diff --git a/dist/index.js b/dist/index.js index e1ac1ac..a85cf64 100644 --- a/dist/index.js +++ b/dist/index.js @@ -3376,7 +3376,11 @@ function copyFile(srcFile, destFile, force) { var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; @@ -3389,7 +3393,7 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? ( var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); __setModuleDefault(result, mod); return result; }; @@ -3419,11 +3423,11 @@ function _findMatch(versionSpec, stable, candidates, archFilter) { let file; for (const candidate of candidates) { const version = candidate.version; - core_1.debug(`check ${version} satisfies ${versionSpec}`); + (0, core_1.debug)(`check ${version} satisfies ${versionSpec}`); if (semver.satisfies(version, versionSpec) && (!stable || candidate.stable === stable)) { file = candidate.files.find(item => { - core_1.debug(`${item.arch}===${archFilter} && ${item.platform}===${platFilter}`); + (0, core_1.debug)(`${item.arch}===${archFilter} && ${item.platform}===${platFilter}`); let chk = item.arch === archFilter && item.platform === platFilter; if (chk && item.platform_version) { const osVersion = module.exports._getOsVersion(); @@ -3437,7 +3441,7 @@ function _findMatch(versionSpec, stable, candidates, archFilter) { return chk; }); if (file) { - core_1.debug(`matched ${candidate.version}`); + (0, core_1.debug)(`matched ${candidate.version}`); match = candidate; break; } @@ -3475,10 +3479,7 @@ function _getOsVersion() { if (parts.length === 2 && (parts[0].trim() === 'VERSION_ID' || parts[0].trim() === 'DISTRIB_RELEASE')) { - version = parts[1] - .trim() - .replace(/^"/, '') - .replace(/"$/, ''); + version = parts[1].trim().replace(/^"/, '').replace(/"$/, ''); break; } } @@ -3511,7 +3512,11 @@ exports._readLinuxVersionFile = _readLinuxVersionFile; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; @@ -3524,7 +3529,7 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? ( var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); __setModuleDefault(result, mod); return result; }; @@ -3601,7 +3606,11 @@ exports.RetryHelper = RetryHelper; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; @@ -3614,7 +3623,7 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? ( var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); __setModuleDefault(result, mod); return result; }; @@ -3627,13 +3636,11 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; -var __importDefault = (this && this.__importDefault) || function (mod) { - return (mod && mod.__esModule) ? mod : { "default": mod }; -}; Object.defineProperty(exports, "__esModule", ({ value: true })); exports.evaluateVersions = exports.isExplicitVersion = exports.findFromManifest = exports.getManifestFromRepo = exports.findAllVersions = exports.find = exports.cacheFile = exports.cacheDir = exports.extractZip = exports.extractXar = exports.extractTar = exports.extract7z = exports.downloadTool = exports.HTTPError = void 0; const core = __importStar(__nccwpck_require__(7484)); const io = __importStar(__nccwpck_require__(4994)); +const crypto = __importStar(__nccwpck_require__(6982)); const fs = __importStar(__nccwpck_require__(9896)); const mm = __importStar(__nccwpck_require__(8036)); const os = __importStar(__nccwpck_require__(857)); @@ -3643,7 +3650,6 @@ const semver = __importStar(__nccwpck_require__(6193)); const stream = __importStar(__nccwpck_require__(2203)); const util = __importStar(__nccwpck_require__(9023)); const assert_1 = __nccwpck_require__(2613); -const v4_1 = __importDefault(__nccwpck_require__(9021)); const exec_1 = __nccwpck_require__(5236); const retry_helper_1 = __nccwpck_require__(7380); class HTTPError extends Error { @@ -3668,7 +3674,7 @@ const userAgent = 'actions/tool-cache'; */ function downloadTool(url, dest, auth, headers) { return __awaiter(this, void 0, void 0, function* () { - dest = dest || path.join(_getTempDirectory(), v4_1.default()); + dest = dest || path.join(_getTempDirectory(), crypto.randomUUID()); yield io.mkdirP(path.dirname(dest)); core.debug(`Downloading ${url}`); core.debug(`Destination ${dest}`); @@ -3757,8 +3763,8 @@ function downloadToolAttempt(url, dest, auth, headers) { */ function extract7z(file, dest, _7zPath) { return __awaiter(this, void 0, void 0, function* () { - assert_1.ok(IS_WINDOWS, 'extract7z() not supported on current OS'); - assert_1.ok(file, 'parameter "file" is required'); + (0, assert_1.ok)(IS_WINDOWS, 'extract7z() not supported on current OS'); + (0, assert_1.ok)(file, 'parameter "file" is required'); dest = yield _createExtractFolder(dest); const originalCwd = process.cwd(); process.chdir(dest); @@ -3775,7 +3781,7 @@ function extract7z(file, dest, _7zPath) { const options = { silent: true }; - yield exec_1.exec(`"${_7zPath}"`, args, options); + yield (0, exec_1.exec)(`"${_7zPath}"`, args, options); } finally { process.chdir(originalCwd); @@ -3804,7 +3810,7 @@ function extract7z(file, dest, _7zPath) { }; try { const powershellPath = yield io.which('powershell', true); - yield exec_1.exec(`"${powershellPath}"`, args, options); + yield (0, exec_1.exec)(`"${powershellPath}"`, args, options); } finally { process.chdir(originalCwd); @@ -3832,7 +3838,7 @@ function extractTar(file, dest, flags = 'xz') { // Determine whether GNU tar core.debug('Checking tar --version'); let versionOutput = ''; - yield exec_1.exec('tar --version', [], { + yield (0, exec_1.exec)('tar --version', [], { ignoreReturnCode: true, silent: true, listeners: { @@ -3868,7 +3874,7 @@ function extractTar(file, dest, flags = 'xz') { args.push('--overwrite'); } args.push('-C', destArg, '-f', fileArg); - yield exec_1.exec(`tar`, args); + yield (0, exec_1.exec)(`tar`, args); return dest; }); } @@ -3883,8 +3889,8 @@ exports.extractTar = extractTar; */ function extractXar(file, dest, flags = []) { return __awaiter(this, void 0, void 0, function* () { - assert_1.ok(IS_MAC, 'extractXar() not supported on current OS'); - assert_1.ok(file, 'parameter "file" is required'); + (0, assert_1.ok)(IS_MAC, 'extractXar() not supported on current OS'); + (0, assert_1.ok)(file, 'parameter "file" is required'); dest = yield _createExtractFolder(dest); let args; if (flags instanceof Array) { @@ -3898,7 +3904,7 @@ function extractXar(file, dest, flags = []) { args.push('-v'); } const xarPath = yield io.which('xar', true); - yield exec_1.exec(`"${xarPath}"`, _unique(args)); + yield (0, exec_1.exec)(`"${xarPath}"`, _unique(args)); return dest; }); } @@ -3952,7 +3958,7 @@ function extractZipWin(file, dest) { pwshCommand ]; core.debug(`Using pwsh at path: ${pwshPath}`); - yield exec_1.exec(`"${pwshPath}"`, args); + yield (0, exec_1.exec)(`"${pwshPath}"`, args); } else { const powershellCommand = [ @@ -3973,7 +3979,7 @@ function extractZipWin(file, dest) { ]; const powershellPath = yield io.which('powershell', true); core.debug(`Using powershell at path: ${powershellPath}`); - yield exec_1.exec(`"${powershellPath}"`, args); + yield (0, exec_1.exec)(`"${powershellPath}"`, args); } }); } @@ -3985,7 +3991,7 @@ function extractZipNix(file, dest) { args.unshift('-q'); } args.unshift('-o'); //overwrite with -o, otherwise a prompt is shown which freezes the run - yield exec_1.exec(`"${unzipPath}"`, args, { cwd: dest }); + yield (0, exec_1.exec)(`"${unzipPath}"`, args, { cwd: dest }); }); } /** @@ -4162,7 +4168,7 @@ function _createExtractFolder(dest) { return __awaiter(this, void 0, void 0, function* () { if (!dest) { // create a temp dir - dest = path.join(_getTempDirectory(), v4_1.default()); + dest = path.join(_getTempDirectory(), crypto.randomUUID()); } yield io.mkdirP(dest); return dest; @@ -4235,7 +4241,7 @@ exports.evaluateVersions = evaluateVersions; */ function _getCacheDirectory() { const cacheDirectory = process.env['RUNNER_TOOL_CACHE'] || ''; - assert_1.ok(cacheDirectory, 'Expected RUNNER_TOOL_CACHE to be defined'); + (0, assert_1.ok)(cacheDirectory, 'Expected RUNNER_TOOL_CACHE to be defined'); return cacheDirectory; } /** @@ -4243,7 +4249,7 @@ function _getCacheDirectory() { */ function _getTempDirectory() { const tempDirectory = process.env['RUNNER_TEMP'] || ''; - assert_1.ok(tempDirectory, 'Expected RUNNER_TEMP to be defined'); + (0, assert_1.ok)(tempDirectory, 'Expected RUNNER_TEMP to be defined'); return tempDirectory; } /** @@ -28591,6 +28597,14 @@ const { isUint8Array, isArrayBuffer } = __nccwpck_require__(8253) const { File: UndiciFile } = __nccwpck_require__(3041) const { parseMIMEType, serializeAMimeType } = __nccwpck_require__(4322) +let random +try { + const crypto = __nccwpck_require__(7598) + random = (max) => crypto.randomInt(0, max) +} catch { + random = (max) => Math.floor(Math.random(max)) +} + let ReadableStream = globalThis.ReadableStream /** @type {globalThis['File']} */ @@ -28676,7 +28690,7 @@ function extractBody (object, keepalive = false) { // Set source to a copy of the bytes held by object. source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength)) } else if (util.isFormDataLike(object)) { - const boundary = `----formdata-undici-0${`${Math.floor(Math.random() * 1e11)}`.padStart(11, '0')}` + const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}` const prefix = `--${boundary}\r\nContent-Disposition: form-data` /*! formdata-polyfill. MIT License. Jimmy Wärting */ @@ -42689,90 +42703,6 @@ module.exports = { } -/***/ }), - -/***/ 8682: -/***/ ((module) => { - -/** - * Convert array of 16 byte values to UUID string format of the form: - * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX - */ -var byteToHex = []; -for (var i = 0; i < 256; ++i) { - byteToHex[i] = (i + 0x100).toString(16).substr(1); -} - -function bytesToUuid(buf, offset) { - var i = offset || 0; - var bth = byteToHex; - // join used to fix memory issue caused by concatenation: https://bugs.chromium.org/p/v8/issues/detail?id=3175#c4 - return ([ - bth[buf[i++]], bth[buf[i++]], - bth[buf[i++]], bth[buf[i++]], '-', - bth[buf[i++]], bth[buf[i++]], '-', - bth[buf[i++]], bth[buf[i++]], '-', - bth[buf[i++]], bth[buf[i++]], '-', - bth[buf[i++]], bth[buf[i++]], - bth[buf[i++]], bth[buf[i++]], - bth[buf[i++]], bth[buf[i++]] - ]).join(''); -} - -module.exports = bytesToUuid; - - -/***/ }), - -/***/ 1694: -/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - -// Unique ID creation requires a high quality random # generator. In node.js -// this is pretty straight-forward - we use the crypto API. - -var crypto = __nccwpck_require__(6982); - -module.exports = function nodeRNG() { - return crypto.randomBytes(16); -}; - - -/***/ }), - -/***/ 9021: -/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - -var rng = __nccwpck_require__(1694); -var bytesToUuid = __nccwpck_require__(8682); - -function v4(options, buf, offset) { - var i = buf && offset || 0; - - if (typeof(options) == 'string') { - buf = options === 'binary' ? new Array(16) : null; - options = null; - } - options = options || {}; - - var rnds = options.random || (options.rng || rng)(); - - // Per 4.4, set bits for version and `clock_seq_hi_and_reserved` - rnds[6] = (rnds[6] & 0x0f) | 0x40; - rnds[8] = (rnds[8] & 0x3f) | 0x80; - - // Copy bytes to buffer, if provided - if (buf) { - for (var ii = 0; ii < 16; ++ii) { - buf[i + ii] = rnds[ii]; - } - } - - return buf || bytesToUuid(rnds); -} - -module.exports = v4; - - /***/ }), /***/ 663: @@ -43682,6 +43612,14 @@ module.exports = require("net"); /***/ }), +/***/ 7598: +/***/ ((module) => { + +"use strict"; +module.exports = require("node:crypto"); + +/***/ }), + /***/ 8474: /***/ ((module) => { diff --git a/dist/index1.js b/dist/index1.js index bdbc30d..d66e826 100755 --- a/dist/index1.js +++ b/dist/index1.js @@ -12949,6 +12949,14 @@ const { isUint8Array, isArrayBuffer } = __nccwpck_require__(8253) const { File: UndiciFile } = __nccwpck_require__(3041) const { parseMIMEType, serializeAMimeType } = __nccwpck_require__(4322) +let random +try { + const crypto = __nccwpck_require__(7598) + random = (max) => crypto.randomInt(0, max) +} catch { + random = (max) => Math.floor(Math.random(max)) +} + let ReadableStream = globalThis.ReadableStream /** @type {globalThis['File']} */ @@ -13034,7 +13042,7 @@ function extractBody (object, keepalive = false) { // Set source to a copy of the bytes held by object. source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength)) } else if (util.isFormDataLike(object)) { - const boundary = `----formdata-undici-0${`${Math.floor(Math.random() * 1e11)}`.padStart(11, '0')}` + const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}` const prefix = `--${boundary}\r\nContent-Disposition: form-data` /*! formdata-polyfill. MIT License. Jimmy Wärting */ @@ -27227,6 +27235,14 @@ module.exports = require("net"); /***/ }), +/***/ 7598: +/***/ ((module) => { + +"use strict"; +module.exports = require("node:crypto"); + +/***/ }), + /***/ 8474: /***/ ((module) => { diff --git a/package-lock.json b/package-lock.json index a4c4465..c9e957f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,7 @@ "@actions/exec": "^1.1.1", "@actions/github": "^6.0.0", "@actions/io": "^1.1.3", - "@actions/tool-cache": "^2.0.1", + "@actions/tool-cache": "^2.0.2", "@hashicorp/js-releases": "^1.7.3", "semver": "^7.6.3" }, @@ -76,16 +76,15 @@ "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q==" }, "node_modules/@actions/tool-cache": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@actions/tool-cache/-/tool-cache-2.0.1.tgz", - "integrity": "sha512-iPU+mNwrbA8jodY8eyo/0S/QqCKDajiR8OxWTnSk/SnYg0sj8Hp4QcUEVC1YFpHWXtrfbQrE13Jz4k4HXJQKcA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@actions/tool-cache/-/tool-cache-2.0.2.tgz", + "integrity": "sha512-fBhNNOWxuoLxztQebpOaWu6WeVmuwa77Z+DxIZ1B+OYvGkGQon6kTVg6Z32Cb13WCuw0szqonK+hh03mJV7Z6w==", "dependencies": { - "@actions/core": "^1.2.6", + "@actions/core": "^1.11.1", "@actions/exec": "^1.0.0", "@actions/http-client": "^2.0.1", "@actions/io": "^1.1.1", - "semver": "^6.1.0", - "uuid": "^3.3.2" + "semver": "^6.1.0" } }, "node_modules/@actions/tool-cache/node_modules/semver": { @@ -6408,9 +6407,10 @@ } }, "node_modules/undici": { - "version": "5.28.4", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz", - "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==", + "version": "5.28.5", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.5.tgz", + "integrity": "sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==", + "license": "MIT", "dependencies": { "@fastify/busboy": "^2.0.0" }, @@ -6462,15 +6462,6 @@ "punycode": "^2.1.0" } }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "deprecated": "Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.", - "bin": { - "uuid": "bin/uuid" - } - }, "node_modules/v8-to-istanbul": { "version": "9.1.0", "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", @@ -6743,16 +6734,15 @@ "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q==" }, "@actions/tool-cache": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@actions/tool-cache/-/tool-cache-2.0.1.tgz", - "integrity": "sha512-iPU+mNwrbA8jodY8eyo/0S/QqCKDajiR8OxWTnSk/SnYg0sj8Hp4QcUEVC1YFpHWXtrfbQrE13Jz4k4HXJQKcA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@actions/tool-cache/-/tool-cache-2.0.2.tgz", + "integrity": "sha512-fBhNNOWxuoLxztQebpOaWu6WeVmuwa77Z+DxIZ1B+OYvGkGQon6kTVg6Z32Cb13WCuw0szqonK+hh03mJV7Z6w==", "requires": { - "@actions/core": "^1.2.6", + "@actions/core": "^1.11.1", "@actions/exec": "^1.0.0", "@actions/http-client": "^2.0.1", "@actions/io": "^1.1.1", - "semver": "^6.1.0", - "uuid": "^3.3.2" + "semver": "^6.1.0" }, "dependencies": { "semver": { @@ -11417,9 +11407,9 @@ } }, "undici": { - "version": "5.28.4", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz", - "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==", + "version": "5.28.5", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.5.tgz", + "integrity": "sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==", "requires": { "@fastify/busboy": "^2.0.0" } @@ -11448,11 +11438,6 @@ "punycode": "^2.1.0" } }, - "uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" - }, "v8-to-istanbul": { "version": "9.1.0", "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.1.0.tgz", diff --git a/package.json b/package.json index 67a2c19..027c170 100644 --- a/package.json +++ b/package.json @@ -22,7 +22,7 @@ "@actions/exec": "^1.1.1", "@actions/github": "^6.0.0", "@actions/io": "^1.1.3", - "@actions/tool-cache": "^2.0.1", + "@actions/tool-cache": "^2.0.2", "@hashicorp/js-releases": "^1.7.3", "semver": "^7.6.3" },