Skip to content

Commit bd54395

Browse files
gilbertsoftgilbertsoft
committed
[TASK] Bump security related packages
1 parent 373121b commit bd54395

File tree

3 files changed

+6657
-3256
lines changed

3 files changed

+6657
-3256
lines changed

dist/index.js

Lines changed: 135 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -2979,6 +2979,25 @@ module.exports = require("child_process");
29792979
* For the full license information, please read the LICENSE file that
29802980
* was distributed with this source code.
29812981
*/
2982+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
2983+
if (k2 === undefined) k2 = k;
2984+
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
2985+
}) : (function(o, m, k, k2) {
2986+
if (k2 === undefined) k2 = k;
2987+
o[k2] = m[k];
2988+
}));
2989+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
2990+
Object.defineProperty(o, "default", { enumerable: true, value: v });
2991+
}) : function(o, v) {
2992+
o["default"] = v;
2993+
});
2994+
var __importStar = (this && this.__importStar) || function (mod) {
2995+
if (mod && mod.__esModule) return mod;
2996+
var result = {};
2997+
if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
2998+
__setModuleDefault(result, mod);
2999+
return result;
3000+
};
29823001
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
29833002
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
29843003
return new (P || (P = Promise))(function (resolve, reject) {
@@ -2988,14 +3007,8 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
29883007
step((generator = generator.apply(thisArg, _arguments || [])).next());
29893008
});
29903009
};
2991-
var __importStar = (this && this.__importStar) || function (mod) {
2992-
if (mod && mod.__esModule) return mod;
2993-
var result = {};
2994-
if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
2995-
result["default"] = mod;
2996-
return result;
2997-
};
29983010
Object.defineProperty(exports, "__esModule", { value: true });
3011+
exports.checkCommitMessages = void 0;
29993012
/**
30003013
* Imports
30013014
*/
@@ -3311,6 +3324,25 @@ function checkMode (stat, options) {
33113324
* For the full license information, please read the LICENSE file that
33123325
* was distributed with this source code.
33133326
*/
3327+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3328+
if (k2 === undefined) k2 = k;
3329+
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
3330+
}) : (function(o, m, k, k2) {
3331+
if (k2 === undefined) k2 = k;
3332+
o[k2] = m[k];
3333+
}));
3334+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
3335+
Object.defineProperty(o, "default", { enumerable: true, value: v });
3336+
}) : function(o, v) {
3337+
o["default"] = v;
3338+
});
3339+
var __importStar = (this && this.__importStar) || function (mod) {
3340+
if (mod && mod.__esModule) return mod;
3341+
var result = {};
3342+
if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
3343+
__setModuleDefault(result, mod);
3344+
return result;
3345+
};
33143346
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
33153347
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
33163348
return new (P || (P = Promise))(function (resolve, reject) {
@@ -3320,13 +3352,6 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
33203352
step((generator = generator.apply(thisArg, _arguments || [])).next());
33213353
});
33223354
};
3323-
var __importStar = (this && this.__importStar) || function (mod) {
3324-
if (mod && mod.__esModule) return mod;
3325-
var result = {};
3326-
if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
3327-
result["default"] = mod;
3328-
return result;
3329-
};
33303355
Object.defineProperty(exports, "__esModule", { value: true });
33313356
/**
33323357
* Imports
@@ -6543,17 +6568,24 @@ function octokitValidate(octokit) {
65436568

65446569
"use strict";
65456570

6571+
var __importStar = (this && this.__importStar) || function (mod) {
6572+
if (mod && mod.__esModule) return mod;
6573+
var result = {};
6574+
if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
6575+
result["default"] = mod;
6576+
return result;
6577+
};
65466578
Object.defineProperty(exports, "__esModule", { value: true });
6547-
const os = __webpack_require__(87);
6579+
const os = __importStar(__webpack_require__(87));
65486580
/**
65496581
* Commands
65506582
*
65516583
* Command Format:
6552-
* ##[name key=value;key=value]message
6584+
* ::name key=value,key=value::message
65536585
*
65546586
* Examples:
6555-
* ##[warning]This is the user warning message
6556-
* ##[set-secret name=mypassword]definitelyNotAPassword!
6587+
* ::warning::This is the message
6588+
* ::set-env name=MY_VAR::some value
65576589
*/
65586590
function issueCommand(command, properties, message) {
65596591
const cmd = new Command(command, properties, message);
@@ -6578,34 +6610,53 @@ class Command {
65786610
let cmdStr = CMD_STRING + this.command;
65796611
if (this.properties && Object.keys(this.properties).length > 0) {
65806612
cmdStr += ' ';
6613+
let first = true;
65816614
for (const key in this.properties) {
65826615
if (this.properties.hasOwnProperty(key)) {
65836616
const val = this.properties[key];
65846617
if (val) {
6585-
// safely append the val - avoid blowing up when attempting to
6586-
// call .replace() if message is not a string for some reason
6587-
cmdStr += `${key}=${escape(`${val || ''}`)},`;
6618+
if (first) {
6619+
first = false;
6620+
}
6621+
else {
6622+
cmdStr += ',';
6623+
}
6624+
cmdStr += `${key}=${escapeProperty(val)}`;
65886625
}
65896626
}
65906627
}
65916628
}
6592-
cmdStr += CMD_STRING;
6593-
// safely append the message - avoid blowing up when attempting to
6594-
// call .replace() if message is not a string for some reason
6595-
const message = `${this.message || ''}`;
6596-
cmdStr += escapeData(message);
6629+
cmdStr += `${CMD_STRING}${escapeData(this.message)}`;
65976630
return cmdStr;
65986631
}
65996632
}
6633+
/**
6634+
* Sanitizes an input into a string so it can be passed into issueCommand safely
6635+
* @param input input to sanitize into a string
6636+
*/
6637+
function toCommandValue(input) {
6638+
if (input === null || input === undefined) {
6639+
return '';
6640+
}
6641+
else if (typeof input === 'string' || input instanceof String) {
6642+
return input;
6643+
}
6644+
return JSON.stringify(input);
6645+
}
6646+
exports.toCommandValue = toCommandValue;
66006647
function escapeData(s) {
6601-
return s.replace(/\r/g, '%0D').replace(/\n/g, '%0A');
6648+
return toCommandValue(s)
6649+
.replace(/%/g, '%25')
6650+
.replace(/\r/g, '%0D')
6651+
.replace(/\n/g, '%0A');
66026652
}
6603-
function escape(s) {
6604-
return s
6653+
function escapeProperty(s) {
6654+
return toCommandValue(s)
6655+
.replace(/%/g, '%25')
66056656
.replace(/\r/g, '%0D')
66066657
.replace(/\n/g, '%0A')
6607-
.replace(/]/g, '%5D')
6608-
.replace(/;/g, '%3B');
6658+
.replace(/:/g, '%3A')
6659+
.replace(/,/g, '%2C');
66096660
}
66106661
//# sourceMappingURL=command.js.map
66116662

@@ -6866,10 +6917,17 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
68666917
step((generator = generator.apply(thisArg, _arguments || [])).next());
68676918
});
68686919
};
6920+
var __importStar = (this && this.__importStar) || function (mod) {
6921+
if (mod && mod.__esModule) return mod;
6922+
var result = {};
6923+
if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
6924+
result["default"] = mod;
6925+
return result;
6926+
};
68696927
Object.defineProperty(exports, "__esModule", { value: true });
68706928
const command_1 = __webpack_require__(431);
6871-
const os = __webpack_require__(87);
6872-
const path = __webpack_require__(622);
6929+
const os = __importStar(__webpack_require__(87));
6930+
const path = __importStar(__webpack_require__(622));
68736931
/**
68746932
* The code to exit an action
68756933
*/
@@ -6890,11 +6948,13 @@ var ExitCode;
68906948
/**
68916949
* Sets env variable for this action and future actions in the job
68926950
* @param name the name of the variable to set
6893-
* @param val the value of the variable
6951+
* @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify
68946952
*/
6953+
// eslint-disable-next-line @typescript-eslint/no-explicit-any
68956954
function exportVariable(name, val) {
6896-
process.env[name] = val;
6897-
command_1.issueCommand('set-env', { name }, val);
6955+
const convertedVal = command_1.toCommandValue(val);
6956+
process.env[name] = convertedVal;
6957+
command_1.issueCommand('set-env', { name }, convertedVal);
68986958
}
68996959
exports.exportVariable = exportVariable;
69006960
/**
@@ -6933,12 +6993,22 @@ exports.getInput = getInput;
69336993
* Sets the value of an output.
69346994
*
69356995
* @param name name of the output to set
6936-
* @param value value to store
6996+
* @param value value to store. Non-string values will be converted to a string via JSON.stringify
69376997
*/
6998+
// eslint-disable-next-line @typescript-eslint/no-explicit-any
69386999
function setOutput(name, value) {
69397000
command_1.issueCommand('set-output', { name }, value);
69407001
}
69417002
exports.setOutput = setOutput;
7003+
/**
7004+
* Enables or disables the echoing of commands into stdout for the rest of the step.
7005+
* Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set.
7006+
*
7007+
*/
7008+
function setCommandEcho(enabled) {
7009+
command_1.issue('echo', enabled ? 'on' : 'off');
7010+
}
7011+
exports.setCommandEcho = setCommandEcho;
69427012
//-----------------------------------------------------------------------
69437013
// Results
69447014
//-----------------------------------------------------------------------
@@ -6955,6 +7025,13 @@ exports.setFailed = setFailed;
69557025
//-----------------------------------------------------------------------
69567026
// Logging Commands
69577027
//-----------------------------------------------------------------------
7028+
/**
7029+
* Gets whether Actions Step Debug is on or not
7030+
*/
7031+
function isDebug() {
7032+
return process.env['RUNNER_DEBUG'] === '1';
7033+
}
7034+
exports.isDebug = isDebug;
69587035
/**
69597036
* Writes debug message to user log
69607037
* @param message debug message
@@ -6965,18 +7042,18 @@ function debug(message) {
69657042
exports.debug = debug;
69667043
/**
69677044
* Adds an error issue
6968-
* @param message error issue message
7045+
* @param message error issue message. Errors will be converted to string via toString()
69697046
*/
69707047
function error(message) {
6971-
command_1.issue('error', message);
7048+
command_1.issue('error', message instanceof Error ? message.toString() : message);
69727049
}
69737050
exports.error = error;
69747051
/**
69757052
* Adds an warning issue
6976-
* @param message warning issue message
7053+
* @param message warning issue message. Errors will be converted to string via toString()
69777054
*/
69787055
function warning(message) {
6979-
command_1.issue('warning', message);
7056+
command_1.issue('warning', message instanceof Error ? message.toString() : message);
69807057
}
69817058
exports.warning = warning;
69827059
/**
@@ -7034,8 +7111,9 @@ exports.group = group;
70347111
* Saves state for current action, the state can only be retrieved by this action's post job execution.
70357112
*
70367113
* @param name name of the state to store
7037-
* @param value value to store
7114+
* @param value value to store. Non-string values will be converted to a string via JSON.stringify
70387115
*/
7116+
// eslint-disable-next-line @typescript-eslint/no-explicit-any
70397117
function saveState(name, value) {
70407118
command_1.issueCommand('save-state', { name }, value);
70417119
}
@@ -8620,14 +8698,27 @@ function sync (path, options) {
86208698
* For the full license information, please read the LICENSE file that
86218699
* was distributed with this source code.
86228700
*/
8701+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
8702+
if (k2 === undefined) k2 = k;
8703+
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
8704+
}) : (function(o, m, k, k2) {
8705+
if (k2 === undefined) k2 = k;
8706+
o[k2] = m[k];
8707+
}));
8708+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
8709+
Object.defineProperty(o, "default", { enumerable: true, value: v });
8710+
}) : function(o, v) {
8711+
o["default"] = v;
8712+
});
86238713
var __importStar = (this && this.__importStar) || function (mod) {
86248714
if (mod && mod.__esModule) return mod;
86258715
var result = {};
8626-
if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
8627-
result["default"] = mod;
8716+
if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
8717+
__setModuleDefault(result, mod);
86288718
return result;
86298719
};
86308720
Object.defineProperty(exports, "__esModule", { value: true });
8721+
exports.getInputs = void 0;
86318722
/**
86328723
* Imports
86338724
*/

0 commit comments

Comments
 (0)