - await this.git - .config( - '', - repositoryPath ?? this.settings.repositoryPath, - true, - true - ) - .catch(error => { -`Failed to initialize safe directory with error: ${error}`) - }) return newGitConfigPath } diff --git a/src/git-source-provider.ts b/src/git-source-provider.ts index 0913229..545a7a3 100644 --- a/src/git-source-provider.ts +++ b/src/git-source-provider.ts @@ -40,7 +40,24 @@ export async function getSource(settings: IGitSourceSettings): Promise { try { if (git) { authHelper = gitAuthHelper.createAuthHelper(git, settings) - await authHelper.configureTempGlobalConfig() + if (settings.setSafeDirectory) { + // Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail + // Otherwise all git commands we run in a container fail + await authHelper.configureTempGlobalConfig() + + `Adding repository directory to the temporary git global config as a safe directory` + ) + + await git + .config('', settings.repositoryPath, true, true) + .catch(error => { + + `Failed to initialize safe directory with error: ${error}` + ) + }) + + stateHelper.setSafeDirectory() + } } // Prepare existing directory, otherwise recreate @@ -249,7 +266,21 @@ export async function cleanup(repositoryPath: string): Promise { // Remove auth const authHelper = gitAuthHelper.createAuthHelper(git) try { - await authHelper.configureTempGlobalConfig(repositoryPath) + if (stateHelper.PostSetSafeDirectory) { + // Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail + // Otherwise all git commands we run in a container fail + await authHelper.configureTempGlobalConfig() + + `Adding repository directory to the temporary git global config as a safe directory` + ) + + await git + .config('', repositoryPath, true, true) + .catch(error => { +`Failed to initialize safe directory with error: ${error}`) + }) + } + await authHelper.removeAuth() } finally { await authHelper.removeGlobalConfig() diff --git a/src/git-source-settings.ts b/src/git-source-settings.ts index 19f4651..6fa3960 100644 --- a/src/git-source-settings.ts +++ b/src/git-source-settings.ts @@ -78,4 +78,9 @@ export interface IGitSourceSettings { * Organization ID for the currently running workflow (used for auth settings) */ workflowOrganizationId: number | undefined + + /** + * Indicates whether to add repositoryPath as in git global config + */ + setSafeDirectory: boolean } diff --git a/src/input-helper.ts b/src/input-helper.ts index 40e6de4..8c2f901 100644 --- a/src/input-helper.ts +++ b/src/input-helper.ts @@ -122,5 +122,8 @@ export async function getInputs(): Promise { // Workflow organization ID result.workflowOrganizationId = await workflowContextHelper.getOrganizationId() + // Set in git global config. + result.setSafeDirectory = + (core.getInput('set-safe-directory') || 'true').toUpperCase() === 'TRUE' return result } diff --git a/src/state-helper.ts b/src/state-helper.ts index 3c657b1..2db79f9 100644 --- a/src/state-helper.ts +++ b/src/state-helper.ts @@ -11,6 +11,12 @@ export const IsPost = !!process.env['STATE_isPost'] export const RepositoryPath = (process.env['STATE_repositoryPath'] as string) || '' +/** + * The set-safe-directory for the POST action. The value is set if input: 'safe-directory' is set during the MAIN action. + */ +export const PostSetSafeDirectory = + (process.env['STATE_setSafeDirectory'] as string) === 'true' + /** * The SSH key path for the POST action. The value is empty during the MAIN action. */ @@ -51,6 +57,13 @@ export function setSshKnownHostsPath(sshKnownHostsPath: string) { ) } +/** + * Save the sef-safe-directory input so the POST action can retrieve the value. + */ +export function setSafeDirectory() { + coreCommand.issueCommand('save-state', {name: 'setSafeDirectory'}, 'true') +} + // Publish a variable so that when the POST action runs, it can determine it should run the cleanup logic. // This is necessary since we don't have a separate entry point. if (!IsPost) { From 2541b1294d2704b0964813337f33b291d3f8596b Mon Sep 17 00:00:00 2001 From: Tingluo Huang Date: Thu, 21 Apr 2022 10:29:04 -0400 Subject: [PATCH 09/13] Prepare changelog for v3.0.2. (#777) --- | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ b/ index cc333cf..230623b 100644 --- a/ +++ b/ @@ -1,5 +1,8 @@ # Changelog +## v3.0.2 +- [Add input `set-safe-directory`]( + ## v3.0.1 - [Fixed an issue where checkout failed to run in container jobs due to the new git setting ``]( - [Bumped various npm package versions]( From e6d535c99c374d0c3f6d8cd8086a57b43c6c700a Mon Sep 17 00:00:00 2001 From: Peter Murray <> Date: Mon, 26 Sep 2022 17:34:52 +0100 Subject: [PATCH 10/13] Inject GitHub host to be able to clone from another GitHub instance (#922) * Adding the ability to specify the GitHub Server URL and allowing for it to differ from the Actions workflow host * Adding tests for injecting the GitHub URL * Addressing code review comments for PR #922 --- .gitignore | 3 +- | 6 ++ __test__/git-auth-helper.test.ts | 45 ++++++++++-- action.yml | 3 + dist/index.js | 114 +++++++++++++++++++++++-------- src/git-auth-helper.ts | 2 +- src/git-source-provider.ts | 9 ++- src/git-source-settings.ts | 5 ++ src/github-api-helper.ts | 20 +++--- src/input-helper.ts | 5 ++ src/octokit-provider.ts | 23 +++++++ src/ref-helper.ts | 18 ++--- src/url-helper.ts | 34 ++++++--- 13 files changed, 220 insertions(+), 67 deletions(-) create mode 100644 src/octokit-provider.ts diff --git a/.gitignore b/.gitignore index 8baa767..cd1f03c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ __test__/_temp _temp/ lib/ -node_modules/ \ No newline at end of file +node_modules/ +.vscode/ \ No newline at end of file diff --git a/ b/ index 7619c06..b85967d 100644 --- a/ +++ b/ @@ -97,6 +97,12 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl # config --global --add ` # Default: true set-safe-directory: '' + + # The base URL for the GitHub instance that you are trying to clone from, will use + # environment defaults to fetch from the same instance that the workflow is + # running from unless specified. Example URLs are or + # + github-server-url: '' ``` diff --git a/__test__/git-auth-helper.test.ts b/__test__/git-auth-helper.test.ts index a6731c2..2acec38 100644 --- a/__test__/git-auth-helper.test.ts +++ b/__test__/git-auth-helper.test.ts @@ -20,6 +20,7 @@ let tempHomedir: string let git: IGitCommandManager & {env: {[key: string]: string}} let settings: IGitSourceSettings let sshPath: string +let githubServerUrl: string describe('git-auth-helper tests', () => { beforeAll(async () => { @@ -67,11 +68,18 @@ describe('git-auth-helper tests', () => { } }) - const configureAuth_configuresAuthHeader = - 'configureAuth configures auth header' - it(configureAuth_configuresAuthHeader, async () => { + async function testAuthHeader( + testName: string, + serverUrl: string | undefined = undefined + ) { // Arrange - await setup(configureAuth_configuresAuthHeader) + let expectedServerUrl = '' + if (serverUrl) { + githubServerUrl = serverUrl + expectedServerUrl = githubServerUrl + } + + await setup(testName) expect(settings.authToken).toBeTruthy() // sanity check const authHelper = gitAuthHelper.createAuthHelper(git, settings) @@ -88,9 +96,33 @@ describe('git-auth-helper tests', () => { ).toString('base64') expect( configContent.indexOf( - `http. AUTHORIZATION: basic ${basicCredential}` + `http.${expectedServerUrl}/.extraheader AUTHORIZATION: basic ${basicCredential}` ) ).toBeGreaterThanOrEqual(0) + } + + const configureAuth_configuresAuthHeader = + 'configureAuth configures auth header' + it(configureAuth_configuresAuthHeader, async () => { + await testAuthHeader(configureAuth_configuresAuthHeader) + }) + + const configureAuth_AcceptsGitHubServerUrl = + 'inject as github server url' + it(configureAuth_AcceptsGitHubServerUrl, async () => { + await testAuthHeader( + configureAuth_AcceptsGitHubServerUrl, + '' + ) + }) + + const configureAuth_AcceptsGitHubServerUrlSetToGHEC = + 'inject as github server url' + it(configureAuth_AcceptsGitHubServerUrlSetToGHEC, async () => { + await testAuthHeader( + configureAuth_AcceptsGitHubServerUrl, + '' + ) }) const configureAuth_configuresAuthHeaderEvenWhenPersistCredentialsFalse = @@ -778,7 +810,8 @@ async function setup(testName: string): Promise { sshKnownHosts: '', sshStrict: true, workflowOrganizationId: 123456, - setSafeDirectory: true + setSafeDirectory: true, + githubServerUrl: githubServerUrl } } diff --git a/action.yml b/action.yml index 96c535e..cab09eb 100644 --- a/action.yml +++ b/action.yml @@ -71,6 +71,9 @@ inputs: set-safe-directory: description: Add repository path as for Git global config by running `git config --global --add ` default: true + github-server-url: + description: The base URL for the GitHub instance that you are trying to clone from, will use environment defaults to fetch from the same instance that the workflow is running from unless specified. Example URLs are or + required: false runs: using: node16 main: dist/index.js diff --git a/dist/index.js b/dist/index.js index c7bc695..d1ed5f9 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1935,13 +1935,13 @@ var __importStar = (this && this.__importStar) || function (mod) { return result; }; Object.defineProperty(exports, "__esModule", { value: true }); -exports.getServerUrl = exports.getFetchUrl = void 0; +exports.isGhes = exports.getServerApiUrl = exports.getServerUrl = exports.getFetchUrl = void 0; const assert = __importStar(__webpack_require__(357)); const url_1 = __webpack_require__(835); function getFetchUrl(settings) { assert.ok(settings.repositoryOwner, 'settings.repositoryOwner must be defined'); assert.ok(settings.repositoryName, 'settings.repositoryName must be defined'); - const serviceUrl = getServerUrl(); + const serviceUrl = getServerUrl(settings.githubServerUrl); const encodedOwner = encodeURIComponent(settings.repositoryOwner); const encodedName = encodeURIComponent(settings.repositoryName); if (settings.sshKey) { @@ -1951,13 +1951,27 @@ function getFetchUrl(settings) { return `${serviceUrl.origin}/${encodedOwner}/${encodedName}`; } exports.getFetchUrl = getFetchUrl; -function getServerUrl() { - // todo: remove GITHUB_URL after support for GHES Alpha is no longer needed - return new url_1.URL(process.env['GITHUB_SERVER_URL'] || - process.env['GITHUB_URL'] || - ''); +function getServerUrl(url) { + let urlValue = url && url.trim().length > 0 + ? url + : process.env['GITHUB_SERVER_URL'] || ''; + return new url_1.URL(urlValue); } exports.getServerUrl = getServerUrl; +function getServerApiUrl(url) { + let apiUrl = ''; + if (isGhes(url)) { + const serverUrl = getServerUrl(url); + apiUrl = new url_1.URL(`${serverUrl.origin}/api/v3`).toString(); + } + return apiUrl; +} +exports.getServerApiUrl = getServerApiUrl; +function isGhes(url) { + const ghUrl = getServerUrl(url); + return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM'; +} +exports.isGhes = isGhes; /***/ }), @@ -4066,6 +4080,51 @@ function authenticationPlugin(octokit, options) { } +/***/ }), + +/***/ 195: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" &&, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.getOctokit = exports.Octokit = void 0; +const github = __importStar(__webpack_require__(469)); +const url_helper_1 = __webpack_require__(81); +// Centralize all Octokit references by re-exporting +var rest_1 = __webpack_require__(0); +Object.defineProperty(exports, "Octokit", { enumerable: true, get: function () { return rest_1.Octokit; } }); +function getOctokit(authToken, opts) { + const options = { + baseUrl: (0, url_helper_1.getServerApiUrl)(opts.baseUrl) + }; + if (opts.userAgent) { + options.userAgent = opts.userAgent; + } + return new github.GitHub(authToken, options); +} +exports.getOctokit = getOctokit; + + /***/ }), /***/ 197: @@ -4279,9 +4338,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }; Object.defineProperty(exports, "__esModule", { value: true }); exports.checkCommitInfo = exports.testRef = exports.getRefSpec = exports.getRefSpecForAllHistory = exports.getCheckoutInfo = exports.tagsRefSpec = void 0; -const url_1 = __webpack_require__(835); const core = __importStar(__webpack_require__(470)); const github = __importStar(__webpack_require__(469)); +const octokit_provider_1 = __webpack_require__(195); +const url_helper_1 = __webpack_require__(81); exports.tagsRefSpec = '+refs/tags/*:refs/tags/*'; function getCheckoutInfo(git, ref, commit) { return __awaiter(this, void 0, void 0, function* () { @@ -4431,12 +4491,12 @@ function testRef(git, ref, commit) { }); } exports.testRef = testRef; -function checkCommitInfo(token, commitInfo, repositoryOwner, repositoryName, ref, commit) { +function checkCommitInfo(token, commitInfo, repositoryOwner, repositoryName, ref, commit, baseUrl) { var _a, _b; return __awaiter(this, void 0, void 0, function* () { try { // GHES? - if (isGhes()) { + if ((0, url_helper_1.isGhes)(baseUrl)) { return; } // Auth token? @@ -4481,7 +4541,8 @@ function checkCommitInfo(token, commitInfo, repositoryOwner, repositoryName, ref const actualHeadSha = match[1]; if (actualHeadSha !== expectedHeadSha) { core.debug(`Expected head sha ${expectedHeadSha}; actual head sha ${actualHeadSha}`); - const octokit = new github.GitHub(token, { + const octokit = (0, octokit_provider_1.getOctokit)(token, { + baseUrl: baseUrl, userAgent: `actions-checkout-tracepoint/1.0 (code=STALE_MERGE;owner=${repositoryOwner};repo=${repositoryName};pr=${fromPayload('number')};run_id=${process.env['GITHUB_RUN_ID']};expected_head_sha=${expectedHeadSha};actual_head_sha=${actualHeadSha})` }); yield octokit.repos.get({ owner: repositoryOwner, repo: repositoryName }); @@ -4507,10 +4568,6 @@ function select(obj, path) { const key = path.substr(0, i); return select(obj[key], path.substr(i + 1)); } -function isGhes() { - const ghUrl = new url_1.URL(process.env['GITHUB_SERVER_URL'] || ''); - return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM'; -} /***/ }), @@ -6561,7 +6618,7 @@ class GitAuthHelper { this.git = gitCommandManager; this.settings = gitSourceSettings || {}; // Token auth header - const serverUrl = urlHelper.getServerUrl(); + const serverUrl = urlHelper.getServerUrl(this.settings.githubServerUrl); this.tokenConfigKey = `http.${serverUrl.origin}/.extraheader`; // "origin" is SCHEME://HOSTNAME[:PORT] const basicCredential = Buffer.from(`x-access-token:${this.settings.authToken}`, 'utf8').toString('base64'); core.setSecret(basicCredential); @@ -7382,7 +7439,7 @@ function getSource(settings) { else if (settings.sshKey) { throw new Error(`Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`); } - yield githubApiHelper.downloadRepository(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.repositoryPath); + yield githubApiHelper.downloadRepository(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.repositoryPath, settings.githubServerUrl); return; } // Save state for POST action @@ -7415,7 +7472,7 @@ function getSource(settings) { settings.ref = yield git.getDefaultBranch(repositoryUrl); } else { - settings.ref = yield githubApiHelper.getDefaultBranch(settings.authToken, settings.repositoryOwner, settings.repositoryName); + settings.ref = yield githubApiHelper.getDefaultBranch(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.githubServerUrl); } core.endGroup(); } @@ -7481,7 +7538,7 @@ function getSource(settings) { // Log commit sha yield git.log1("--format='%H'"); // Check for incorrect pull request merge commit - yield refHelper.checkCommitInfo(settings.authToken, commitInfo, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit); + yield refHelper.checkCommitInfo(settings.authToken, commitInfo, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.githubServerUrl); } finally { // Remove auth @@ -10966,24 +11023,24 @@ exports.getDefaultBranch = exports.downloadRepository = void 0; const assert = __importStar(__webpack_require__(357)); const core = __importStar(__webpack_require__(470)); const fs = __importStar(__webpack_require__(747)); -const github = __importStar(__webpack_require__(469)); const io = __importStar(__webpack_require__(1)); const path = __importStar(__webpack_require__(622)); const retryHelper = __importStar(__webpack_require__(587)); const toolCache = __importStar(__webpack_require__(533)); const v4_1 = __importDefault(__webpack_require__(826)); +const octokit_provider_1 = __webpack_require__(195); const IS_WINDOWS = process.platform === 'win32'; -function downloadRepository(authToken, owner, repo, ref, commit, repositoryPath) { +function downloadRepository(authToken, owner, repo, ref, commit, repositoryPath, baseUrl) { return __awaiter(this, void 0, void 0, function* () { // Determine the default branch if (!ref && !commit) {'Determining the default branch'); - ref = yield getDefaultBranch(authToken, owner, repo); + ref = yield getDefaultBranch(authToken, owner, repo, baseUrl); } // Download the archive let archiveData = yield retryHelper.execute(() => __awaiter(this, void 0, void 0, function* () {'Downloading the archive'); - return yield downloadArchive(authToken, owner, repo, ref, commit); + return yield downloadArchive(authToken, owner, repo, ref, commit, baseUrl); })); // Write archive to disk'Writing archive to disk'); @@ -11027,12 +11084,12 @@ exports.downloadRepository = downloadRepository; /** * Looks up the default branch name */ -function getDefaultBranch(authToken, owner, repo) { +function getDefaultBranch(authToken, owner, repo, baseUrl) { return __awaiter(this, void 0, void 0, function* () { return yield retryHelper.execute(() => __awaiter(this, void 0, void 0, function* () { var _a;'Retrieving the default branch name'); - const octokit = new github.GitHub(authToken); + const octokit = (0, octokit_provider_1.getOctokit)(authToken, { baseUrl: baseUrl }); let result; try { // Get the default branch from the repo info @@ -11062,9 +11119,9 @@ function getDefaultBranch(authToken, owner, repo) { }); } exports.getDefaultBranch = getDefaultBranch; -function downloadArchive(authToken, owner, repo, ref, commit) { +function downloadArchive(authToken, owner, repo, ref, commit, baseUrl) { return __awaiter(this, void 0, void 0, function* () { - const octokit = new github.GitHub(authToken); + const octokit = (0, octokit_provider_1.getOctokit)(authToken, { baseUrl: baseUrl }); const params = { owner: owner, repo: repo, @@ -17330,6 +17387,9 @@ function getInputs() { // Set in git global config. result.setSafeDirectory = (core.getInput('set-safe-directory') || 'true').toUpperCase() === 'TRUE'; + // Determine the GitHub URL that the repository is being hosted from + result.githubServerUrl = core.getInput('github-server-url'); + core.debug(`GitHub Host URL = ${result.githubServerUrl}`); return result; }); } diff --git a/src/git-auth-helper.ts b/src/git-auth-helper.ts index 8a1c7c3..3c6db8e 100644 --- a/src/git-auth-helper.ts +++ b/src/git-auth-helper.ts @@ -52,7 +52,7 @@ class GitAuthHelper { this.settings = gitSourceSettings || (({} as unknown) as IGitSourceSettings) // Token auth header - const serverUrl = urlHelper.getServerUrl() + const serverUrl = urlHelper.getServerUrl(this.settings.githubServerUrl) this.tokenConfigKey = `http.${serverUrl.origin}/.extraheader` // "origin" is SCHEME://HOSTNAME[:PORT] const basicCredential = Buffer.from( `x-access-token:${this.settings.authToken}`, diff --git a/src/git-source-provider.ts b/src/git-source-provider.ts index 545a7a3..48f20da 100644 --- a/src/git-source-provider.ts +++ b/src/git-source-provider.ts @@ -93,7 +93,8 @@ export async function getSource(settings: IGitSourceSettings): Promise { settings.repositoryName, settings.ref, settings.commit, - settings.repositoryPath + settings.repositoryPath, + settings.githubServerUrl ) return } @@ -138,7 +139,8 @@ export async function getSource(settings: IGitSourceSettings): Promise { settings.ref = await githubApiHelper.getDefaultBranch( settings.authToken, settings.repositoryOwner, - settings.repositoryName + settings.repositoryName, + settings.githubServerUrl ) } core.endGroup() @@ -232,7 +234,8 @@ export async function getSource(settings: IGitSourceSettings): Promise { settings.repositoryOwner, settings.repositoryName, settings.ref, - settings.commit + settings.commit, + settings.githubServerUrl ) } finally { // Remove auth diff --git a/src/git-source-settings.ts b/src/git-source-settings.ts index 6fa3960..2da5622 100644 --- a/src/git-source-settings.ts +++ b/src/git-source-settings.ts @@ -83,4 +83,9 @@ export interface IGitSourceSettings { * Indicates whether to add repositoryPath as in git global config */ setSafeDirectory: boolean + + /** + * User override on the GitHub Server/Host URL that hosts the repository to be cloned + */ + githubServerUrl: string | undefined } diff --git a/src/github-api-helper.ts b/src/github-api-helper.ts index 45b979a..2124a86 100644 --- a/src/github-api-helper.ts +++ b/src/github-api-helper.ts @@ -1,13 +1,12 @@ import * as assert from 'assert' import * as core from '@actions/core' import * as fs from 'fs' -import * as github from '@actions/github' import * as io from '@actions/io' import * as path from 'path' import * as retryHelper from './retry-helper' import * as toolCache from '@actions/tool-cache' import {default as uuid} from 'uuid/v4' -import {Octokit} from '@octokit/rest' +import {getOctokit, Octokit} from './octokit-provider' const IS_WINDOWS = process.platform === 'win32' @@ -17,18 +16,19 @@ export async function downloadRepository( repo: string, ref: string, commit: string, - repositoryPath: string + repositoryPath: string, + baseUrl?: string ): Promise { // Determine the default branch if (!ref && !commit) {'Determining the default branch') - ref = await getDefaultBranch(authToken, owner, repo) + ref = await getDefaultBranch(authToken, owner, repo, baseUrl) } // Download the archive let archiveData = await retryHelper.execute(async () => {'Downloading the archive') - return await downloadArchive(authToken, owner, repo, ref, commit) + return await downloadArchive(authToken, owner, repo, ref, commit, baseUrl) }) // Write archive to disk @@ -79,11 +79,12 @@ export async function downloadRepository( export async function getDefaultBranch( authToken: string, owner: string, - repo: string + repo: string, + baseUrl?: string ): Promise { return await retryHelper.execute(async () => {'Retrieving the default branch name') - const octokit = new github.GitHub(authToken) + const octokit = getOctokit(authToken, {baseUrl: baseUrl}) let result: string try { // Get the default branch from the repo info @@ -121,9 +122,10 @@ async function downloadArchive( owner: string, repo: string, ref: string, - commit: string + commit: string, + baseUrl?: string ): Promise { - const octokit = new github.GitHub(authToken) + const octokit = getOctokit(authToken, {baseUrl: baseUrl}) const params: Octokit.ReposGetArchiveLinkParams = { owner: owner, repo: repo, diff --git a/src/input-helper.ts b/src/input-helper.ts index 8c2f901..237b06a 100644 --- a/src/input-helper.ts +++ b/src/input-helper.ts @@ -125,5 +125,10 @@ export async function getInputs(): Promise { // Set in git global config. result.setSafeDirectory = (core.getInput('set-safe-directory') || 'true').toUpperCase() === 'TRUE' + + // Determine the GitHub URL that the repository is being hosted from + result.githubServerUrl = core.getInput('github-server-url') + core.debug(`GitHub Host URL = ${result.githubServerUrl}`) + return result } diff --git a/src/octokit-provider.ts b/src/octokit-provider.ts new file mode 100644 index 0000000..4fb1285 --- /dev/null +++ b/src/octokit-provider.ts @@ -0,0 +1,23 @@ +import * as github from '@actions/github' +import {Octokit} from '@octokit/rest' +import {getServerApiUrl} from './url-helper' + +// Centralize all Octokit references by re-exporting +export {Octokit} from '@octokit/rest' + +export type OctokitOptions = { + baseUrl?: string + userAgent?: string +} + +export function getOctokit(authToken: string, opts: OctokitOptions) { + const options: Octokit.Options = { + baseUrl: getServerApiUrl(opts.baseUrl) + } + + if (opts.userAgent) { + options.userAgent = opts.userAgent + } + + return new github.GitHub(authToken, options) +} diff --git a/src/ref-helper.ts b/src/ref-helper.ts index 209f49d..ce875fc 100644 --- a/src/ref-helper.ts +++ b/src/ref-helper.ts @@ -1,7 +1,8 @@ -import {URL} from 'url' import {IGitCommandManager} from './git-command-manager' import * as core from '@actions/core' import * as github from '@actions/github' +import {getOctokit} from './octokit-provider' +import {isGhes} from './url-helper' export const tagsRefSpec = '+refs/tags/*:refs/tags/*' @@ -183,11 +184,12 @@ export async function checkCommitInfo( repositoryOwner: string, repositoryName: string, ref: string, - commit: string + commit: string, + baseUrl?: string ): Promise { try { // GHES? - if (isGhes()) { + if (isGhes(baseUrl)) { return } @@ -243,7 +245,8 @@ export async function checkCommitInfo( core.debug( `Expected head sha ${expectedHeadSha}; actual head sha ${actualHeadSha}` ) - const octokit = new github.GitHub(token, { + const octokit = getOctokit(token, { + baseUrl: baseUrl, userAgent: `actions-checkout-tracepoint/1.0 (code=STALE_MERGE;owner=${repositoryOwner};repo=${repositoryName};pr=${fromPayload( 'number' )};run_id=${ @@ -276,10 +279,3 @@ function select(obj: any, path: string): any { const key = path.substr(0, i) return select(obj[key], path.substr(i + 1)) } - -function isGhes(): boolean { - const ghUrl = new URL( - process.env['GITHUB_SERVER_URL'] || '' - ) - return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM' -} diff --git a/src/url-helper.ts b/src/url-helper.ts index 05f1cbd..6807b7f 100644 --- a/src/url-helper.ts +++ b/src/url-helper.ts @@ -1,6 +1,6 @@ import * as assert from 'assert' -import {IGitSourceSettings} from './git-source-settings' import {URL} from 'url' +import {IGitSourceSettings} from './git-source-settings' export function getFetchUrl(settings: IGitSourceSettings): string { assert.ok( @@ -8,7 +8,7 @@ export function getFetchUrl(settings: IGitSourceSettings): string { 'settings.repositoryOwner must be defined' ) assert.ok(settings.repositoryName, 'settings.repositoryName must be defined') - const serviceUrl = getServerUrl() + const serviceUrl = getServerUrl(settings.githubServerUrl) const encodedOwner = encodeURIComponent(settings.repositoryOwner) const encodedName = encodeURIComponent(settings.repositoryName) if (settings.sshKey) { @@ -19,11 +19,27 @@ export function getFetchUrl(settings: IGitSourceSettings): string { return `${serviceUrl.origin}/${encodedOwner}/${encodedName}` } -export function getServerUrl(): URL { - // todo: remove GITHUB_URL after support for GHES Alpha is no longer needed - return new URL( - process.env['GITHUB_SERVER_URL'] || - process.env['GITHUB_URL'] || - '' - ) +export function getServerUrl(url?: string): URL { + let urlValue = + url && url.trim().length > 0 + ? url + : process.env['GITHUB_SERVER_URL'] || '' + return new URL(urlValue) +} + +export function getServerApiUrl(url?: string): string { + let apiUrl = '' + + if (isGhes(url)) { + const serverUrl = getServerUrl(url) + apiUrl = new URL(`${serverUrl.origin}/api/v3`).toString() + } + + return apiUrl +} + +export function isGhes(url?: string): boolean { + const ghUrl = getServerUrl(url) + + return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM' } From 6a84743051be17cee477b0a26bd866b5dba996e4 Mon Sep 17 00:00:00 2001 From: Francesco Renzi Date: Mon, 3 Oct 2022 18:04:49 +0100 Subject: [PATCH 11/13] Bump @actions/core to 1.10.0 (#939) * Bump @actions/core to 1.10.0 * Update licenses * Use @actions/core helper functions --- .licenses/npm/@actions/core.dep.yml | 6 +- ...ient.dep.yml => http-client-1.0.8.dep.yml} | 0 .../npm/@actions/http-client-2.0.1.dep.yml | 32 + .../npm/{uuid.dep.yml => uuid-3.3.3.dep.yml} | 0 .licenses/npm/uuid-8.3.2.dep.yml | 20 + dist/index.js | 2932 ++++++++++++++--- package-lock.json | 25 +- package.json | 2 +- src/state-helper.ts | 33 +- 9 files changed, 2562 insertions(+), 488 deletions(-) rename .licenses/npm/@actions/{http-client.dep.yml => http-client-1.0.8.dep.yml} (100%) create mode 100644 .licenses/npm/@actions/http-client-2.0.1.dep.yml rename .licenses/npm/{uuid.dep.yml => uuid-3.3.3.dep.yml} (100%) create mode 100644 .licenses/npm/uuid-8.3.2.dep.yml diff --git a/.licenses/npm/@actions/core.dep.yml b/.licenses/npm/@actions/core.dep.yml index bb443e5..a2682b8 100644 --- a/.licenses/npm/@actions/core.dep.yml +++ b/.licenses/npm/@actions/core.dep.yml @@ -1,9 +1,9 @@ --- name: "@actions/core" -version: 1.2.6 +version: 1.10.0 type: npm -summary: -homepage: +summary: Actions core lib +homepage: license: mit licenses: - sources: diff --git a/.licenses/npm/@actions/http-client.dep.yml b/.licenses/npm/@actions/http-client-1.0.8.dep.yml similarity index 100% rename from .licenses/npm/@actions/http-client.dep.yml rename to .licenses/npm/@actions/http-client-1.0.8.dep.yml diff --git a/.licenses/npm/@actions/http-client-2.0.1.dep.yml b/.licenses/npm/@actions/http-client-2.0.1.dep.yml new file mode 100644 index 0000000..5c60ad3 --- /dev/null +++ b/.licenses/npm/@actions/http-client-2.0.1.dep.yml @@ -0,0 +1,32 @@ +--- +name: "@actions/http-client" +version: 2.0.1 +type: npm +summary: Actions Http Client +homepage: +license: mit +licenses: +- sources: LICENSE + text: | + Actions Http Client for Node.js + + Copyright (c) GitHub, Inc. + + All rights reserved. + + MIT License + + Permission is hereby granted, free of charge, to any person obtaining a copy of this software and + associated documentation files (the "Software"), to deal in the Software without restriction, + including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, + and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, + subject to the following conditions: + + The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +notices: [] diff --git a/.licenses/npm/uuid.dep.yml b/.licenses/npm/uuid-3.3.3.dep.yml similarity index 100% rename from .licenses/npm/uuid.dep.yml rename to .licenses/npm/uuid-3.3.3.dep.yml diff --git a/.licenses/npm/uuid-8.3.2.dep.yml b/.licenses/npm/uuid-8.3.2.dep.yml new file mode 100644 index 0000000..bf84da0 --- /dev/null +++ b/.licenses/npm/uuid-8.3.2.dep.yml @@ -0,0 +1,20 @@ +--- +name: uuid +version: 8.3.2 +type: npm +summary: RFC4122 (v1, v4, and v5) UUIDs +homepage: +license: mit +licenses: +- sources: + text: | + The MIT License (MIT) + + Copyright (c) 2010-2020 Robert Kieffer and other contributors + + Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +notices: [] diff --git a/dist/index.js b/dist/index.js index d1ed5f9..63072b8 100644 --- a/dist/index.js +++ b/dist/index.js @@ -543,6 +543,21 @@ var eos = function(stream, opts, callback) { module.exports = eos; +/***/ }), + +/***/ 4: +/***/ (function(__unusedmodule, exports) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; +var _default = '00000000-0000-0000-0000-000000000000'; +exports.default = _default; + /***/ }), /***/ 9: @@ -1295,6 +1310,92 @@ module.exports._parse = parse; module.exports._enoent = enoent; +/***/ }), + +/***/ 25: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +Object.defineProperty(exports, "v1", { + enumerable: true, + get: function () { + return _v.default; + } +}); +Object.defineProperty(exports, "v3", { + enumerable: true, + get: function () { + return _v2.default; + } +}); +Object.defineProperty(exports, "v4", { + enumerable: true, + get: function () { + return _v3.default; + } +}); +Object.defineProperty(exports, "v5", { + enumerable: true, + get: function () { + return _v4.default; + } +}); +Object.defineProperty(exports, "NIL", { + enumerable: true, + get: function () { + return _nil.default; + } +}); +Object.defineProperty(exports, "version", { + enumerable: true, + get: function () { + return _version.default; + } +}); +Object.defineProperty(exports, "validate", { + enumerable: true, + get: function () { + return _validate.default; + } +}); +Object.defineProperty(exports, "stringify", { + enumerable: true, + get: function () { + return _stringify.default; + } +}); +Object.defineProperty(exports, "parse", { + enumerable: true, + get: function () { + return _parse.default; + } +}); + +var _v = _interopRequireDefault(__webpack_require__(810)); + +var _v2 = _interopRequireDefault(__webpack_require__(572)); + +var _v3 = _interopRequireDefault(__webpack_require__(293)); + +var _v4 = _interopRequireDefault(__webpack_require__(638)); + +var _nil = _interopRequireDefault(__webpack_require__(4)); + +var _version = _interopRequireDefault(__webpack_require__(135)); + +var _validate = _interopRequireDefault(__webpack_require__(634)); + +var _stringify = _interopRequireDefault(__webpack_require__(960)); + +var _parse = _interopRequireDefault(__webpack_require__(204)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + /***/ }), /***/ 26: @@ -1784,13 +1885,6 @@ function getLastPage (octokit, link, headers) { } -/***/ }), - -/***/ 34: -/***/ (function(module) { - -module.exports = require("https"); - /***/ }), /***/ 39: @@ -1889,6 +1983,63 @@ const windowsRelease = release => { module.exports = windowsRelease; +/***/ }), + +/***/ 68: +/***/ (function(__unusedmodule, exports) { + +"use strict"; + + +Object.defineProperty(exports, '__esModule', { value: true }); + +async function auth(token) { + const tokenType = token.split(/\./).length === 3 ? "app" : /^v\d+\./.test(token) ? "installation" : "oauth"; + return { + type: "token", + token: token, + tokenType + }; +} + +/** + * Prefix token for usage in the Authorization header + * + * @param token OAuth token or JSON Web Token + */ +function withAuthorizationPrefix(token) { + if (token.split(/\./).length === 3) { + return `bearer ${token}`; + } + + return `token ${token}`; +} + +async function hook(token, request, route, parameters) { + const endpoint = request.endpoint.merge(route, parameters); + endpoint.headers.authorization = withAuthorizationPrefix(token); + return request(endpoint); +} + +const createTokenAuth = function createTokenAuth(token) { + if (!token) { + throw new Error("[@octokit/auth-token] No token passed to createTokenAuth"); + } + + if (typeof token !== "string") { + throw new Error("[@octokit/auth-token] Token passed to createTokenAuth is not a string"); + } + + token = token.replace(/^(token|bearer) +/i, ""); + return Object.assign(auth.bind(null, token), { + hook: hook.bind(null, token) + }); +}; + +exports.createTokenAuth = createTokenAuth; +//# + + /***/ }), /***/ 70: @@ -1984,6 +2135,7 @@ exports.isGhes = isGhes; // We use any as a valid input type /* eslint-disable @typescript-eslint/no-explicit-any */ Object.defineProperty(exports, "__esModule", { value: true }); +exports.toCommandProperties = exports.toCommandValue = void 0; /** * Sanitizes an input into a string so it can be passed into issueCommand safely * @param input input to sanitize into a string @@ -1998,6 +2150,26 @@ function toCommandValue(input) { return JSON.stringify(input); } exports.toCommandValue = toCommandValue; +/** + * + * @param annotationProperties + * @returns The command properties to send with the actual annotation command + * See IssueCommandProperties: + */ +function toCommandProperties(annotationProperties) { + if (!Object.keys(annotationProperties).length) { + return {}; + } + return { + title: annotationProperties.title, + file: annotationProperties.file, + line: annotationProperties.startLine, + endLine: annotationProperties.endLine, + col: annotationProperties.startColumn, + endColumn: annotationProperties.endColumn + }; +} +exports.toCommandProperties = toCommandProperties; //# /***/ }), @@ -2009,26 +2181,108 @@ module.exports = require("os"); /***/ }), +/***/ 95: +/***/ (function(__unusedmodule, exports) { + +"use strict"; + +Object.defineProperty(exports, "__esModule", { value: true }); +exports.checkBypass = exports.getProxyUrl = void 0; +function getProxyUrl(reqUrl) { + const usingSsl = reqUrl.protocol === 'https:'; + if (checkBypass(reqUrl)) { + return undefined; + } + const proxyVar = (() => { + if (usingSsl) { + return process.env['https_proxy'] || process.env['HTTPS_PROXY']; + } + else { + return process.env['http_proxy'] || process.env['HTTP_PROXY']; + } + })(); + if (proxyVar) { + return new URL(proxyVar); + } + else { + return undefined; + } +} +exports.getProxyUrl = getProxyUrl; +function checkBypass(reqUrl) { + if (!reqUrl.hostname) { + return false; + } + const noProxy = process.env['no_proxy'] || process.env['NO_PROXY'] || ''; + if (!noProxy) { + return false; + } + // Determine the request port + let reqPort; + if (reqUrl.port) { + reqPort = Number(reqUrl.port); + } + else if (reqUrl.protocol === 'http:') { + reqPort = 80; + } + else if (reqUrl.protocol === 'https:') { + reqPort = 443; + } + // Format the request hostname and hostname with port + const upperReqHosts = [reqUrl.hostname.toUpperCase()]; + if (typeof reqPort === 'number') { + upperReqHosts.push(`${upperReqHosts[0]}:${reqPort}`); + } + // Compare request host against noproxy + for (const upperNoProxyItem of noProxy + .split(',') + .map(x => x.trim().toUpperCase()) + .filter(x => x)) { + if (upperReqHosts.some(x => x === upperNoProxyItem)) { + return true; + } + } + return false; +} +exports.checkBypass = checkBypass; +//# + +/***/ }), + /***/ 102: /***/ (function(__unusedmodule, exports, __webpack_require__) { "use strict"; // For internal use, subject to change. +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; - if (mod != null) for (var k in mod) if (, k)) result[k] = mod[k]; - result["default"] = mod; + if (mod != null) for (var k in mod) if (k !== "default" &&, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); return result; }; Object.defineProperty(exports, "__esModule", { value: true }); +exports.prepareKeyValueMessage = exports.issueFileCommand = void 0; // We use any as a valid input type /* eslint-disable @typescript-eslint/no-explicit-any */ const fs = __importStar(__webpack_require__(747)); const os = __importStar(__webpack_require__(87)); +const uuid_1 = __webpack_require__(25); const utils_1 = __webpack_require__(82); -function issueCommand(command, message) { +function issueFileCommand(command, message) { const filePath = process.env[`GITHUB_${command}`]; if (!filePath) { throw new Error(`Unable to find environment variable for file command ${command}`); @@ -2040,7 +2294,22 @@ function issueCommand(command, message) { encoding: 'utf8' }); } -exports.issueCommand = issueCommand; +exports.issueFileCommand = issueFileCommand; +function prepareKeyValueMessage(key, value) { + const delimiter = `ghadelimiter_${uuid_1.v4()}`; + const convertedValue = utils_1.toCommandValue(value); + // These should realistically never happen, but just in case someone finds a + // way to exploit uuid generation let's not allow keys or values that contain + // the delimiter. + if (key.includes(delimiter)) { + throw new Error(`Unexpected input: name should not contain the delimiter "${delimiter}"`); + } + if (convertedValue.includes(delimiter)) { + throw new Error(`Unexpected input: value should not contain the delimiter "${delimiter}"`); + } + return `${key}<<${delimiter}${os.EOL}${convertedValue}${os.EOL}${delimiter}`; +} +exports.prepareKeyValueMessage = prepareKeyValueMessage; //# /***/ }), @@ -2995,6 +3264,119 @@ module.exports = require("child_process"); /***/ }), +/***/ 135: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; + +var _validate = _interopRequireDefault(__webpack_require__(634)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function version(uuid) { + if (!(0, _validate.default)(uuid)) { + throw TypeError('Invalid UUID'); + } + + return parseInt(uuid.substr(14, 1), 16); +} + +var _default = version; +exports.default = _default; + +/***/ }), + +/***/ 136: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = _default; +exports.URL = exports.DNS = void 0; + +var _stringify = _interopRequireDefault(__webpack_require__(960)); + +var _parse = _interopRequireDefault(__webpack_require__(204)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function stringToBytes(str) { + str = unescape(encodeURIComponent(str)); // UTF8 escape + + const bytes = []; + + for (let i = 0; i < str.length; ++i) { + bytes.push(str.charCodeAt(i)); + } + + return bytes; +} + +const DNS = '6ba7b810-9dad-11d1-80b4-00c04fd430c8'; +exports.DNS = DNS; +const URL = '6ba7b811-9dad-11d1-80b4-00c04fd430c8'; +exports.URL = URL; + +function _default(name, version, hashfunc) { + function generateUUID(value, namespace, buf, offset) { + if (typeof value === 'string') { + value = stringToBytes(value); + } + + if (typeof namespace === 'string') { + namespace = (0, _parse.default)(namespace); + } + + if (namespace.length !== 16) { + throw TypeError('Namespace must be array-like (16 iterable integer values, 0-255)'); + } // Compute hash of namespace and value, Per 4.3 + // Future: Use spread syntax when supported on all platforms, e.g. `bytes = + // hashfunc([...namespace, ... value])` + + + let bytes = new Uint8Array(16 + value.length); + bytes.set(namespace); + bytes.set(value, namespace.length); + bytes = hashfunc(bytes); + bytes[6] = bytes[6] & 0x0f | version; + bytes[8] = bytes[8] & 0x3f | 0x80; + + if (buf) { + offset = offset || 0; + + for (let i = 0; i < 16; ++i) { + buf[offset + i] = bytes[i]; + } + + return buf; + } + + return (0, _stringify.default)(bytes); + } // Function#name is not settable on some platforms (#270) + + + try { + = name; // eslint-disable-next-line no-empty + } catch (err) {} // For CommonJS default export support + + + generateUUID.DNS = DNS; + generateUUID.URL = URL; + return generateUUID; +} + +/***/ }), + /***/ 139: /***/ (function(module, __unusedexports, __webpack_require__) { @@ -3019,7 +3401,7 @@ module.exports = function nodeRNG() { var net = __webpack_require__(631); var tls = __webpack_require__(16); var http = __webpack_require__(605); -var https = __webpack_require__(34); +var https = __webpack_require__(211); var events = __webpack_require__(614); var assert = __webpack_require__(357); var util = __webpack_require__(669); @@ -3607,59 +3989,59 @@ var __importStar = (this && this.__importStar) || function (mod) { }; Object.defineProperty(exports, "__esModule", { value: true }); exports.setSafeDirectory = exports.setSshKnownHostsPath = exports.setSshKeyPath = exports.setRepositoryPath = exports.SshKnownHostsPath = exports.SshKeyPath = exports.PostSetSafeDirectory = exports.RepositoryPath = exports.IsPost = void 0; -const coreCommand = __importStar(__webpack_require__(431)); +const core = __importStar(__webpack_require__(470)); /** * Indicates whether the POST action is running */ -exports.IsPost = !!process.env['STATE_isPost']; +exports.IsPost = !!core.getState('isPost'); /** * The repository path for the POST action. The value is empty during the MAIN action. */ -exports.RepositoryPath = process.env['STATE_repositoryPath'] || ''; +exports.RepositoryPath = core.getState('repositoryPath'); /** * The set-safe-directory for the POST action. The value is set if input: 'safe-directory' is set during the MAIN action. */ -exports.PostSetSafeDirectory = process.env['STATE_setSafeDirectory'] === 'true'; +exports.PostSetSafeDirectory = core.getState('setSafeDirectory') === 'true'; /** * The SSH key path for the POST action. The value is empty during the MAIN action. */ -exports.SshKeyPath = process.env['STATE_sshKeyPath'] || ''; +exports.SshKeyPath = core.getState('sshKeyPath'); /** * The SSH known hosts path for the POST action. The value is empty during the MAIN action. */ -exports.SshKnownHostsPath = process.env['STATE_sshKnownHostsPath'] || ''; +exports.SshKnownHostsPath = core.getState('sshKnownHostsPath'); /** * Save the repository path so the POST action can retrieve the value. */ function setRepositoryPath(repositoryPath) { - coreCommand.issueCommand('save-state', { name: 'repositoryPath' }, repositoryPath); + core.saveState('repositoryPath', repositoryPath); } exports.setRepositoryPath = setRepositoryPath; /** * Save the SSH key path so the POST action can retrieve the value. */ function setSshKeyPath(sshKeyPath) { - coreCommand.issueCommand('save-state', { name: 'sshKeyPath' }, sshKeyPath); + core.saveState('sshKeyPath', sshKeyPath); } exports.setSshKeyPath = setSshKeyPath; /** * Save the SSH known hosts path so the POST action can retrieve the value. */ function setSshKnownHostsPath(sshKnownHostsPath) { - coreCommand.issueCommand('save-state', { name: 'sshKnownHostsPath' }, sshKnownHostsPath); + core.saveState('sshKnownHostsPath', sshKnownHostsPath); } exports.setSshKnownHostsPath = setSshKnownHostsPath; /** * Save the sef-safe-directory input so the POST action can retrieve the value. */ function setSafeDirectory() { - coreCommand.issueCommand('save-state', { name: 'setSafeDirectory' }, 'true'); + core.saveState('setSafeDirectory', 'true'); } exports.setSafeDirectory = setSafeDirectory; // Publish a variable so that when the POST action runs, it can determine it should run the cleanup logic. // This is necessary since we don't have a separate entry point. if (!exports.IsPost) { - coreCommand.issueCommand('save-state', { name: 'isPost' }, 'true'); + core.saveState('isPost', 'true'); } @@ -3736,7 +4118,7 @@ module.exports =, Object.prototype.hasOwnProperty); var net = __webpack_require__(631); var tls = __webpack_require__(16); var http = __webpack_require__(605); -var https = __webpack_require__(34); +var https = __webpack_require__(211); var events = __webpack_require__(614); var assert = __webpack_require__(357); var util = __webpack_require__(669); @@ -4004,7 +4386,7 @@ exports.debug = debug; // for test module.exports = authenticationPlugin; -const { createTokenAuth } = __webpack_require__(813); +const { createTokenAuth } = __webpack_require__(68); const { Deprecation } = __webpack_require__(692); const once = __webpack_require__(969); @@ -4211,7 +4593,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge Object.defineProperty(exports, "__esModule", { value: true }); const core = __importStar(__webpack_require__(470)); const coreCommand = __importStar(__webpack_require__(431)); -const gitSourceProvider = __importStar(__webpack_require__(293)); +const gitSourceProvider = __importStar(__webpack_require__(853)); const inputHelper = __importStar(__webpack_require__(821)); const path = __importStar(__webpack_require__(622)); const stateHelper = __importStar(__webpack_require__(153)); @@ -4259,33 +4641,62 @@ else { /***/ }), -/***/ 211: +/***/ 204: /***/ (function(__unusedmodule, exports, __webpack_require__) { "use strict"; -Object.defineProperty(exports, '__esModule', { value: true }); +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; -function _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; } +var _validate = _interopRequireDefault(__webpack_require__(634)); -var osName = _interopDefault(__webpack_require__(2)); +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } -function getUserAgent() { - try { - return `Node.js/${process.version.substr(1)} (${osName()}; ${process.arch})`; - } catch (error) { - if (/wmic os get Caption/.test(error.message)) { - return "Windows "; - } - - return ""; +function parse(uuid) { + if (!(0, _validate.default)(uuid)) { + throw TypeError('Invalid UUID'); } + + let v; + const arr = new Uint8Array(16); // Parse ########-....-....-....-............ + + arr[0] = (v = parseInt(uuid.slice(0, 8), 16)) >>> 24; + arr[1] = v >>> 16 & 0xff; + arr[2] = v >>> 8 & 0xff; + arr[3] = v & 0xff; // Parse ........-####-....-....-............ + + arr[4] = (v = parseInt(uuid.slice(9, 13), 16)) >>> 8; + arr[5] = v & 0xff; // Parse ........-....-####-....-............ + + arr[6] = (v = parseInt(uuid.slice(14, 18), 16)) >>> 8; + arr[7] = v & 0xff; // Parse ........-....-....-####-............ + + arr[8] = (v = parseInt(uuid.slice(19, 23), 16)) >>> 8; + arr[9] = v & 0xff; // Parse ........-....-....-....-############ + // (Use "/" to avoid 32-bit truncation when bit-shifting high-order bytes) + + arr[10] = (v = parseInt(uuid.slice(24, 36), 16)) / 0x10000000000 & 0xff; + arr[11] = v / 0x100000000 & 0xff; + arr[12] = v >>> 24 & 0xff; + arr[13] = v >>> 16 & 0xff; + arr[14] = v >>> 8 & 0xff; + arr[15] = v & 0xff; + return arr; } -exports.getUserAgent = getUserAgent; -//# +var _default = parse; +exports.default = _default; +/***/ }), + +/***/ 211: +/***/ (function(module) { + +module.exports = require("https"); /***/ }), @@ -7348,265 +7759,42 @@ class GitOutput { "use strict"; -var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); -}) : (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - o[k2] = m[k]; -})); -var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { - Object.defineProperty(o, "default", { enumerable: true, value: v }); -}) : function(o, v) { - o["default"] = v; + +Object.defineProperty(exports, "__esModule", { + value: true }); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" &&, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; -var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { - function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } - return new (P || (P = Promise))(function (resolve, reject) { - function fulfilled(value) { try { step(; } catch (e) { reject(e); } } - function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } - function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } - step((generator = generator.apply(thisArg, _arguments || [])).next()); - }); -}; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.cleanup = exports.getSource = void 0; -const core = __importStar(__webpack_require__(470)); -const fsHelper = __importStar(__webpack_require__(618)); -const gitAuthHelper = __importStar(__webpack_require__(287)); -const gitCommandManager = __importStar(__webpack_require__(289)); -const gitDirectoryHelper = __importStar(__webpack_require__(438)); -const githubApiHelper = __importStar(__webpack_require__(464)); -const io = __importStar(__webpack_require__(1)); -const path = __importStar(__webpack_require__(622)); -const refHelper = __importStar(__webpack_require__(227)); -const stateHelper = __importStar(__webpack_require__(153)); -const urlHelper = __importStar(__webpack_require__(81)); -function getSource(settings) { - return __awaiter(this, void 0, void 0, function* () { - // Repository URL -`Syncing repository: ${settings.repositoryOwner}/${settings.repositoryName}`); - const repositoryUrl = urlHelper.getFetchUrl(settings); - // Remove conflicting file path - if (fsHelper.fileExistsSync(settings.repositoryPath)) { - yield io.rmRF(settings.repositoryPath); - } - // Create directory - let isExisting = true; - if (!fsHelper.directoryExistsSync(settings.repositoryPath)) { - isExisting = false; - yield io.mkdirP(settings.repositoryPath); - } - // Git command manager - core.startGroup('Getting Git version info'); - const git = yield getGitCommandManager(settings); - core.endGroup(); - let authHelper = null; - try { - if (git) { - authHelper = gitAuthHelper.createAuthHelper(git, settings); - if (settings.setSafeDirectory) { - // Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail - // Otherwise all git commands we run in a container fail - yield authHelper.configureTempGlobalConfig(); -`Adding repository directory to the temporary git global config as a safe directory`); - yield git - .config('', settings.repositoryPath, true, true) - .catch(error => { -`Failed to initialize safe directory with error: ${error}`); - }); - stateHelper.setSafeDirectory(); - } - } - // Prepare existing directory, otherwise recreate - if (isExisting) { - yield gitDirectoryHelper.prepareExistingDirectory(git, settings.repositoryPath, repositoryUrl, settings.clean, settings.ref); - } - if (!git) { - // Downloading using REST API -`The repository will be downloaded using the GitHub REST API`); -`To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH`); - if (settings.submodules) { - throw new Error(`Input 'submodules' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`); - } - else if (settings.sshKey) { - throw new Error(`Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`); - } - yield githubApiHelper.downloadRepository(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.repositoryPath, settings.githubServerUrl); - return; - } - // Save state for POST action - stateHelper.setRepositoryPath(settings.repositoryPath); - // Initialize the repository - if (!fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git'))) { - core.startGroup('Initializing the repository'); - yield git.init(); - yield git.remoteAdd('origin', repositoryUrl); - core.endGroup(); - } - // Disable automatic garbage collection - core.startGroup('Disabling automatic garbage collection'); - if (!(yield git.tryDisableAutomaticGarbageCollection())) { - core.warning(`Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.`); - } - core.endGroup(); - // If we didn't initialize it above, do it now - if (!authHelper) { - authHelper = gitAuthHelper.createAuthHelper(git, settings); - } - // Configure auth - core.startGroup('Setting up auth'); - yield authHelper.configureAuth(); - core.endGroup(); - // Determine the default branch - if (!settings.ref && !settings.commit) { - core.startGroup('Determining the default branch'); - if (settings.sshKey) { - settings.ref = yield git.getDefaultBranch(repositoryUrl); - } - else { - settings.ref = yield githubApiHelper.getDefaultBranch(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.githubServerUrl); - } - core.endGroup(); - } - // LFS install - if (settings.lfs) { - yield git.lfsInstall(); - } - // Fetch - core.startGroup('Fetching the repository'); - if (settings.fetchDepth <= 0) { - // Fetch all branches and tags - let refSpec = refHelper.getRefSpecForAllHistory(settings.ref, settings.commit); - yield git.fetch(refSpec); - // When all history is fetched, the ref we're interested in may have moved to a different - // commit (push or force push). If so, fetch again with a targeted refspec. - if (!(yield refHelper.testRef(git, settings.ref, settings.commit))) { - refSpec = refHelper.getRefSpec(settings.ref, settings.commit); - yield git.fetch(refSpec); - } - } - else { - const refSpec = refHelper.getRefSpec(settings.ref, settings.commit); - yield git.fetch(refSpec, settings.fetchDepth); - } - core.endGroup(); - // Checkout info - core.startGroup('Determining the checkout info'); - const checkoutInfo = yield refHelper.getCheckoutInfo(git, settings.ref, settings.commit); - core.endGroup(); - // LFS fetch - // Explicit lfs-fetch to avoid slow checkout (fetches one lfs object at a time). - // Explicit lfs fetch will fetch lfs objects in parallel. - if (settings.lfs) { - core.startGroup('Fetching LFS objects'); - yield git.lfsFetch(checkoutInfo.startPoint || checkoutInfo.ref); - core.endGroup(); - } - // Checkout - core.startGroup('Checking out the ref'); - yield git.checkout(checkoutInfo.ref, checkoutInfo.startPoint); - core.endGroup(); - // Submodules - if (settings.submodules) { - // Temporarily override global config - core.startGroup('Setting up auth for fetching submodules'); - yield authHelper.configureGlobalAuth(); - core.endGroup(); - // Checkout submodules - core.startGroup('Fetching submodules'); - yield git.submoduleSync(settings.nestedSubmodules); - yield git.submoduleUpdate(settings.fetchDepth, settings.nestedSubmodules); - yield git.submoduleForeach('git config --local 0', settings.nestedSubmodules); - core.endGroup(); - // Persist credentials - if (settings.persistCredentials) { - core.startGroup('Persisting credentials for submodules'); - yield authHelper.configureSubmoduleAuth(); - core.endGroup(); - } - } - // Get commit information - const commitInfo = yield git.log1(); - // Log commit sha - yield git.log1("--format='%H'"); - // Check for incorrect pull request merge commit - yield refHelper.checkCommitInfo(settings.authToken, commitInfo, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.githubServerUrl); - } - finally { - // Remove auth - if (authHelper) { - if (!settings.persistCredentials) { - core.startGroup('Removing auth'); - yield authHelper.removeAuth(); - core.endGroup(); - } - authHelper.removeGlobalConfig(); - } - } - }); -} -exports.getSource = getSource; -function cleanup(repositoryPath) { - return __awaiter(this, void 0, void 0, function* () { - // Repo exists? - if (!repositoryPath || - !fsHelper.fileExistsSync(path.join(repositoryPath, '.git', 'config'))) { - return; - } - let git; - try { - git = yield gitCommandManager.createCommandManager(repositoryPath, false); - } - catch (_a) { - return; - } - // Remove auth - const authHelper = gitAuthHelper.createAuthHelper(git); - try { - if (stateHelper.PostSetSafeDirectory) { - // Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail - // Otherwise all git commands we run in a container fail - yield authHelper.configureTempGlobalConfig(); -`Adding repository directory to the temporary git global config as a safe directory`); - yield git - .config('', repositoryPath, true, true) - .catch(error => { -`Failed to initialize safe directory with error: ${error}`); - }); - } - yield authHelper.removeAuth(); - } - finally { - yield authHelper.removeGlobalConfig(); - } - }); -} -exports.cleanup = cleanup; -function getGitCommandManager(settings) { - return __awaiter(this, void 0, void 0, function* () { -`Working directory is '${settings.repositoryPath}'`); - try { - return yield gitCommandManager.createCommandManager(settings.repositoryPath, settings.lfs); - } - catch (err) { - // Git is required for LFS - if (settings.lfs) { - throw err; - } - // Otherwise fallback to REST API - return undefined; - } - }); +exports.default = void 0; + +var _rng = _interopRequireDefault(__webpack_require__(506)); + +var _stringify = _interopRequireDefault(__webpack_require__(960)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function v4(options, buf, offset) { + options = options || {}; + + const rnds = options.random || (options.rng || _rng.default)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved` + + + rnds[6] = rnds[6] & 0x0f | 0x40; + rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided + + if (buf) { + offset = offset || 0; + + for (let i = 0; i < 16; ++i) { + buf[offset + i] = rnds[i]; + } + + return buf; + } + + return (0, _stringify.default)(rnds); } +var _default = v4; +exports.default = _default; /***/ }), @@ -7905,6 +8093,36 @@ isStream.transform = function (stream) { }; +/***/ }), + +/***/ 329: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; + +var _crypto = _interopRequireDefault(__webpack_require__(417)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function sha1(bytes) { + if (Array.isArray(bytes)) { + bytes = Buffer.from(bytes); + } else if (typeof bytes === 'string') { + bytes = Buffer.from(bytes, 'utf8'); + } + + return _crypto.default.createHash('sha1').update(bytes).digest(); +} + +var _default = sha1; +exports.default = _default; + /***/ }), /***/ 330: @@ -8228,37 +8446,90 @@ module.exports = require("assert"); /***/ }), /***/ 363: -/***/ (function(module) { +/***/ (function(__unusedmodule, exports) { -module.exports = register +"use strict"; -function register (state, name, method, options) { - if (typeof method !== 'function') { - throw new Error('method for before hook must be a function') - } - - if (!options) { - options = {} - } - - if (Array.isArray(name)) { - return name.reverse().reduce(function (callback, name) { - return register.bind(null, state, name, callback, options) - }, method)() - } - - return Promise.resolve() - .then(function () { - if (!state.registry[name]) { - return method(options) - } - - return (state.registry[name]).reduce(function (method, registered) { - return registered.hook.bind(null, method, options) - }, method)() - }) +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(; } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.PersonalAccessTokenCredentialHandler = exports.BearerCredentialHandler = exports.BasicCredentialHandler = void 0; +class BasicCredentialHandler { + constructor(username, password) { + this.username = username; + this.password = password; + } + prepareRequest(options) { + if (!options.headers) { + throw Error('The request has no headers'); + } + options.headers['Authorization'] = `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`; + } + // This handler cannot handle 401 + canHandleAuthentication() { + return false; + } + handleAuthentication() { + return __awaiter(this, void 0, void 0, function* () { + throw new Error('not implemented'); + }); + } } - +exports.BasicCredentialHandler = BasicCredentialHandler; +class BearerCredentialHandler { + constructor(token) { + this.token = token; + } + // currently implements pre-authorization + // TODO: support preAuth = false where it hooks on 401 + prepareRequest(options) { + if (!options.headers) { + throw Error('The request has no headers'); + } + options.headers['Authorization'] = `Bearer ${this.token}`; + } + // This handler cannot handle 401 + canHandleAuthentication() { + return false; + } + handleAuthentication() { + return __awaiter(this, void 0, void 0, function* () { + throw new Error('not implemented'); + }); + } +} +exports.BearerCredentialHandler = BearerCredentialHandler; +class PersonalAccessTokenCredentialHandler { + constructor(token) { + this.token = token; + } + // currently implements pre-authorization + // TODO: support preAuth = false where it hooks on 401 + prepareRequest(options) { + if (!options.headers) { + throw Error('The request has no headers'); + } + options.headers['Authorization'] = `Basic ${Buffer.from(`PAT:${this.token}`).toString('base64')}`; + } + // This handler cannot handle 401 + canHandleAuthentication() { + return false; + } + handleAuthentication() { + return __awaiter(this, void 0, void 0, function* () { + throw new Error('not implemented'); + }); + } +} +exports.PersonalAccessTokenCredentialHandler = PersonalAccessTokenCredentialHandler; +//# /***/ }), @@ -8735,6 +9006,36 @@ function readShebang(command) { module.exports = readShebang; +/***/ }), + +/***/ 392: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, '__esModule', { value: true }); + +function _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; } + +var osName = _interopDefault(__webpack_require__(2)); + +function getUserAgent() { + try { + return `Node.js/${process.version.substr(1)} (${osName()}; ${process.arch})`; + } catch (error) { + if (/wmic os get Caption/.test(error.message)) { + return "Windows "; + } + + return ""; + } +} + +exports.getUserAgent = getUserAgent; +//# + + /***/ }), /***/ 402: @@ -8774,9 +9075,10 @@ function Octokit(plugins, options) { /***/ }), /***/ 413: -/***/ (function(module) { +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = __webpack_require__(141); -module.exports = require("stream"); /***/ }), @@ -8853,14 +9155,27 @@ function octokitValidate(octokit) { "use strict"; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; - if (mod != null) for (var k in mod) if (, k)) result[k] = mod[k]; - result["default"] = mod; + if (mod != null) for (var k in mod) if (k !== "default" &&, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); return result; }; Object.defineProperty(exports, "__esModule", { value: true }); +exports.issue = exports.issueCommand = void 0; const os = __importStar(__webpack_require__(87)); const utils_1 = __webpack_require__(82); /** @@ -9171,11 +9486,11 @@ Object.defineProperty(exports, '__esModule', { value: true }); function _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; } -var Stream = _interopDefault(__webpack_require__(413)); +var Stream = _interopDefault(__webpack_require__(794)); var http = _interopDefault(__webpack_require__(605)); var Url = _interopDefault(__webpack_require__(835)); var whatwgUrl = _interopDefault(__webpack_require__(70)); -var https = _interopDefault(__webpack_require__(34)); +var https = _interopDefault(__webpack_require__(211)); var zlib = _interopDefault(__webpack_require__(761)); // Based on @@ -11259,6 +11574,25 @@ exports.GitHub = GitHub; "use strict"; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" &&, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { @@ -11268,19 +11602,14 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (, k)) result[k] = mod[k]; - result["default"] = mod; - return result; -}; Object.defineProperty(exports, "__esModule", { value: true }); +exports.getIDToken = exports.getState = exports.saveState = = exports.endGroup = exports.startGroup = = exports.notice = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0; const command_1 = __webpack_require__(431); const file_command_1 = __webpack_require__(102); const utils_1 = __webpack_require__(82); const os = __importStar(__webpack_require__(87)); const path = __importStar(__webpack_require__(622)); +const oidc_utils_1 = __webpack_require__(742); /** * The code to exit an action */ @@ -11309,13 +11638,9 @@ function exportVariable(name, val) { process.env[name] = convertedVal; const filePath = process.env['GITHUB_ENV'] || ''; if (filePath) { - const delimiter = '_GitHubActionsFileCommandDelimeter_'; - const commandValue = `${name}<<${delimiter}${os.EOL}${convertedVal}${os.EOL}${delimiter}`; - file_command_1.issueCommand('ENV', commandValue); - } - else { - command_1.issueCommand('set-env', { name }, convertedVal); + return file_command_1.issueFileCommand('ENV', file_command_1.prepareKeyValueMessage(name, val)); } + command_1.issueCommand('set-env', { name }, convertedVal); } exports.exportVariable = exportVariable; /** @@ -11333,7 +11658,7 @@ exports.setSecret = setSecret; function addPath(inputPath) { const filePath = process.env['GITHUB_PATH'] || ''; if (filePath) { - file_command_1.issueCommand('PATH', inputPath); + file_command_1.issueFileCommand('PATH', inputPath); } else { command_1.issueCommand('add-path', {}, inputPath); @@ -11342,7 +11667,9 @@ function addPath(inputPath) { } exports.addPath = addPath; /** - * Gets the value of an input. The value is also trimmed. + * Gets the value of an input. + * Unless trimWhitespace is set to false in InputOptions, the value is also trimmed. + * Returns an empty string if the value is not defined. * * @param name name of the input to get * @param options optional. See InputOptions. @@ -11353,9 +11680,52 @@ function getInput(name, options) { if (options && options.required && !val) { throw new Error(`Input required and not supplied: ${name}`); } + if (options && options.trimWhitespace === false) { + return val; + } return val.trim(); } exports.getInput = getInput; +/** + * Gets the values of an multiline input. Each value is also trimmed. + * + * @param name name of the input to get + * @param options optional. See InputOptions. + * @returns string[] + * + */ +function getMultilineInput(name, options) { + const inputs = getInput(name, options) + .split('\n') + .filter(x => x !== ''); + if (options && options.trimWhitespace === false) { + return inputs; + } + return => input.trim()); +} +exports.getMultilineInput = getMultilineInput; +/** + * Gets the input value of the boolean type in the YAML 1.2 "core schema" specification. + * Support boolean input list: `true | True | TRUE | false | False | FALSE` . + * The return value is also in boolean type. + * ref: + * + * @param name name of the input to get + * @param options optional. See InputOptions. + * @returns boolean + */ +function getBooleanInput(name, options) { + const trueValue = ['true', 'True', 'TRUE']; + const falseValue = ['false', 'False', 'FALSE']; + const val = getInput(name, options); + if (trueValue.includes(val)) + return true; + if (falseValue.includes(val)) + return false; + throw new TypeError(`Input does not meet YAML 1.2 "Core Schema" specification: ${name}\n` + + `Support boolean input list: \`true | True | TRUE | false | False | FALSE\``); +} +exports.getBooleanInput = getBooleanInput; /** * Sets the value of an output. * @@ -11364,7 +11734,12 @@ exports.getInput = getInput; */ // eslint-disable-next-line @typescript-eslint/no-explicit-any function setOutput(name, value) { - command_1.issueCommand('set-output', { name }, value); + const filePath = process.env['GITHUB_OUTPUT'] || ''; + if (filePath) { + return file_command_1.issueFileCommand('OUTPUT', file_command_1.prepareKeyValueMessage(name, value)); + } + process.stdout.write(os.EOL); + command_1.issueCommand('set-output', { name }, utils_1.toCommandValue(value)); } exports.setOutput = setOutput; /** @@ -11410,19 +11785,30 @@ exports.debug = debug; /** * Adds an error issue * @param message error issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. */ -function error(message) { - command_1.issue('error', message instanceof Error ? message.toString() : message); +function error(message, properties = {}) { + command_1.issueCommand('error', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); } exports.error = error; /** - * Adds an warning issue + * Adds a warning issue * @param message warning issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. */ -function warning(message) { - command_1.issue('warning', message instanceof Error ? message.toString() : message); +function warning(message, properties = {}) { + command_1.issueCommand('warning', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); } exports.warning = warning; +/** + * Adds a notice issue + * @param message notice issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. + */ +function notice(message, properties = {}) { + command_1.issueCommand('notice', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); +} +exports.notice = notice; /** * Writes info to log with console.log. * @param message info message @@ -11482,7 +11868,11 @@ = group; */ // eslint-disable-next-line @typescript-eslint/no-explicit-any function saveState(name, value) { - command_1.issueCommand('save-state', { name }, value); + const filePath = process.env['GITHUB_STATE'] || ''; + if (filePath) { + return file_command_1.issueFileCommand('STATE', file_command_1.prepareKeyValueMessage(name, value)); + } + command_1.issueCommand('save-state', { name }, utils_1.toCommandValue(value)); } exports.saveState = saveState; /** @@ -11495,6 +11885,29 @@ function getState(name) { return process.env[`STATE_${name}`] || ''; } exports.getState = getState; +function getIDToken(aud) { + return __awaiter(this, void 0, void 0, function* () { + return yield oidc_utils_1.OidcClient.getIDToken(aud); + }); +} +exports.getIDToken = getIDToken; +/** + * Summary exports + */ +var summary_1 = __webpack_require__(665); +Object.defineProperty(exports, "summary", { enumerable: true, get: function () { return summary_1.summary; } }); +/** + * @deprecated use core.summary + */ +var summary_2 = __webpack_require__(665); +Object.defineProperty(exports, "markdownSummary", { enumerable: true, get: function () { return summary_2.markdownSummary; } }); +/** + * Path exports + */ +var path_utils_1 = __webpack_require__(573); +Object.defineProperty(exports, "toPosixPath", { enumerable: true, get: function () { return path_utils_1.toPosixPath; } }); +Object.defineProperty(exports, "toWin32Path", { enumerable: true, get: function () { return path_utils_1.toWin32Path; } }); +Object.defineProperty(exports, "toPlatformPath", { enumerable: true, get: function () { return path_utils_1.toPlatformPath; } }); //# /***/ }), @@ -11672,6 +12085,72 @@ exports.RequestError = RequestError; //# +/***/ }), + +/***/ 501: +/***/ (function(module) { + +module.exports = register + +function register (state, name, method, options) { + if (typeof method !== 'function') { + throw new Error('method for before hook must be a function') + } + + if (!options) { + options = {} + } + + if (Array.isArray(name)) { + return name.reverse().reduce(function (callback, name) { + return register.bind(null, state, name, callback, options) + }, method)() + } + + return Promise.resolve() + .then(function () { + if (!state.registry[name]) { + return method(options) + } + + return (state.registry[name]).reduce(function (method, registered) { + return registered.hook.bind(null, method, options) + }, method)() + }) +} + + +/***/ }), + +/***/ 506: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = rng; + +var _crypto = _interopRequireDefault(__webpack_require__(417)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +const rnds8Pool = new Uint8Array(256); // # of random values to pre-allocate + +let poolPtr = rnds8Pool.length; + +function rng() { + if (poolPtr > rnds8Pool.length - 16) { + _crypto.default.randomFillSync(rnds8Pool); + + poolPtr = 0; + } + + return rnds8Pool.slice(poolPtr, poolPtr += 16); +} + /***/ }), /***/ 510: @@ -11730,7 +12209,7 @@ function addHook (state, kind, name, hook) { /***/ 523: /***/ (function(module, __unusedexports, __webpack_require__) { -var register = __webpack_require__(363) +var register = __webpack_require__(501) var addHook = __webpack_require__(510) var removeHook = __webpack_require__(763) @@ -11789,6 +12268,21 @@ module.exports.Singular = Hook.Singular module.exports.Collection = Hook.Collection +/***/ }), + +/***/ 525: +/***/ (function(__unusedmodule, exports) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; +var _default = /^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}|00000000-0000-0000-0000-000000000000)$/i; +exports.default = _default; + /***/ }), /***/ 528: @@ -12287,7 +12781,7 @@ function hasFirstPage (link) { Object.defineProperty(exports, "__esModule", { value: true }); const url = __webpack_require__(835); const http = __webpack_require__(605); -const https = __webpack_require__(34); +const https = __webpack_require__(211); const pm = __webpack_require__(950); let tunnel; var HttpCodes; @@ -13103,6 +13597,94 @@ function parse(command, args, options) { module.exports = parse; +/***/ }), + +/***/ 572: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; + +var _v = _interopRequireDefault(__webpack_require__(136)); + +var _md = _interopRequireDefault(__webpack_require__(659)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +const v3 = (0, _v.default)('v3', 0x30, _md.default); +var _default = v3; +exports.default = _default; + +/***/ }), + +/***/ 573: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" &&, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.toPlatformPath = exports.toWin32Path = exports.toPosixPath = void 0; +const path = __importStar(__webpack_require__(622)); +/** + * toPosixPath converts the given path to the posix form. On Windows, \\ will be + * replaced with /. + * + * @param pth. Path to transform. + * @return string Posix path. + */ +function toPosixPath(pth) { + return pth.replace(/[\\]/g, '/'); +} +exports.toPosixPath = toPosixPath; +/** + * toWin32Path converts the given path to the win32 form. On Linux, / will be + * replaced with \\. + * + * @param pth. Path to transform. + * @return string Win32 path. + */ +function toWin32Path(pth) { + return pth.replace(/[/]/g, '\\'); +} +exports.toWin32Path = toWin32Path; +/** + * toPlatformPath converts the given path to a platform-specific path. It does + * this by replacing instances of / and \ with the platform-specific path + * separator. + * + * @param pth The path to platformize. + * @return string The platform-specific path. + */ +function toPlatformPath(pth) { + return pth.replace(/[/\\]/g, path.sep); +} +exports.toPlatformPath = toPlatformPath; +//# + /***/ }), /***/ 577: @@ -13672,6 +14254,53 @@ module.exports = require("net"); /***/ }), +/***/ 634: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; + +var _regex = _interopRequireDefault(__webpack_require__(525)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function validate(uuid) { + return typeof uuid === 'string' && _regex.default.test(uuid); +} + +var _default = validate; +exports.default = _default; + +/***/ }), + +/***/ 638: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; + +var _v = _interopRequireDefault(__webpack_require__(136)); + +var _sha = _interopRequireDefault(__webpack_require__(329)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +const v5 = (0, _v.default)('v5', 0x50, _sha.default); +var _default = v5; +exports.default = _default; + +/***/ }), + /***/ 642: /***/ (function(__unusedmodule, exports, __webpack_require__) { @@ -15430,6 +16059,326 @@ function coerce (version, options) { } +/***/ }), + +/***/ 659: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; + +var _crypto = _interopRequireDefault(__webpack_require__(417)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function md5(bytes) { + if (Array.isArray(bytes)) { + bytes = Buffer.from(bytes); + } else if (typeof bytes === 'string') { + bytes = Buffer.from(bytes, 'utf8'); + } + + return _crypto.default.createHash('md5').update(bytes).digest(); +} + +var _default = md5; +exports.default = _default; + +/***/ }), + +/***/ 665: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(; } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.summary = exports.markdownSummary = exports.SUMMARY_DOCS_URL = exports.SUMMARY_ENV_VAR = void 0; +const os_1 = __webpack_require__(87); +const fs_1 = __webpack_require__(747); +const { access, appendFile, writeFile } = fs_1.promises; +exports.SUMMARY_ENV_VAR = 'GITHUB_STEP_SUMMARY'; +exports.SUMMARY_DOCS_URL = ''; +class Summary { + constructor() { + this._buffer = ''; + } + /** + * Finds the summary file path from the environment, rejects if env var is not found or file does not exist + * Also checks r/w permissions. + * + * @returns step summary file path + */ + filePath() { + return __awaiter(this, void 0, void 0, function* () { + if (this._filePath) { + return this._filePath; + } + const pathFromEnv = process.env[exports.SUMMARY_ENV_VAR]; + if (!pathFromEnv) { + throw new Error(`Unable to find environment variable for $${exports.SUMMARY_ENV_VAR}. Check if your runtime environment supports job summaries.`); + } + try { + yield access(pathFromEnv, fs_1.constants.R_OK | fs_1.constants.W_OK); + } + catch (_a) { + throw new Error(`Unable to access summary file: '${pathFromEnv}'. Check if the file has correct read/write permissions.`); + } + this._filePath = pathFromEnv; + return this._filePath; + }); + } + /** + * Wraps content in an HTML tag, adding any HTML attributes + * + * @param {string} tag HTML tag to wrap + * @param {string | null} content content within the tag + * @param {[attribute: string]: string} attrs key-value list of HTML attributes to add + * + * @returns {string} content wrapped in HTML element + */ + wrap(tag, content, attrs = {}) { + const htmlAttrs = Object.entries(attrs) + .map(([key, value]) => ` ${key}="${value}"`) + .join(''); + if (!content) { + return `<${tag}${htmlAttrs}>`; + } + return `<${tag}${htmlAttrs}>${content}`; + } + /** + * Writes text in the buffer to the summary buffer file and empties buffer. Will append by default. + * + * @param {SummaryWriteOptions} [options] (optional) options for write operation + * + * @returns {Promise} summary instance + */ + write(options) { + return __awaiter(this, void 0, void 0, function* () { + const overwrite = !!(options === null || options === void 0 ? void 0 : options.overwrite); + const filePath = yield this.filePath(); + const writeFunc = overwrite ? writeFile : appendFile; + yield writeFunc(filePath, this._buffer, { encoding: 'utf8' }); + return this.emptyBuffer(); + }); + } + /** + * Clears the summary buffer and wipes the summary file + * + * @returns {Summary} summary instance + */ + clear() { + return __awaiter(this, void 0, void 0, function* () { + return this.emptyBuffer().write({ overwrite: true }); + }); + } + /** + * Returns the current summary buffer as a string + * + * @returns {string} string of summary buffer + */ + stringify() { + return this._buffer; + } + /** + * If the summary buffer is empty + * + * @returns {boolen} true if the buffer is empty + */ + isEmptyBuffer() { + return this._buffer.length === 0; + } + /** + * Resets the summary buffer without writing to summary file + * + * @returns {Summary} summary instance + */ + emptyBuffer() { + this._buffer = ''; + return this; + } + /** + * Adds raw text to the summary buffer + * + * @param {string} text content to add + * @param {boolean} [addEOL=false] (optional) append an EOL to the raw text (default: false) + * + * @returns {Summary} summary instance + */ + addRaw(text, addEOL = false) { + this._buffer += text; + return addEOL ? this.addEOL() : this; + } + /** + * Adds the operating system-specific end-of-line marker to the buffer + * + * @returns {Summary} summary instance + */ + addEOL() { + return this.addRaw(os_1.EOL); + } + /** + * Adds an HTML codeblock to the summary buffer + * + * @param {string} code content to render within fenced code block + * @param {string} lang (optional) language to syntax highlight code + * + * @returns {Summary} summary instance + */ + addCodeBlock(code, lang) { + const attrs = Object.assign({}, (lang && { lang })); + const element = this.wrap('pre', this.wrap('code', code), attrs); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML list to the summary buffer + * + * @param {string[]} items list of items to render + * @param {boolean} [ordered=false] (optional) if the rendered list should be ordered or not (default: false) + * + * @returns {Summary} summary instance + */ + addList(items, ordered = false) { + const tag = ordered ? 'ol' : 'ul'; + const listItems = => this.wrap('li', item)).join(''); + const element = this.wrap(tag, listItems); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML table to the summary buffer + * + * @param {SummaryTableCell[]} rows table rows + * + * @returns {Summary} summary instance + */ + addTable(rows) { + const tableBody = rows + .map(row => { + const cells = row + .map(cell => { + if (typeof cell === 'string') { + return this.wrap('td', cell); + } + const { header, data, colspan, rowspan } = cell; + const tag = header ? 'th' : 'td'; + const attrs = Object.assign(Object.assign({}, (colspan && { colspan })), (rowspan && { rowspan })); + return this.wrap(tag, data, attrs); + }) + .join(''); + return this.wrap('tr', cells); + }) + .join(''); + const element = this.wrap('table', tableBody); + return this.addRaw(element).addEOL(); + } + /** + * Adds a collapsable HTML details element to the summary buffer + * + * @param {string} label text for the closed state + * @param {string} content collapsable content + * + * @returns {Summary} summary instance + */ + addDetails(label, content) { + const element = this.wrap('details', this.wrap('summary', label) + content); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML image tag to the summary buffer + * + * @param {string} src path to the image you to embed + * @param {string} alt text description of the image + * @param {SummaryImageOptions} options (optional) addition image attributes + * + * @returns {Summary} summary instance + */ + addImage(src, alt, options) { + const { width, height } = options || {}; + const attrs = Object.assign(Object.assign({}, (width && { width })), (height && { height })); + const element = this.wrap('img', null, Object.assign({ src, alt }, attrs)); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML section heading element + * + * @param {string} text heading text + * @param {number | string} [level=1] (optional) the heading level, default: 1 + * + * @returns {Summary} summary instance + */ + addHeading(text, level) { + const tag = `h${level}`; + const allowedTag = ['h1', 'h2', 'h3', 'h4', 'h5', 'h6'].includes(tag) + ? tag + : 'h1'; + const element = this.wrap(allowedTag, text); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML thematic break (
) to the summary buffer + * + * @returns {Summary} summary instance + */ + addSeparator() { + const element = this.wrap('hr', null); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML line break (
) to the summary buffer + * + * @returns {Summary} summary instance + */ + addBreak() { + const element = this.wrap('br', null); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML blockquote to the summary buffer + * + * @param {string} text quote text + * @param {string} cite (optional) citation url + * + * @returns {Summary} summary instance + */ + addQuote(text, cite) { + const attrs = Object.assign({}, (cite && { cite })); + const element = this.wrap('blockquote', text, attrs); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML anchor tag to the summary buffer + * + * @param {string} text link text/content + * @param {string} href hyperlink + * + * @returns {Summary} summary instance + */ + addLink(text, href) { + const element = this.wrap('a', text, { href }); + return this.addRaw(element).addEOL(); + } +} +const _summary = new Summary(); +/** + * @deprecated use `core.summary` + */ +exports.markdownSummary = _summary; +exports.summary = _summary; +//# + /***/ }), /***/ 669: @@ -16143,66 +17092,86 @@ module.exports = Function.prototype.bind || implementation; /***/ }), /***/ 742: -/***/ (function(module, __unusedexports, __webpack_require__) { +/***/ (function(__unusedmodule, exports, __webpack_require__) { -var fs = __webpack_require__(747) -var core -if (process.platform === 'win32' || global.TESTING_WINDOWS) { - core = __webpack_require__(818) -} else { - core = __webpack_require__(197) -} +"use strict"; -module.exports = isexe -isexe.sync = sync - -function isexe (path, options, cb) { - if (typeof options === 'function') { - cb = options - options = {} - } - - if (!cb) { - if (typeof Promise !== 'function') { - throw new TypeError('callback not provided') +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(; } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.OidcClient = void 0; +const http_client_1 = __webpack_require__(993); +const auth_1 = __webpack_require__(363); +const core_1 = __webpack_require__(470); +class OidcClient { + static createHttpClient(allowRetry = true, maxRetry = 10) { + const requestOptions = { + allowRetries: allowRetry, + maxRetries: maxRetry + }; + return new http_client_1.HttpClient('actions/oidc-client', [new auth_1.BearerCredentialHandler(OidcClient.getRequestToken())], requestOptions); } - - return new Promise(function (resolve, reject) { - isexe(path, options || {}, function (er, is) { - if (er) { - reject(er) - } else { - resolve(is) + static getRequestToken() { + const token = process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN']; + if (!token) { + throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable'); } - }) - }) - } - - core(path, options || {}, function (er, is) { - // ignore EACCES because that just means we aren't allowed to run it - if (er) { - if (er.code === 'EACCES' || options && options.ignoreErrors) { - er = null - is = false - } + return token; } - cb(er, is) - }) -} - -function sync (path, options) { - // my kingdom for a filtered catch - try { - return core.sync(path, options || {}) - } catch (er) { - if (options && options.ignoreErrors || er.code === 'EACCES') { - return false - } else { - throw er + static getIDTokenUrl() { + const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL']; + if (!runtimeUrl) { + throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable'); + } + return runtimeUrl; + } + static getCall(id_token_url) { + var _a; + return __awaiter(this, void 0, void 0, function* () { + const httpclient = OidcClient.createHttpClient(); + const res = yield httpclient + .getJson(id_token_url) + .catch(error => { + throw new Error(`Failed to get ID Token. \n + Error Code : ${error.statusCode}\n + Error Message: ${error.result.message}`); + }); + const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value; + if (!id_token) { + throw new Error('Response json body do not have ID Token field'); + } + return id_token; + }); + } + static getIDToken(audience) { + return __awaiter(this, void 0, void 0, function* () { + try { + // New ID Token is requested from action service + let id_token_url = OidcClient.getIDTokenUrl(); + if (audience) { + const encodedAudience = encodeURIComponent(audience); + id_token_url = `${id_token_url}&audience=${encodedAudience}`; + } + core_1.debug(`ID token url is ${id_token_url}`); + const id_token = yield OidcClient.getCall(id_token_url); + core_1.setSecret(id_token); + return id_token; + } + catch (error) { + throw new Error(`Error message: ${error.message}`); + } + }); } - } } - +exports.OidcClient = OidcClient; +//# /***/ }), @@ -16279,7 +17248,7 @@ Object.defineProperty(exports, '__esModule', { value: true }); function _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; } var endpoint = __webpack_require__(385); -var universalUserAgent = __webpack_require__(211); +var universalUserAgent = __webpack_require__(392); var isPlainObject = _interopDefault(__webpack_require__(696)); var nodeFetch = _interopDefault(__webpack_require__(454)); var requestError = __webpack_require__(463); @@ -16965,6 +17934,13 @@ module.exports = { +/***/ }), + +/***/ 794: +/***/ (function(module) { + +module.exports = require("stream"); + /***/ }), /***/ 796: @@ -16997,59 +17973,180 @@ exports.getUserAgent = getUserAgent; /***/ }), -/***/ 813: -/***/ (function(__unusedmodule, exports) { +/***/ 810: +/***/ (function(__unusedmodule, exports, __webpack_require__) { "use strict"; -Object.defineProperty(exports, '__esModule', { value: true }); +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; -async function auth(token) { - const tokenType = token.split(/\./).length === 3 ? "app" : /^v\d+\./.test(token) ? "installation" : "oauth"; - return { - type: "token", - token: token, - tokenType - }; -} +var _rng = _interopRequireDefault(__webpack_require__(506)); -/** - * Prefix token for usage in the Authorization header - * - * @param token OAuth token or JSON Web Token - */ -function withAuthorizationPrefix(token) { - if (token.split(/\./).length === 3) { - return `bearer ${token}`; +var _stringify = _interopRequireDefault(__webpack_require__(960)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +// **`v1()` - Generate time-based UUID** +// +// Inspired by +// and +let _nodeId; + +let _clockseq; // Previous uuid creation time + + +let _lastMSecs = 0; +let _lastNSecs = 0; // See for API details + +function v1(options, buf, offset) { + let i = buf && offset || 0; + const b = buf || new Array(16); + options = options || {}; + let node = options.node || _nodeId; + let clockseq = options.clockseq !== undefined ? options.clockseq : _clockseq; // node and clockseq need to be initialized to random values if they're not + // specified. We do this lazily to minimize issues related to insufficient + // system entropy. See #189 + + if (node == null || clockseq == null) { + const seedBytes = options.random || (options.rng || _rng.default)(); + + if (node == null) { + // Per 4.5, create and 48-bit node id, (47 random bits + multicast bit = 1) + node = _nodeId = [seedBytes[0] | 0x01, seedBytes[1], seedBytes[2], seedBytes[3], seedBytes[4], seedBytes[5]]; + } + + if (clockseq == null) { + // Per 4.2.2, randomize (14 bit) clockseq + clockseq = _clockseq = (seedBytes[6] << 8 | seedBytes[7]) & 0x3fff; + } + } // UUID timestamps are 100 nano-second units since the Gregorian epoch, + // (1582-10-15 00:00). JSNumbers aren't precise enough for this, so + // time is handled internally as 'msecs' (integer milliseconds) and 'nsecs' + // (100-nanoseconds offset from msecs) since unix epoch, 1970-01-01 00:00. + + + let msecs = options.msecs !== undefined ? options.msecs :; // Per, use count of uuid's generated during the current clock + // cycle to simulate higher resolution clock + + let nsecs = options.nsecs !== undefined ? options.nsecs : _lastNSecs + 1; // Time since last uuid creation (in msecs) + + const dt = msecs - _lastMSecs + (nsecs - _lastNSecs) / 10000; // Per, Bump clockseq on clock regression + + if (dt < 0 && options.clockseq === undefined) { + clockseq = clockseq + 1 & 0x3fff; + } // Reset nsecs if clock regresses (new clockseq) or we've moved onto a new + // time interval + + + if ((dt < 0 || msecs > _lastMSecs) && options.nsecs === undefined) { + nsecs = 0; + } // Per Throw error if too many uuids are requested + + + if (nsecs >= 10000) { + throw new Error("uuid.v1(): Can't create more than 10M uuids/sec"); } - return `token ${token}`; -} + _lastMSecs = msecs; + _lastNSecs = nsecs; + _clockseq = clockseq; // Per 4.1.4 - Convert from unix epoch to Gregorian epoch -async function hook(token, request, route, parameters) { - const endpoint = request.endpoint.merge(route, parameters); - endpoint.headers.authorization = withAuthorizationPrefix(token); - return request(endpoint); -} + msecs += 12219292800000; // `time_low` -const createTokenAuth = function createTokenAuth(token) { - if (!token) { - throw new Error("[@octokit/auth-token] No token passed to createTokenAuth"); + const tl = ((msecs & 0xfffffff) * 10000 + nsecs) % 0x100000000; + b[i++] = tl >>> 24 & 0xff; + b[i++] = tl >>> 16 & 0xff; + b[i++] = tl >>> 8 & 0xff; + b[i++] = tl & 0xff; // `time_mid` + + const tmh = msecs / 0x100000000 * 10000 & 0xfffffff; + b[i++] = tmh >>> 8 & 0xff; + b[i++] = tmh & 0xff; // `time_high_and_version` + + b[i++] = tmh >>> 24 & 0xf | 0x10; // include version + + b[i++] = tmh >>> 16 & 0xff; // `clock_seq_hi_and_reserved` (Per 4.2.2 - include variant) + + b[i++] = clockseq >>> 8 | 0x80; // `clock_seq_low` + + b[i++] = clockseq & 0xff; // `node` + + for (let n = 0; n < 6; ++n) { + b[i + n] = node[n]; } - if (typeof token !== "string") { - throw new Error("[@octokit/auth-token] Token passed to createTokenAuth is not a string"); + return buf || (0, _stringify.default)(b); +} + +var _default = v1; +exports.default = _default; + +/***/ }), + +/***/ 813: +/***/ (function(module, __unusedexports, __webpack_require__) { + +var fs = __webpack_require__(747) +var core +if (process.platform === 'win32' || global.TESTING_WINDOWS) { + core = __webpack_require__(818) +} else { + core = __webpack_require__(197) +} + +module.exports = isexe +isexe.sync = sync + +function isexe (path, options, cb) { + if (typeof options === 'function') { + cb = options + options = {} } - token = token.replace(/^(token|bearer) +/i, ""); - return Object.assign(auth.bind(null, token), { - hook: hook.bind(null, token) - }); -}; + if (!cb) { + if (typeof Promise !== 'function') { + throw new TypeError('callback not provided') + } -exports.createTokenAuth = createTokenAuth; -//# + return new Promise(function (resolve, reject) { + isexe(path, options || {}, function (er, is) { + if (er) { + reject(er) + } else { + resolve(is) + } + }) + }) + } + + core(path, options || {}, function (er, is) { + // ignore EACCES because that just means we aren't allowed to run it + if (er) { + if (er.code === 'EACCES' || options && options.ignoreErrors) { + er = null + is = false + } + } + cb(er, is) + }) +} + +function sync (path, options) { + // my kingdom for a filtered catch + try { + return core.sync(path, options || {}) + } catch (er) { + if (options && options.ignoreErrors || er.code === 'EACCES') { + return false + } else { + throw er + } + } +} /***/ }), @@ -17066,7 +18163,7 @@ var isWindows = process.platform === 'win32' || var path = __webpack_require__(622) var COLON = isWindows ? ';' : ':' -var isexe = __webpack_require__(742) +var isexe = __webpack_require__(813) function getNotFoundError (cmd) { var er = new Error('not found: ' + cmd) @@ -30662,6 +31759,273 @@ function paginationMethodsPlugin (octokit) { } +/***/ }), + +/***/ 853: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" &&, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(; } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.cleanup = exports.getSource = void 0; +const core = __importStar(__webpack_require__(470)); +const fsHelper = __importStar(__webpack_require__(618)); +const gitAuthHelper = __importStar(__webpack_require__(287)); +const gitCommandManager = __importStar(__webpack_require__(289)); +const gitDirectoryHelper = __importStar(__webpack_require__(438)); +const githubApiHelper = __importStar(__webpack_require__(464)); +const io = __importStar(__webpack_require__(1)); +const path = __importStar(__webpack_require__(622)); +const refHelper = __importStar(__webpack_require__(227)); +const stateHelper = __importStar(__webpack_require__(153)); +const urlHelper = __importStar(__webpack_require__(81)); +function getSource(settings) { + return __awaiter(this, void 0, void 0, function* () { + // Repository URL +`Syncing repository: ${settings.repositoryOwner}/${settings.repositoryName}`); + const repositoryUrl = urlHelper.getFetchUrl(settings); + // Remove conflicting file path + if (fsHelper.fileExistsSync(settings.repositoryPath)) { + yield io.rmRF(settings.repositoryPath); + } + // Create directory + let isExisting = true; + if (!fsHelper.directoryExistsSync(settings.repositoryPath)) { + isExisting = false; + yield io.mkdirP(settings.repositoryPath); + } + // Git command manager + core.startGroup('Getting Git version info'); + const git = yield getGitCommandManager(settings); + core.endGroup(); + let authHelper = null; + try { + if (git) { + authHelper = gitAuthHelper.createAuthHelper(git, settings); + if (settings.setSafeDirectory) { + // Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail + // Otherwise all git commands we run in a container fail + yield authHelper.configureTempGlobalConfig(); +`Adding repository directory to the temporary git global config as a safe directory`); + yield git + .config('', settings.repositoryPath, true, true) + .catch(error => { +`Failed to initialize safe directory with error: ${error}`); + }); + stateHelper.setSafeDirectory(); + } + } + // Prepare existing directory, otherwise recreate + if (isExisting) { + yield gitDirectoryHelper.prepareExistingDirectory(git, settings.repositoryPath, repositoryUrl, settings.clean, settings.ref); + } + if (!git) { + // Downloading using REST API +`The repository will be downloaded using the GitHub REST API`); +`To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH`); + if (settings.submodules) { + throw new Error(`Input 'submodules' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`); + } + else if (settings.sshKey) { + throw new Error(`Input 'ssh-key' not supported when falling back to download using the GitHub REST API. To create a local Git repository instead, add Git ${gitCommandManager.MinimumGitVersion} or higher to the PATH.`); + } + yield githubApiHelper.downloadRepository(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.repositoryPath, settings.githubServerUrl); + return; + } + // Save state for POST action + stateHelper.setRepositoryPath(settings.repositoryPath); + // Initialize the repository + if (!fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git'))) { + core.startGroup('Initializing the repository'); + yield git.init(); + yield git.remoteAdd('origin', repositoryUrl); + core.endGroup(); + } + // Disable automatic garbage collection + core.startGroup('Disabling automatic garbage collection'); + if (!(yield git.tryDisableAutomaticGarbageCollection())) { + core.warning(`Unable to turn off git automatic garbage collection. The git fetch operation may trigger garbage collection and cause a delay.`); + } + core.endGroup(); + // If we didn't initialize it above, do it now + if (!authHelper) { + authHelper = gitAuthHelper.createAuthHelper(git, settings); + } + // Configure auth + core.startGroup('Setting up auth'); + yield authHelper.configureAuth(); + core.endGroup(); + // Determine the default branch + if (!settings.ref && !settings.commit) { + core.startGroup('Determining the default branch'); + if (settings.sshKey) { + settings.ref = yield git.getDefaultBranch(repositoryUrl); + } + else { + settings.ref = yield githubApiHelper.getDefaultBranch(settings.authToken, settings.repositoryOwner, settings.repositoryName, settings.githubServerUrl); + } + core.endGroup(); + } + // LFS install + if (settings.lfs) { + yield git.lfsInstall(); + } + // Fetch + core.startGroup('Fetching the repository'); + if (settings.fetchDepth <= 0) { + // Fetch all branches and tags + let refSpec = refHelper.getRefSpecForAllHistory(settings.ref, settings.commit); + yield git.fetch(refSpec); + // When all history is fetched, the ref we're interested in may have moved to a different + // commit (push or force push). If so, fetch again with a targeted refspec. + if (!(yield refHelper.testRef(git, settings.ref, settings.commit))) { + refSpec = refHelper.getRefSpec(settings.ref, settings.commit); + yield git.fetch(refSpec); + } + } + else { + const refSpec = refHelper.getRefSpec(settings.ref, settings.commit); + yield git.fetch(refSpec, settings.fetchDepth); + } + core.endGroup(); + // Checkout info + core.startGroup('Determining the checkout info'); + const checkoutInfo = yield refHelper.getCheckoutInfo(git, settings.ref, settings.commit); + core.endGroup(); + // LFS fetch + // Explicit lfs-fetch to avoid slow checkout (fetches one lfs object at a time). + // Explicit lfs fetch will fetch lfs objects in parallel. + if (settings.lfs) { + core.startGroup('Fetching LFS objects'); + yield git.lfsFetch(checkoutInfo.startPoint || checkoutInfo.ref); + core.endGroup(); + } + // Checkout + core.startGroup('Checking out the ref'); + yield git.checkout(checkoutInfo.ref, checkoutInfo.startPoint); + core.endGroup(); + // Submodules + if (settings.submodules) { + // Temporarily override global config + core.startGroup('Setting up auth for fetching submodules'); + yield authHelper.configureGlobalAuth(); + core.endGroup(); + // Checkout submodules + core.startGroup('Fetching submodules'); + yield git.submoduleSync(settings.nestedSubmodules); + yield git.submoduleUpdate(settings.fetchDepth, settings.nestedSubmodules); + yield git.submoduleForeach('git config --local 0', settings.nestedSubmodules); + core.endGroup(); + // Persist credentials + if (settings.persistCredentials) { + core.startGroup('Persisting credentials for submodules'); + yield authHelper.configureSubmoduleAuth(); + core.endGroup(); + } + } + // Get commit information + const commitInfo = yield git.log1(); + // Log commit sha + yield git.log1("--format='%H'"); + // Check for incorrect pull request merge commit + yield refHelper.checkCommitInfo(settings.authToken, commitInfo, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.githubServerUrl); + } + finally { + // Remove auth + if (authHelper) { + if (!settings.persistCredentials) { + core.startGroup('Removing auth'); + yield authHelper.removeAuth(); + core.endGroup(); + } + authHelper.removeGlobalConfig(); + } + } + }); +} +exports.getSource = getSource; +function cleanup(repositoryPath) { + return __awaiter(this, void 0, void 0, function* () { + // Repo exists? + if (!repositoryPath || + !fsHelper.fileExistsSync(path.join(repositoryPath, '.git', 'config'))) { + return; + } + let git; + try { + git = yield gitCommandManager.createCommandManager(repositoryPath, false); + } + catch (_a) { + return; + } + // Remove auth + const authHelper = gitAuthHelper.createAuthHelper(git); + try { + if (stateHelper.PostSetSafeDirectory) { + // Setup the repository path as a safe directory, so if we pass this into a container job with a different user it doesn't fail + // Otherwise all git commands we run in a container fail + yield authHelper.configureTempGlobalConfig(); +`Adding repository directory to the temporary git global config as a safe directory`); + yield git + .config('', repositoryPath, true, true) + .catch(error => { +`Failed to initialize safe directory with error: ${error}`); + }); + } + yield authHelper.removeAuth(); + } + finally { + yield authHelper.removeGlobalConfig(); + } + }); +} +exports.cleanup = cleanup; +function getGitCommandManager(settings) { + return __awaiter(this, void 0, void 0, function* () { +`Working directory is '${settings.repositoryPath}'`); + try { + return yield gitCommandManager.createCommandManager(settings.repositoryPath, settings.lfs); + } + catch (err) { + // Git is required for LFS + if (settings.lfs) { + throw err; + } + // Otherwise fallback to REST API + return undefined; + } + }); +} + + /***/ }), /***/ 854: @@ -31616,14 +32980,6 @@ function registerPlugin(plugins, pluginFunction) { } -/***/ }), - -/***/ 856: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = __webpack_require__(141); - - /***/ }), /***/ 863: @@ -31731,7 +33087,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge Object.defineProperty(exports, "__esModule", { value: true }); const url = __webpack_require__(835); const http = __webpack_require__(605); -const https = __webpack_require__(34); +const https = __webpack_require__(211); const util = __webpack_require__(729); let fs; let tunnel; @@ -32126,7 +33482,7 @@ class HttpClient { if (useProxy) { // If using proxy, need tunnel if (!tunnel) { - tunnel = __webpack_require__(856); + tunnel = __webpack_require__(413); } const agentOptions = { maxSockets: maxSockets, @@ -35904,6 +37260,52 @@ module.exports.sync = (cmd, args, opts) => { module.exports.shellSync = (cmd, opts) => handleShell(module.exports.sync, cmd, opts); +/***/ }), + +/***/ 960: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", { + value: true +}); +exports.default = void 0; + +var _validate = _interopRequireDefault(__webpack_require__(634)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +/** + * Convert array of 16 byte values to UUID string format of the form: + * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX + */ +const byteToHex = []; + +for (let i = 0; i < 256; ++i) { + byteToHex.push((i + 0x100).toString(16).substr(1)); +} + +function stringify(arr, offset = 0) { + // Note: Be careful editing this code! It's been tuned for performance + // and works in ways you may not expect. See + const uuid = (byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]]).toLowerCase(); // Consistency check for valid UUID. If this throws, it's likely due to one + // of the following: + // - One or more input array values don't map to a hex octet (leading to + // "undefined" in the uuid) + // - Invalid input values for the RFC `version` or `variant` fields + + if (!(0, _validate.default)(uuid)) { + throw TypeError('Stringified UUID is invalid'); + } + + return uuid; +} + +var _default = stringify; +exports.default = _default; + /***/ }), /***/ 966: @@ -35911,7 +37313,7 @@ module.exports.shellSync = (cmd, opts) => handleShell(module.exports.sync, cmd, "use strict"; -const {PassThrough} = __webpack_require__(413); +const {PassThrough} = __webpack_require__(794); module.exports = options => { options = Object.assign({}, options); @@ -36325,6 +37727,618 @@ function authenticationRequestError(state, error, options) { } +/***/ }), + +/***/ 993: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + +/* eslint-disable @typescript-eslint/no-explicit-any */ +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" &&, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(; } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.HttpClient = exports.isHttps = exports.HttpClientResponse = exports.HttpClientError = exports.getProxyUrl = exports.MediaTypes = exports.Headers = exports.HttpCodes = void 0; +const http = __importStar(__webpack_require__(605)); +const https = __importStar(__webpack_require__(211)); +const pm = __importStar(__webpack_require__(95)); +const tunnel = __importStar(__webpack_require__(413)); +var HttpCodes; +(function (HttpCodes) { + HttpCodes[HttpCodes["OK"] = 200] = "OK"; + HttpCodes[HttpCodes["MultipleChoices"] = 300] = "MultipleChoices"; + HttpCodes[HttpCodes["MovedPermanently"] = 301] = "MovedPermanently"; + HttpCodes[HttpCodes["ResourceMoved"] = 302] = "ResourceMoved"; + HttpCodes[HttpCodes["SeeOther"] = 303] = "SeeOther"; + HttpCodes[HttpCodes["NotModified"] = 304] = "NotModified"; + HttpCodes[HttpCodes["UseProxy"] = 305] = "UseProxy"; + HttpCodes[HttpCodes["SwitchProxy"] = 306] = "SwitchProxy"; + HttpCodes[HttpCodes["TemporaryRedirect"] = 307] = "TemporaryRedirect"; + HttpCodes[HttpCodes["PermanentRedirect"] = 308] = "PermanentRedirect"; + HttpCodes[HttpCodes["BadRequest"] = 400] = "BadRequest"; + HttpCodes[HttpCodes["Unauthorized"] = 401] = "Unauthorized"; + HttpCodes[HttpCodes["PaymentRequired"] = 402] = "PaymentRequired"; + HttpCodes[HttpCodes["Forbidden"] = 403] = "Forbidden"; + HttpCodes[HttpCodes["NotFound"] = 404] = "NotFound"; + HttpCodes[HttpCodes["MethodNotAllowed"] = 405] = "MethodNotAllowed"; + HttpCodes[HttpCodes["NotAcceptable"] = 406] = "NotAcceptable"; + HttpCodes[HttpCodes["ProxyAuthenticationRequired"] = 407] = "ProxyAuthenticationRequired"; + HttpCodes[HttpCodes["RequestTimeout"] = 408] = "RequestTimeout"; + HttpCodes[HttpCodes["Conflict"] = 409] = "Conflict"; + HttpCodes[HttpCodes["Gone"] = 410] = "Gone"; + HttpCodes[HttpCodes["TooManyRequests"] = 429] = "TooManyRequests"; + HttpCodes[HttpCodes["InternalServerError"] = 500] = "InternalServerError"; + HttpCodes[HttpCodes["NotImplemented"] = 501] = "NotImplemented"; + HttpCodes[HttpCodes["BadGateway"] = 502] = "BadGateway"; + HttpCodes[HttpCodes["ServiceUnavailable"] = 503] = "ServiceUnavailable"; + HttpCodes[HttpCodes["GatewayTimeout"] = 504] = "GatewayTimeout"; +})(HttpCodes = exports.HttpCodes || (exports.HttpCodes = {})); +var Headers; +(function (Headers) { + Headers["Accept"] = "accept"; + Headers["ContentType"] = "content-type"; +})(Headers = exports.Headers || (exports.Headers = {})); +var MediaTypes; +(function (MediaTypes) { + MediaTypes["ApplicationJson"] = "application/json"; +})(MediaTypes = exports.MediaTypes || (exports.MediaTypes = {})); +/** + * Returns the proxy URL, depending upon the supplied url and proxy environment variables. + * @param serverUrl The server URL where the request will be sent. For example, + */ +function getProxyUrl(serverUrl) { + const proxyUrl = pm.getProxyUrl(new URL(serverUrl)); + return proxyUrl ? proxyUrl.href : ''; +} +exports.getProxyUrl = getProxyUrl; +const HttpRedirectCodes = [ + HttpCodes.MovedPermanently, + HttpCodes.ResourceMoved, + HttpCodes.SeeOther, + HttpCodes.TemporaryRedirect, + HttpCodes.PermanentRedirect +]; +const HttpResponseRetryCodes = [ + HttpCodes.BadGateway, + HttpCodes.ServiceUnavailable, + HttpCodes.GatewayTimeout +]; +const RetryableHttpVerbs = ['OPTIONS', 'GET', 'DELETE', 'HEAD']; +const ExponentialBackoffCeiling = 10; +const ExponentialBackoffTimeSlice = 5; +class HttpClientError extends Error { + constructor(message, statusCode) { + super(message); + = 'HttpClientError'; + this.statusCode = statusCode; + Object.setPrototypeOf(this, HttpClientError.prototype); + } +} +exports.HttpClientError = HttpClientError; +class HttpClientResponse { + constructor(message) { + this.message = message; + } + readBody() { + return __awaiter(this, void 0, void 0, function* () { + return new Promise((resolve) => __awaiter(this, void 0, void 0, function* () { + let output = Buffer.alloc(0); + this.message.on('data', (chunk) => { + output = Buffer.concat([output, chunk]); + }); + this.message.on('end', () => { + resolve(output.toString()); + }); + })); + }); + } +} +exports.HttpClientResponse = HttpClientResponse; +function isHttps(requestUrl) { + const parsedUrl = new URL(requestUrl); + return parsedUrl.protocol === 'https:'; +} +exports.isHttps = isHttps; +class HttpClient { + constructor(userAgent, handlers, requestOptions) { + this._ignoreSslError = false; + this._allowRedirects = true; + this._allowRedirectDowngrade = false; + this._maxRedirects = 50; + this._allowRetries = false; + this._maxRetries = 1; + this._keepAlive = false; + this._disposed = false; + this.userAgent = userAgent; + this.handlers = handlers || []; + this.requestOptions = requestOptions; + if (requestOptions) { + if (requestOptions.ignoreSslError != null) { + this._ignoreSslError = requestOptions.ignoreSslError; + } + this._socketTimeout = requestOptions.socketTimeout; + if (requestOptions.allowRedirects != null) { + this._allowRedirects = requestOptions.allowRedirects; + } + if (requestOptions.allowRedirectDowngrade != null) { + this._allowRedirectDowngrade = requestOptions.allowRedirectDowngrade; + } + if (requestOptions.maxRedirects != null) { + this._maxRedirects = Math.max(requestOptions.maxRedirects, 0); + } + if (requestOptions.keepAlive != null) { + this._keepAlive = requestOptions.keepAlive; + } + if (requestOptions.allowRetries != null) { + this._allowRetries = requestOptions.allowRetries; + } + if (requestOptions.maxRetries != null) { + this._maxRetries = requestOptions.maxRetries; + } + } + } + options(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('OPTIONS', requestUrl, null, additionalHeaders || {}); + }); + } + get(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('GET', requestUrl, null, additionalHeaders || {}); + }); + } + del(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('DELETE', requestUrl, null, additionalHeaders || {}); + }); + } + post(requestUrl, data, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('POST', requestUrl, data, additionalHeaders || {}); + }); + } + patch(requestUrl, data, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('PATCH', requestUrl, data, additionalHeaders || {}); + }); + } + put(requestUrl, data, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('PUT', requestUrl, data, additionalHeaders || {}); + }); + } + head(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('HEAD', requestUrl, null, additionalHeaders || {}); + }); + } + sendStream(verb, requestUrl, stream, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request(verb, requestUrl, stream, additionalHeaders); + }); + } + /** + * Gets a typed object from an endpoint + * Be aware that not found returns a null. Other errors (4xx, 5xx) reject the promise + */ + getJson(requestUrl, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + const res = yield this.get(requestUrl, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + postJson(requestUrl, obj, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + const data = JSON.stringify(obj, null, 2); + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + const res = yield, data, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + putJson(requestUrl, obj, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + const data = JSON.stringify(obj, null, 2); + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + const res = yield this.put(requestUrl, data, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + patchJson(requestUrl, obj, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + const data = JSON.stringify(obj, null, 2); + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + const res = yield this.patch(requestUrl, data, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + /** + * Makes a raw http request. + * All other methods such as get, post, patch, and request ultimately call this. + * Prefer get, del, post and patch + */ + request(verb, requestUrl, data, headers) { + return __awaiter(this, void 0, void 0, function* () { + if (this._disposed) { + throw new Error('Client has already been disposed.'); + } + const parsedUrl = new URL(requestUrl); + let info = this._prepareRequest(verb, parsedUrl, headers); + // Only perform retries on reads since writes may not be idempotent. + const maxTries = this._allowRetries && RetryableHttpVerbs.includes(verb) + ? this._maxRetries + 1 + : 1; + let numTries = 0; + let response; + do { + response = yield this.requestRaw(info, data); + // Check if it's an authentication challenge + if (response && + response.message && + response.message.statusCode === HttpCodes.Unauthorized) { + let authenticationHandler; + for (const handler of this.handlers) { + if (handler.canHandleAuthentication(response)) { + authenticationHandler = handler; + break; + } + } + if (authenticationHandler) { + return authenticationHandler.handleAuthentication(this, info, data); + } + else { + // We have received an unauthorized response but have no handlers to handle it. + // Let the response return to the caller. + return response; + } + } + let redirectsRemaining = this._maxRedirects; + while (response.message.statusCode && + HttpRedirectCodes.includes(response.message.statusCode) && + this._allowRedirects && + redirectsRemaining > 0) { + const redirectUrl = response.message.headers['location']; + if (!redirectUrl) { + // if there's no location to redirect to, we won't + break; + } + const parsedRedirectUrl = new URL(redirectUrl); + if (parsedUrl.protocol === 'https:' && + parsedUrl.protocol !== parsedRedirectUrl.protocol && + !this._allowRedirectDowngrade) { + throw new Error('Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.'); + } + // we need to finish reading the response before reassigning response + // which will leak the open socket. + yield response.readBody(); + // strip authorization header if redirected to a different hostname + if (parsedRedirectUrl.hostname !== parsedUrl.hostname) { + for (const header in headers) { + // header names are case insensitive + if (header.toLowerCase() === 'authorization') { + delete headers[header]; + } + } + } + // let's make the request with the new redirectUrl + info = this._prepareRequest(verb, parsedRedirectUrl, headers); + response = yield this.requestRaw(info, data); + redirectsRemaining--; + } + if (!response.message.statusCode || + !HttpResponseRetryCodes.includes(response.message.statusCode)) { + // If not a retry code, return immediately instead of retrying + return response; + } + numTries += 1; + if (numTries < maxTries) { + yield response.readBody(); + yield this._performExponentialBackoff(numTries); + } + } while (numTries < maxTries); + return response; + }); + } + /** + * Needs to be called if keepAlive is set to true in request options. + */ + dispose() { + if (this._agent) { + this._agent.destroy(); + } + this._disposed = true; + } + /** + * Raw request. + * @param info + * @param data + */ + requestRaw(info, data) { + return __awaiter(this, void 0, void 0, function* () { + return new Promise((resolve, reject) => { + function callbackForResult(err, res) { + if (err) { + reject(err); + } + else if (!res) { + // If `err` is not passed, then `res` must be passed. + reject(new Error('Unknown error')); + } + else { + resolve(res); + } + } + this.requestRawWithCallback(info, data, callbackForResult); + }); + }); + } + /** + * Raw request with callback. + * @param info + * @param data + * @param onResult + */ + requestRawWithCallback(info, data, onResult) { + if (typeof data === 'string') { + if (!info.options.headers) { + info.options.headers = {}; + } + info.options.headers['Content-Length'] = Buffer.byteLength(data, 'utf8'); + } + let callbackCalled = false; + function handleResult(err, res) { + if (!callbackCalled) { + callbackCalled = true; + onResult(err, res); + } + } + const req = info.httpModule.request(info.options, (msg) => { + const res = new HttpClientResponse(msg); + handleResult(undefined, res); + }); + let socket; + req.on('socket', sock => { + socket = sock; + }); + // If we ever get disconnected, we want the socket to timeout eventually + req.setTimeout(this._socketTimeout || 3 * 60000, () => { + if (socket) { + socket.end(); + } + handleResult(new Error(`Request timeout: ${info.options.path}`)); + }); + req.on('error', function (err) { + // err has statusCode property + // res should have headers + handleResult(err); + }); + if (data && typeof data === 'string') { + req.write(data, 'utf8'); + } + if (data && typeof data !== 'string') { + data.on('close', function () { + req.end(); + }); + data.pipe(req); + } + else { + req.end(); + } + } + /** + * Gets an http agent. This function is useful when you need an http agent that handles + * routing through a proxy server - depending upon the url and proxy environment variables. + * @param serverUrl The server URL where the request will be sent. For example, + */ + getAgent(serverUrl) { + const parsedUrl = new URL(serverUrl); + return this._getAgent(parsedUrl); + } + _prepareRequest(method, requestUrl, headers) { + const info = {}; + info.parsedUrl = requestUrl; + const usingSsl = info.parsedUrl.protocol === 'https:'; + info.httpModule = usingSsl ? https : http; + const defaultPort = usingSsl ? 443 : 80; + info.options = {}; + = info.parsedUrl.hostname; + info.options.port = info.parsedUrl.port + ? parseInt(info.parsedUrl.port) + : defaultPort; + info.options.path = + (info.parsedUrl.pathname || '') + ( || ''); + info.options.method = method; + info.options.headers = this._mergeHeaders(headers); + if (this.userAgent != null) { + info.options.headers['user-agent'] = this.userAgent; + } + info.options.agent = this._getAgent(info.parsedUrl); + // gives handlers an opportunity to participate + if (this.handlers) { + for (const handler of this.handlers) { + handler.prepareRequest(info.options); + } + } + return info; + } + _mergeHeaders(headers) { + if (this.requestOptions && this.requestOptions.headers) { + return Object.assign({}, lowercaseKeys(this.requestOptions.headers), lowercaseKeys(headers || {})); + } + return lowercaseKeys(headers || {}); + } + _getExistingOrDefaultHeader(additionalHeaders, header, _default) { + let clientHeader; + if (this.requestOptions && this.requestOptions.headers) { + clientHeader = lowercaseKeys(this.requestOptions.headers)[header]; + } + return additionalHeaders[header] || clientHeader || _default; + } + _getAgent(parsedUrl) { + let agent; + const proxyUrl = pm.getProxyUrl(parsedUrl); + const useProxy = proxyUrl && proxyUrl.hostname; + if (this._keepAlive && useProxy) { + agent = this._proxyAgent; + } + if (this._keepAlive && !useProxy) { + agent = this._agent; + } + // if agent is already assigned use that agent. + if (agent) { + return agent; + } + const usingSsl = parsedUrl.protocol === 'https:'; + let maxSockets = 100; + if (this.requestOptions) { + maxSockets = this.requestOptions.maxSockets || http.globalAgent.maxSockets; + } + // This is `useProxy` again, but we need to check `proxyURl` directly for TypeScripts's flow analysis. + if (proxyUrl && proxyUrl.hostname) { + const agentOptions = { + maxSockets, + keepAlive: this._keepAlive, + proxy: Object.assign(Object.assign({}, ((proxyUrl.username || proxyUrl.password) && { + proxyAuth: `${proxyUrl.username}:${proxyUrl.password}` + })), { host: proxyUrl.hostname, port: proxyUrl.port }) + }; + let tunnelAgent; + const overHttps = proxyUrl.protocol === 'https:'; + if (usingSsl) { + tunnelAgent = overHttps ? tunnel.httpsOverHttps : tunnel.httpsOverHttp; + } + else { + tunnelAgent = overHttps ? tunnel.httpOverHttps : tunnel.httpOverHttp; + } + agent = tunnelAgent(agentOptions); + this._proxyAgent = agent; + } + // if reusing agent across request and tunneling agent isn't assigned create a new agent + if (this._keepAlive && !agent) { + const options = { keepAlive: this._keepAlive, maxSockets }; + agent = usingSsl ? new https.Agent(options) : new http.Agent(options); + this._agent = agent; + } + // if not using private agent and tunnel agent isn't setup then use global agent + if (!agent) { + agent = usingSsl ? https.globalAgent : http.globalAgent; + } + if (usingSsl && this._ignoreSslError) { + // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process + // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options + // we have to cast it to any and change it directly + agent.options = Object.assign(agent.options || {}, { + rejectUnauthorized: false + }); + } + return agent; + } + _performExponentialBackoff(retryNumber) { + return __awaiter(this, void 0, void 0, function* () { + retryNumber = Math.min(ExponentialBackoffCeiling, retryNumber); + const ms = ExponentialBackoffTimeSlice * Math.pow(2, retryNumber); + return new Promise(resolve => setTimeout(() => resolve(), ms)); + }); + } + _processResponse(res, options) { + return __awaiter(this, void 0, void 0, function* () { + return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () { + const statusCode = res.message.statusCode || 0; + const response = { + statusCode, + result: null, + headers: {} + }; + // not found leads to null obj returned + if (statusCode === HttpCodes.NotFound) { + resolve(response); + } + // get the result from the body + function dateTimeDeserializer(key, value) { + if (typeof value === 'string') { + const a = new Date(value); + if (!isNaN(a.valueOf())) { + return a; + } + } + return value; + } + let obj; + let contents; + try { + contents = yield res.readBody(); + if (contents && contents.length > 0) { + if (options && options.deserializeDates) { + obj = JSON.parse(contents, dateTimeDeserializer); + } + else { + obj = JSON.parse(contents); + } + response.result = obj; + } + response.headers = res.message.headers; + } + catch (err) { + // Invalid resource (contents not json); leaving result obj null + } + // note that 3xx redirects are handled by the http layer. + if (statusCode > 299) { + let msg; + // if exception/error in body, attempt to get better error + if (obj && obj.message) { + msg = obj.message; + } + else if (contents && contents.length > 0) { + // it may be the case that the exception is in the body message as string + msg = contents; + } + else { + msg = `Failed request: (${statusCode})`; + } + const err = new HttpClientError(msg, statusCode); + err.result = response.result; + reject(err); + } + else { + resolve(response); + } + })); + }); + } +} +exports.HttpClient = HttpClient; +const lowercaseKeys = (obj) => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {}); +//# + /***/ }) /******/ }); \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 5269d6f..8337c2b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5,9 +5,28 @@ "requires": true, "dependencies": { "@actions/core": { - "version": "1.2.6", - "resolved": "", - "integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA==" + "version": "1.10.0", + "resolved": "", + "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==", + "requires": { + "@actions/http-client": "^2.0.1", + "uuid": "^8.3.2" + }, + "dependencies": { + "@actions/http-client": { + "version": "2.0.1", + "resolved": "", + "integrity": "sha512-PIXiMVtz6VvyaRsGY268qvj57hXQEpsYogYOu2nrQhlf+XCGmZstmuZBbAybUl1nQGnvS1k1eEsQ69ZoD7xlSw==", + "requires": { + "tunnel": "^0.0.6" + } + }, + "uuid": { + "version": "8.3.2", + "resolved": "", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==" + } + } }, "@actions/exec": { "version": "1.0.1", diff --git a/package.json b/package.json index 823ff58..0ffc484 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ }, "homepage": "", "dependencies": { - "@actions/core": "^1.2.6", + "@actions/core": "^1.10.0", "@actions/exec": "^1.0.1", "@actions/github": "^2.2.0", "@actions/io": "^1.0.1", diff --git a/src/state-helper.ts b/src/state-helper.ts index 2db79f9..fab9b60 100644 --- a/src/state-helper.ts +++ b/src/state-helper.ts @@ -1,71 +1,60 @@ -import * as coreCommand from '@actions/core/lib/command' +import * as core from '@actions/core' /** * Indicates whether the POST action is running */ -export const IsPost = !!process.env['STATE_isPost'] +export const IsPost = !!core.getState('isPost') /** * The repository path for the POST action. The value is empty during the MAIN action. */ -export const RepositoryPath = - (process.env['STATE_repositoryPath'] as string) || '' +export const RepositoryPath = core.getState('repositoryPath') /** * The set-safe-directory for the POST action. The value is set if input: 'safe-directory' is set during the MAIN action. */ -export const PostSetSafeDirectory = - (process.env['STATE_setSafeDirectory'] as string) === 'true' +export const PostSetSafeDirectory = core.getState('setSafeDirectory') === 'true' /** * The SSH key path for the POST action. The value is empty during the MAIN action. */ -export const SshKeyPath = (process.env['STATE_sshKeyPath'] as string) || '' +export const SshKeyPath = core.getState('sshKeyPath') /** * The SSH known hosts path for the POST action. The value is empty during the MAIN action. */ -export const SshKnownHostsPath = - (process.env['STATE_sshKnownHostsPath'] as string) || '' +export const SshKnownHostsPath = core.getState('sshKnownHostsPath') /** * Save the repository path so the POST action can retrieve the value. */ export function setRepositoryPath(repositoryPath: string) { - coreCommand.issueCommand( - 'save-state', - {name: 'repositoryPath'}, - repositoryPath - ) + core.saveState('repositoryPath', repositoryPath) } /** * Save the SSH key path so the POST action can retrieve the value. */ export function setSshKeyPath(sshKeyPath: string) { - coreCommand.issueCommand('save-state', {name: 'sshKeyPath'}, sshKeyPath) + core.saveState('sshKeyPath', sshKeyPath) } /** * Save the SSH known hosts path so the POST action can retrieve the value. */ export function setSshKnownHostsPath(sshKnownHostsPath: string) { - coreCommand.issueCommand( - 'save-state', - {name: 'sshKnownHostsPath'}, - sshKnownHostsPath - ) + core.saveState('sshKnownHostsPath', sshKnownHostsPath) } /** * Save the sef-safe-directory input so the POST action can retrieve the value. */ export function setSafeDirectory() { - coreCommand.issueCommand('save-state', {name: 'setSafeDirectory'}, 'true') + core.saveState('setSafeDirectory', 'true') } // Publish a variable so that when the POST action runs, it can determine it should run the cleanup logic. // This is necessary since we don't have a separate entry point. if (!IsPost) { - coreCommand.issueCommand('save-state', {name: 'isPost'}, 'true') + core.saveState('isPost', 'true') } From 93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 Mon Sep 17 00:00:00 2001 From: Francesco Renzi Date: Tue, 4 Oct 2022 10:37:06 +0100 Subject: [PATCH 12/13] Prepare release v3.1.0 (#940) * Prepare changelog for v3.1.0 * Bump package --- | 4 ++++ package-lock.json | 2 +- package.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/ b/ index 230623b..035b61d 100644 --- a/ +++ b/ @@ -1,5 +1,9 @@ # Changelog +## v3.1.0 +- [Use @actions/core `saveState` and `getState`]( +- [Add `github-server-url` input]( + ## v3.0.2 - [Add input `set-safe-directory`]( diff --git a/package-lock.json b/package-lock.json index 8337c2b..2870934 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "checkout", - "version": "2.0.2", + "version": "3.1.0", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index 0ffc484..d305679 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "checkout", - "version": "2.0.2", + "version": "3.1.0", "description": "checkout action", "main": "lib/main.js", "scripts": { From 8230315d06ad95c617244d2f265d237a1682d445 Mon Sep 17 00:00:00 2001 From: Francesco Renzi Date: Tue, 4 Oct 2022 13:44:41 +0100 Subject: [PATCH 13/13] Add workflow to update a main version (#942) * Add workflow to update a main version * New line --- .github/workflows/update-main-version.yml | 30 +++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/update-main-version.yml diff --git a/.github/workflows/update-main-version.yml b/.github/workflows/update-main-version.yml new file mode 100644 index 0000000..c1e046a --- /dev/null +++ b/.github/workflows/update-main-version.yml @@ -0,0 +1,30 @@ +name: Update Main Version +run-name: Move ${{ github.event.inputs.main_version }} to ${{ }} + +on: + workflow_dispatch: + inputs: + target: + description: The tag or reference to use + required: true + main_version: + type: choice + description: The main version to update + options: + - v3 + +jobs: + tag: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Git config + run: | + git config github-actions + git config + - name: Tag new target + run: git tag -f ${{ github.event.inputs.main_version }} ${{ }} + - name: Push new tag + run: git push origin ${{ github.event.inputs.main_version }} --force