actions/setup-terraform
1
0
Fork 0
mirror of https://github.com/hashicorp/setup-terraform.git synced 2025-12-16 00:22:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Bump @hashicorp/js-releases from 1.5.0 to 1.5.1 (#166)

Browse source 
* Bump @hashicorp/js-releases from 1.5.0 to 1.5.1

Bumps [@hashicorp/js-releases](https://github.com/hashicorp/js-releases) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/hashicorp/js-releases/releases)
- [Changelog](https://github.com/hashicorp/js-releases/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/js-releases/compare/v1.5.0...v1.5.1)

---
updated-dependencies:
- dependency-name: "@hashicorp/js-releases"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* run build

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Pogran <jpogran@outlook.com>
This commit is contained in:
dependabot[bot] 2022-03-30 12:36:25 -04:00 committed by GitHub
parent d1d9ce119f
commit 299372d977
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 34 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

56
dist/index.js vendored
View file

@ -6495,8 +6495,11 @@ const crypto = __nccwpck_require__(6113);
const fs = __nccwpck_require__(7147);
const openpgp = __nccwpck_require__(7946);
const semver = __nccwpck_require__(2221);
const stream = __nccwpck_require__(2781);
const yauzl = __nccwpck_require__(8781);
const util_1 = __nccwpck_require__(3837);
const utils_1 = __nccwpck_require__(698);
const finished = (0, util_1.promisify)(stream.finished);
const hashiPublicKeyId = '72D7468F';
const hashiPublicKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
@ -6621,7 +6624,7 @@ ZF5q4h4I33PSGDdSvGXn9UMY5Isjpg==
=7pIB
-----END PGP PUBLIC KEY BLOCK-----`;
const releasesUrl = "https://releases.hashicorp.com";
const releasesUrl = 'https://releases.hashicorp.com';
class Release {
constructor(release) {
this.name = release.name;
@ -6629,33 +6632,29 @@ class Release {
this.builds = release.builds;
this.shasums = release.shasums;
if (release.shasums_signatures) {
this.shasums_signature = release.shasums_signatures.find(sig => sig.endsWith(`_SHA256SUMS.${hashiPublicKeyId}.sig`));
this.shasums_signature = release.shasums_signatures.find((sig) => sig.endsWith(`_SHA256SUMS.${hashiPublicKeyId}.sig`));
}
else {
this.shasums_signature = release.shasums_signature;
}
}
getBuild(platform, arch) {
return this.builds.find(b => b.os === platform && b.arch === arch);
return this.builds.find((b) => b.os === platform && b.arch === arch);
}
download(downloadUrl, installPath, identifier) {
const headers = { 'User-Agent': identifier };
return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () {
try {
const result = yield (0, utils_1.request)(downloadUrl, { headers: Object.assign({}, headers), responseType: 'stream' });
result.pipe(fs.createWriteStream(installPath));
resolve();
}
catch (e) {
return reject(e.message);
}
}));
return __awaiter(this, void 0, void 0, function* () {
const headers = { 'User-Agent': identifier };
const writer = fs.createWriteStream(installPath);
const result = yield (0, utils_1.request)(downloadUrl, { headers: Object.assign({}, headers), responseType: 'stream' });
result.pipe(writer);
yield finished(writer);
});
}
verify(pkg, buildName) {
return __awaiter(this, void 0, void 0, function* () {
const [localSum, remoteSum] = yield Promise.all([
this.calculateFileSha256Sum(pkg),
this.downloadSha256Sum(buildName)
this.downloadSha256Sum(buildName),
]);
if (remoteSum !== localSum) {
throw new Error(`Install error: SHA sum for ${buildName} does not match.\n` +
@ -6668,15 +6667,19 @@ class Release {
const hash = crypto.createHash('sha256');
fs.createReadStream(path)
.on('error', reject)
.on('data', data => hash.update(data))
.on('data', (data) => hash.update(data))
.on('end', () => resolve(hash.digest('hex')));
});
}
downloadSha256Sum(buildName) {
return __awaiter(this, void 0, void 0, function* () {
const [shasumsResponse, shasumsSignature] = yield Promise.all([
(0, utils_1.request)(`${releasesUrl}/${this.name}/${this.version}/${this.shasums}`),
(0, utils_1.request)(`${releasesUrl}/${this.name}/${this.version}/${this.shasums_signature}`),
(0, utils_1.request)(`${releasesUrl}/${this.name}/${this.version}/${this.shasums}`, {
responseType: 'text',
}),
(0, utils_1.request)(`${releasesUrl}/${this.name}/${this.version}/${this.shasums_signature}`, {
responseType: 'arraybuffer',
}),
]);
const publicKey = yield openpgp.readKey({ armoredKey: hashiPublicKey });
const signature = yield openpgp.readSignature({ binarySignature: Buffer.from(shasumsSignature, 'hex') });
@ -6684,16 +6687,16 @@ class Release {
const verified = yield openpgp.verify({
message: message,
verificationKeys: publicKey,
signature: signature
signature: signature,
});
if (!verified) {
throw new Error('signature could not be verified');
}
const shasumLine = shasumsResponse.split(`\n`).find(line => line.includes(buildName));
const shasumLine = shasumsResponse.split(`\n`).find((line) => line.includes(buildName));
if (!shasumLine) {
throw new Error(`Install error: no matching SHA sum for ${buildName}`);
}
return shasumLine.split(" ")[0];
return shasumLine.split(' ')[0];
});
}
unpack(directory, pkgName) {
@ -6735,8 +6738,9 @@ function getRelease(product, version, userAgent, includePrerelease) {
const headers = userAgent ? { 'User-Agent': userAgent } : null;
const response = yield (0, utils_1.request)(indexUrl, { headers });
let release;
if (!validVersion) { // pick the latest release (prereleases will be skipped for safety, set an explicit version instead)
const releaseVersions = Object.keys(response.versions).filter(v => !semver.prerelease(v));
if (!validVersion) {
// pick the latest release (prereleases will be skipped for safety, set an explicit version instead)
const releaseVersions = Object.keys(response.versions).filter((v) => !semver.prerelease(v));
version = releaseVersions.sort((a, b) => semver.rcompare(a, b))[0];
release = new Release(response.versions[version]);
}
@ -6756,7 +6760,7 @@ function matchVersion(versions, range, includePrerelease) {
return new Release(versions[version]);
}
else {
throw new Error("No matching version found");
throw new Error('No matching version found');
}
}
//# sourceMappingURL=index.js.map
@ -6781,8 +6785,8 @@ Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.request = void 0;
const axios_1 = __nccwpck_require__(6545);
const ProxyAgent = __nccwpck_require__(7367);
const httpProxy = process.env["HTTP_PROXY"] || process.env["http_proxy"];
const httpsProxy = process.env["HTTPS_PROXY"] || process.env["https_proxy"];
const httpProxy = process.env['HTTP_PROXY'] || process.env['http_proxy'];
const httpsProxy = process.env['HTTPS_PROXY'] || process.env['https_proxy'];
let proxyConf = {};
if (httpProxy || httpsProxy) {
proxyConf = {

6
package-lock.json generated
View file

@ -537,9 +537,9 @@
}
},
"@hashicorp/js-releases": {
"version": "1.5.0",
"resolved": "https://registry.npmjs.org/@hashicorp/js-releases/-/js-releases-1.5.0.tgz",
"integrity": "sha512-gMggGaVIrDAyDiyJKT0A1z0mBYSQ9KROCzObFmqafC/Wqs9RRtxbVBu0jSf4NIGelq+wRaCMT2WCfgxpuzco2w==",
"version": "1.5.1",
"resolved": "https://registry.npmjs.org/@hashicorp/js-releases/-/js-releases-1.5.1.tgz",
"integrity": "sha512-V+7n+1bg1p1OKozsqQDJ00zoh7pHf0tnBF4TAozEGaEU3i9vNFAlKcXqqQQf8cAr+FbpT0C1S4og9h/fRuUh8Q==",
"requires": {
"@types/semver": "^7.3.1",
"axios": "^0.25.0",

2
package.json
View file

@ -23,7 +23,7 @@
"@actions/github": "^5.0.0",
"@actions/io": "^1.1.1",
"@actions/tool-cache": "^1.7.1",
"@hashicorp/js-releases": "^1.5.0"
"@hashicorp/js-releases": "^1.5.1"
},
"devDependencies": {
"@vercel/ncc": "0.33.3",