actions/setup-terraform
1
0
Fork 0
mirror of https://github.com/hashicorp/setup-terraform.git synced 2025-12-16 08:32:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Bump @hashicorp/js-releases from 1.5.0 to 1.5.1 (#166)

Browse source 
* Bump @hashicorp/js-releases from 1.5.0 to 1.5.1

Bumps [@hashicorp/js-releases](https://github.com/hashicorp/js-releases) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/hashicorp/js-releases/releases)
- [Changelog](https://github.com/hashicorp/js-releases/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/js-releases/compare/v1.5.0...v1.5.1)

---
updated-dependencies:
- dependency-name: "@hashicorp/js-releases"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* run build

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Pogran <jpogran@outlook.com>
This commit is contained in:
dependabot[bot] 2022-03-30 12:36:25 -04:00 committed by GitHub
parent d1d9ce119f
commit 299372d977
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 34 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

56
dist/index.js vendored
View file

@ -6495,8 +6495,11 @@ const crypto = __nccwpck_require__(6113);
const fs = __nccwpck_require__(7147); const fs = __nccwpck_require__(7147);
const openpgp = __nccwpck_require__(7946); const openpgp = __nccwpck_require__(7946);
const semver = __nccwpck_require__(2221); const semver = __nccwpck_require__(2221);
const stream = __nccwpck_require__(2781);
const yauzl = __nccwpck_require__(8781); const yauzl = __nccwpck_require__(8781);
const util_1 = __nccwpck_require__(3837);
const utils_1 = __nccwpck_require__(698); const utils_1 = __nccwpck_require__(698);
const finished = (0, util_1.promisify)(stream.finished);
const hashiPublicKeyId = '72D7468F'; const hashiPublicKeyId = '72D7468F';
const hashiPublicKey = `-----BEGIN PGP PUBLIC KEY BLOCK----- const hashiPublicKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
@ -6621,7 +6624,7 @@ ZF5q4h4I33PSGDdSvGXn9UMY5Isjpg==
=7pIB =7pIB
-----END PGP PUBLIC KEY BLOCK-----`; -----END PGP PUBLIC KEY BLOCK-----`;
const releasesUrl = "https://releases.hashicorp.com"; const releasesUrl = 'https://releases.hashicorp.com';
class Release { class Release {
constructor(release) { constructor(release) {
this.name = release.name; this.name = release.name;
@ -6629,33 +6632,29 @@ class Release {
this.builds = release.builds; this.builds = release.builds;
this.shasums = release.shasums; this.shasums = release.shasums;
if (release.shasums_signatures) { if (release.shasums_signatures) {
this.shasums_signature = release.shasums_signatures.find(sig => sig.endsWith(`_SHA256SUMS.${hashiPublicKeyId}.sig`)); this.shasums_signature = release.shasums_signatures.find((sig) => sig.endsWith(`_SHA256SUMS.${hashiPublicKeyId}.sig`));
} }
else { else {
this.shasums_signature = release.shasums_signature; this.shasums_signature = release.shasums_signature;
} }
} }
getBuild(platform, arch) { getBuild(platform, arch) {
return this.builds.find(b => b.os === platform && b.arch === arch); return this.builds.find((b) => b.os === platform && b.arch === arch);
} }
download(downloadUrl, installPath, identifier) { download(downloadUrl, installPath, identifier) {
const headers = { 'User-Agent': identifier }; return __awaiter(this, void 0, void 0, function* () {
return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () { const headers = { 'User-Agent': identifier };
try { const writer = fs.createWriteStream(installPath);
const result = yield (0, utils_1.request)(downloadUrl, { headers: Object.assign({}, headers), responseType: 'stream' }); const result = yield (0, utils_1.request)(downloadUrl, { headers: Object.assign({}, headers), responseType: 'stream' });
result.pipe(fs.createWriteStream(installPath)); result.pipe(writer);
resolve(); yield finished(writer);
} });
catch (e) {
return reject(e.message);
}
}));
} }
verify(pkg, buildName) { verify(pkg, buildName) {
return __awaiter(this, void 0, void 0, function* () { return __awaiter(this, void 0, void 0, function* () {
const [localSum, remoteSum] = yield Promise.all([ const [localSum, remoteSum] = yield Promise.all([
this.calculateFileSha256Sum(pkg), this.calculateFileSha256Sum(pkg),
this.downloadSha256Sum(buildName) this.downloadSha256Sum(buildName),
]); ]);
if (remoteSum !== localSum) { if (remoteSum !== localSum) {
throw new Error(`Install error: SHA sum for ${buildName} does not match.\n` + throw new Error(`Install error: SHA sum for ${buildName} does not match.\n` +
@ -6668,15 +6667,19 @@ class Release {
const hash = crypto.createHash('sha256'); const hash = crypto.createHash('sha256');
fs.createReadStream(path) fs.createReadStream(path)
.on('error', reject) .on('error', reject)
.on('data', data => hash.update(data)) .on('data', (data) => hash.update(data))
.on('end', () => resolve(hash.digest('hex'))); .on('end', () => resolve(hash.digest('hex')));
}); });
} }
downloadSha256Sum(buildName) { downloadSha256Sum(buildName) {
return __awaiter(this, void 0, void 0, function* () { return __awaiter(this, void 0, void 0, function* () {
const [shasumsResponse, shasumsSignature] = yield Promise.all([ const [shasumsResponse, shasumsSignature] = yield Promise.all([
(0, utils_1.request)(`${releasesUrl}/${this.name}/${this.version}/${this.shasums}`), (0, utils_1.request)(`${releasesUrl}/${this.name}/${this.version}/${this.shasums}`, {
(0, utils_1.request)(`${releasesUrl}/${this.name}/${this.version}/${this.shasums_signature}`), responseType: 'text',
}),
(0, utils_1.request)(`${releasesUrl}/${this.name}/${this.version}/${this.shasums_signature}`, {
responseType: 'arraybuffer',
}),
]); ]);
const publicKey = yield openpgp.readKey({ armoredKey: hashiPublicKey }); const publicKey = yield openpgp.readKey({ armoredKey: hashiPublicKey });
const signature = yield openpgp.readSignature({ binarySignature: Buffer.from(shasumsSignature, 'hex') }); const signature = yield openpgp.readSignature({ binarySignature: Buffer.from(shasumsSignature, 'hex') });
@ -6684,16 +6687,16 @@ class Release {
const verified = yield openpgp.verify({ const verified = yield openpgp.verify({
message: message, message: message,
verificationKeys: publicKey, verificationKeys: publicKey,
signature: signature signature: signature,
}); });
if (!verified) { if (!verified) {
throw new Error('signature could not be verified'); throw new Error('signature could not be verified');
} }
const shasumLine = shasumsResponse.split(`\n`).find(line => line.includes(buildName)); const shasumLine = shasumsResponse.split(`\n`).find((line) => line.includes(buildName));
if (!shasumLine) { if (!shasumLine) {
throw new Error(`Install error: no matching SHA sum for ${buildName}`); throw new Error(`Install error: no matching SHA sum for ${buildName}`);
} }
return shasumLine.split(" ")[0]; return shasumLine.split(' ')[0];
}); });
} }
unpack(directory, pkgName) { unpack(directory, pkgName) {
@ -6735,8 +6738,9 @@ function getRelease(product, version, userAgent, includePrerelease) {
const headers = userAgent ? { 'User-Agent': userAgent } : null; const headers = userAgent ? { 'User-Agent': userAgent } : null;
const response = yield (0, utils_1.request)(indexUrl, { headers }); const response = yield (0, utils_1.request)(indexUrl, { headers });
let release; let release;
if (!validVersion) { // pick the latest release (prereleases will be skipped for safety, set an explicit version instead) if (!validVersion) {
const releaseVersions = Object.keys(response.versions).filter(v => !semver.prerelease(v)); // pick the latest release (prereleases will be skipped for safety, set an explicit version instead)
const releaseVersions = Object.keys(response.versions).filter((v) => !semver.prerelease(v));
version = releaseVersions.sort((a, b) => semver.rcompare(a, b))[0]; version = releaseVersions.sort((a, b) => semver.rcompare(a, b))[0];
release = new Release(response.versions[version]); release = new Release(response.versions[version]);
} }
@ -6756,7 +6760,7 @@ function matchVersion(versions, range, includePrerelease) {
return new Release(versions[version]); return new Release(versions[version]);
} }
else { else {
throw new Error("No matching version found"); throw new Error('No matching version found');
} }
} }
//# sourceMappingURL=index.js.map //# sourceMappingURL=index.js.map
@ -6781,8 +6785,8 @@ Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.request = void 0; exports.request = void 0;
const axios_1 = __nccwpck_require__(6545); const axios_1 = __nccwpck_require__(6545);
const ProxyAgent = __nccwpck_require__(7367); const ProxyAgent = __nccwpck_require__(7367);
const httpProxy = process.env["HTTP_PROXY"] || process.env["http_proxy"]; const httpProxy = process.env['HTTP_PROXY'] || process.env['http_proxy'];
const httpsProxy = process.env["HTTPS_PROXY"] || process.env["https_proxy"]; const httpsProxy = process.env['HTTPS_PROXY'] || process.env['https_proxy'];
let proxyConf = {}; let proxyConf = {};
if (httpProxy || httpsProxy) { if (httpProxy || httpsProxy) {
proxyConf = { proxyConf = {

6
package-lock.json generated
View file

@ -537,9 +537,9 @@
} }
}, },
"@hashicorp/js-releases": { "@hashicorp/js-releases": {
"version": "1.5.0", "version": "1.5.1",
"resolved": "https://registry.npmjs.org/@hashicorp/js-releases/-/js-releases-1.5.0.tgz", "resolved": "https://registry.npmjs.org/@hashicorp/js-releases/-/js-releases-1.5.1.tgz",
"integrity": "sha512-gMggGaVIrDAyDiyJKT0A1z0mBYSQ9KROCzObFmqafC/Wqs9RRtxbVBu0jSf4NIGelq+wRaCMT2WCfgxpuzco2w==", "integrity": "sha512-V+7n+1bg1p1OKozsqQDJ00zoh7pHf0tnBF4TAozEGaEU3i9vNFAlKcXqqQQf8cAr+FbpT0C1S4og9h/fRuUh8Q==",
"requires": { "requires": {
"@types/semver": "^7.3.1", "@types/semver": "^7.3.1",
"axios": "^0.25.0", "axios": "^0.25.0",

2
package.json
View file

@ -23,7 +23,7 @@
"@actions/github": "^5.0.0", "@actions/github": "^5.0.0",
"@actions/io": "^1.1.1", "@actions/io": "^1.1.1",
"@actions/tool-cache": "^1.7.1", "@actions/tool-cache": "^1.7.1",
"@hashicorp/js-releases": "^1.5.0" "@hashicorp/js-releases": "^1.5.1"
}, },
"devDependencies": { "devDependencies": {
"@vercel/ncc": "0.33.3", "@vercel/ncc": "0.33.3",