diff --git a/node_modules/@actions/http-client/RELEASES.md b/node_modules/@actions/http-client/RELEASES.md index c8040ed3..79f9a581 100644 --- a/node_modules/@actions/http-client/RELEASES.md +++ b/node_modules/@actions/http-client/RELEASES.md @@ -1,5 +1,8 @@ ## Releases +## 1.0.7 +Update NPM dependencies and add 429 to the list of HttpCodes + ## 1.0.6 Automatically sends Content-Type and Accept application/json headers for \Json() helper methods if not set in the client or parameters. diff --git a/node_modules/@actions/http-client/auth.js b/node_modules/@actions/http-client/auth.js index 98d22d66..67a58aa7 100644 --- a/node_modules/@actions/http-client/auth.js +++ b/node_modules/@actions/http-client/auth.js @@ -6,7 +6,9 @@ class BasicCredentialHandler { this.password = password; } prepareRequest(options) { - options.headers['Authorization'] = 'Basic ' + Buffer.from(this.username + ':' + this.password).toString('base64'); + options.headers['Authorization'] = + 'Basic ' + + Buffer.from(this.username + ':' + this.password).toString('base64'); } // This handler cannot handle 401 canHandleAuthentication(response) { @@ -42,7 +44,8 @@ class PersonalAccessTokenCredentialHandler { // currently implements pre-authorization // TODO: support preAuth = false where it hooks on 401 prepareRequest(options) { - options.headers['Authorization'] = 'Basic ' + Buffer.from('PAT:' + this.token).toString('base64'); + options.headers['Authorization'] = + 'Basic ' + Buffer.from('PAT:' + this.token).toString('base64'); } // This handler cannot handle 401 canHandleAuthentication(response) { diff --git a/node_modules/@actions/http-client/index.d.ts b/node_modules/@actions/http-client/index.d.ts index 2bbcc6a1..7cdc1155 100644 --- a/node_modules/@actions/http-client/index.d.ts +++ b/node_modules/@actions/http-client/index.d.ts @@ -1,5 +1,5 @@ /// -import http = require("http"); +import http = require('http'); import ifm = require('./interfaces'); export declare enum HttpCodes { OK = 200, @@ -23,6 +23,7 @@ export declare enum HttpCodes { RequestTimeout = 408, Conflict = 409, Gone = 410, + TooManyRequests = 429, InternalServerError = 500, NotImplemented = 501, BadGateway = 502, diff --git a/node_modules/@actions/http-client/index.js b/node_modules/@actions/http-client/index.js index 7e553a6f..e1930da8 100644 --- a/node_modules/@actions/http-client/index.js +++ b/node_modules/@actions/http-client/index.js @@ -28,6 +28,7 @@ var HttpCodes; HttpCodes[HttpCodes["RequestTimeout"] = 408] = "RequestTimeout"; HttpCodes[HttpCodes["Conflict"] = 409] = "Conflict"; HttpCodes[HttpCodes["Gone"] = 410] = "Gone"; + HttpCodes[HttpCodes["TooManyRequests"] = 429] = "TooManyRequests"; HttpCodes[HttpCodes["InternalServerError"] = 500] = "InternalServerError"; HttpCodes[HttpCodes["NotImplemented"] = 501] = "NotImplemented"; HttpCodes[HttpCodes["BadGateway"] = 502] = "BadGateway"; @@ -52,8 +53,18 @@ function getProxyUrl(serverUrl) { return proxyUrl ? proxyUrl.href : ''; } exports.getProxyUrl = getProxyUrl; -const HttpRedirectCodes = [HttpCodes.MovedPermanently, HttpCodes.ResourceMoved, HttpCodes.SeeOther, HttpCodes.TemporaryRedirect, HttpCodes.PermanentRedirect]; -const HttpResponseRetryCodes = [HttpCodes.BadGateway, HttpCodes.ServiceUnavailable, HttpCodes.GatewayTimeout]; +const HttpRedirectCodes = [ + HttpCodes.MovedPermanently, + HttpCodes.ResourceMoved, + HttpCodes.SeeOther, + HttpCodes.TemporaryRedirect, + HttpCodes.PermanentRedirect +]; +const HttpResponseRetryCodes = [ + HttpCodes.BadGateway, + HttpCodes.ServiceUnavailable, + HttpCodes.GatewayTimeout +]; const RetryableHttpVerbs = ['OPTIONS', 'GET', 'DELETE', 'HEAD']; const ExponentialBackoffCeiling = 10; const ExponentialBackoffTimeSlice = 5; @@ -178,18 +189,22 @@ class HttpClient { */ async request(verb, requestUrl, data, headers) { if (this._disposed) { - throw new Error("Client has already been disposed."); + throw new Error('Client has already been disposed.'); } let parsedUrl = url.parse(requestUrl); let info = this._prepareRequest(verb, parsedUrl, headers); // Only perform retries on reads since writes may not be idempotent. - let maxTries = (this._allowRetries && RetryableHttpVerbs.indexOf(verb) != -1) ? this._maxRetries + 1 : 1; + let maxTries = this._allowRetries && RetryableHttpVerbs.indexOf(verb) != -1 + ? this._maxRetries + 1 + : 1; let numTries = 0; let response; while (numTries < maxTries) { response = await this.requestRaw(info, data); // Check if it's an authentication challenge - if (response && response.message && response.message.statusCode === HttpCodes.Unauthorized) { + if (response && + response.message && + response.message.statusCode === HttpCodes.Unauthorized) { let authenticationHandler; for (let i = 0; i < this.handlers.length; i++) { if (this.handlers[i].canHandleAuthentication(response)) { @@ -207,21 +222,32 @@ class HttpClient { } } let redirectsRemaining = this._maxRedirects; - while (HttpRedirectCodes.indexOf(response.message.statusCode) != -1 - && this._allowRedirects - && redirectsRemaining > 0) { - const redirectUrl = response.message.headers["location"]; + while (HttpRedirectCodes.indexOf(response.message.statusCode) != -1 && + this._allowRedirects && + redirectsRemaining > 0) { + const redirectUrl = response.message.headers['location']; if (!redirectUrl) { // if there's no location to redirect to, we won't break; } let parsedRedirectUrl = url.parse(redirectUrl); - if (parsedUrl.protocol == 'https:' && parsedUrl.protocol != parsedRedirectUrl.protocol && !this._allowRedirectDowngrade) { - throw new Error("Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true."); + if (parsedUrl.protocol == 'https:' && + parsedUrl.protocol != parsedRedirectUrl.protocol && + !this._allowRedirectDowngrade) { + throw new Error('Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.'); } // we need to finish reading the response before reassigning response // which will leak the open socket. await response.readBody(); + // strip authorization header if redirected to a different hostname + if (parsedRedirectUrl.hostname !== parsedUrl.hostname) { + for (let header in headers) { + // header names are case insensitive + if (header.toLowerCase() === 'authorization') { + delete headers[header]; + } + } + } // let's make the request with the new redirectUrl info = this._prepareRequest(verb, parsedRedirectUrl, headers); response = await this.requestRaw(info, data); @@ -272,8 +298,8 @@ class HttpClient { */ requestRawWithCallback(info, data, onResult) { let socket; - if (typeof (data) === 'string') { - info.options.headers["Content-Length"] = Buffer.byteLength(data, 'utf8'); + if (typeof data === 'string') { + info.options.headers['Content-Length'] = Buffer.byteLength(data, 'utf8'); } let callbackCalled = false; let handleResult = (err, res) => { @@ -286,7 +312,7 @@ class HttpClient { let res = new HttpClientResponse(msg); handleResult(null, res); }); - req.on('socket', (sock) => { + req.on('socket', sock => { socket = sock; }); // If we ever get disconnected, we want the socket to timeout eventually @@ -301,10 +327,10 @@ class HttpClient { // res should have headers handleResult(err, null); }); - if (data && typeof (data) === 'string') { + if (data && typeof data === 'string') { req.write(data, 'utf8'); } - if (data && typeof (data) !== 'string') { + if (data && typeof data !== 'string') { data.on('close', function () { req.end(); }); @@ -331,31 +357,34 @@ class HttpClient { const defaultPort = usingSsl ? 443 : 80; info.options = {}; info.options.host = info.parsedUrl.hostname; - info.options.port = info.parsedUrl.port ? parseInt(info.parsedUrl.port) : defaultPort; - info.options.path = (info.parsedUrl.pathname || '') + (info.parsedUrl.search || ''); + info.options.port = info.parsedUrl.port + ? parseInt(info.parsedUrl.port) + : defaultPort; + info.options.path = + (info.parsedUrl.pathname || '') + (info.parsedUrl.search || ''); info.options.method = method; info.options.headers = this._mergeHeaders(headers); if (this.userAgent != null) { - info.options.headers["user-agent"] = this.userAgent; + info.options.headers['user-agent'] = this.userAgent; } info.options.agent = this._getAgent(info.parsedUrl); // gives handlers an opportunity to participate if (this.handlers) { - this.handlers.forEach((handler) => { + this.handlers.forEach(handler => { handler.prepareRequest(info.options); }); } return info; } _mergeHeaders(headers) { - const lowercaseKeys = obj => Object.keys(obj).reduce((c, k) => (c[k.toLowerCase()] = obj[k], c), {}); + const lowercaseKeys = obj => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {}); if (this.requestOptions && this.requestOptions.headers) { return Object.assign({}, lowercaseKeys(this.requestOptions.headers), lowercaseKeys(headers)); } return lowercaseKeys(headers || {}); } _getExistingOrDefaultHeader(additionalHeaders, header, _default) { - const lowercaseKeys = obj => Object.keys(obj).reduce((c, k) => (c[k.toLowerCase()] = obj[k], c), {}); + const lowercaseKeys = obj => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {}); let clientHeader; if (this.requestOptions && this.requestOptions.headers) { clientHeader = lowercaseKeys(this.requestOptions.headers)[header]; @@ -393,7 +422,7 @@ class HttpClient { proxyAuth: proxyUrl.auth, host: proxyUrl.hostname, port: proxyUrl.port - }, + } }; let tunnelAgent; const overHttps = proxyUrl.protocol === 'https:'; @@ -420,7 +449,9 @@ class HttpClient { // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options // we have to cast it to any and change it directly - agent.options = Object.assign(agent.options || {}, { rejectUnauthorized: false }); + agent.options = Object.assign(agent.options || {}, { + rejectUnauthorized: false + }); } return agent; } @@ -481,7 +512,7 @@ class HttpClient { msg = contents; } else { - msg = "Failed request: (" + statusCode + ")"; + msg = 'Failed request: (' + statusCode + ')'; } let err = new Error(msg); // attach statusCode and body obj (if available) to the error object diff --git a/node_modules/@actions/http-client/interfaces.d.ts b/node_modules/@actions/http-client/interfaces.d.ts index 7e3fc3f0..0b348dc0 100644 --- a/node_modules/@actions/http-client/interfaces.d.ts +++ b/node_modules/@actions/http-client/interfaces.d.ts @@ -1,6 +1,6 @@ /// -import http = require("http"); -import url = require("url"); +import http = require('http'); +import url = require('url'); export interface IHeaders { [key: string]: any; } diff --git a/node_modules/@actions/http-client/interfaces.js b/node_modules/@actions/http-client/interfaces.js index 04363ad2..c8ad2e54 100644 --- a/node_modules/@actions/http-client/interfaces.js +++ b/node_modules/@actions/http-client/interfaces.js @@ -1,3 +1,2 @@ "use strict"; Object.defineProperty(exports, "__esModule", { value: true }); -; diff --git a/node_modules/@actions/http-client/package.json b/node_modules/@actions/http-client/package.json index da9410e5..4c7296d5 100644 --- a/node_modules/@actions/http-client/package.json +++ b/node_modules/@actions/http-client/package.json @@ -1,11 +1,14 @@ { "name": "@actions/http-client", - "version": "1.0.6", + "version": "1.0.8", "description": "Actions Http Client", "main": "index.js", "scripts": { "build": "rm -Rf ./_out && tsc && cp package*.json ./_out && cp *.md ./_out && cp LICENSE ./_out && cp actions.png ./_out", - "test": "jest" + "test": "jest", + "format": "prettier --write *.ts && prettier --write **/*.ts", + "format-check": "prettier --check *.ts && prettier --check **/*.ts", + "audit-check": "npm audit --audit-level=moderate" }, "repository": { "type": "git", @@ -22,18 +25,19 @@ }, "homepage": "https://github.com/actions/http-client#readme", "devDependencies": { - "@types/jest": "^24.0.25", - "@types/node": "^12.12.24", - "jest": "^24.9.0", + "@types/jest": "^25.1.4", + "@types/node": "^12.12.31", + "jest": "^25.1.0", + "prettier": "^2.0.4", "proxy": "^1.0.1", - "ts-jest": "^24.3.0", - "typescript": "^3.7.4" + "ts-jest": "^25.2.1", + "typescript": "^3.8.3" }, "dependencies": { "tunnel": "0.0.6" } -,"_resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-1.0.6.tgz" -,"_integrity": "sha512-LGmio4w98UyGX33b/W6V6Nx/sQHRXZ859YlMkn36wPsXPB82u8xTVlA/Dq2DXrm6lEq9RVmisRJa1c+HETAIJA==" -,"_from": "@actions/http-client@1.0.6" +,"_resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-1.0.8.tgz" +,"_integrity": "sha512-G4JjJ6f9Hb3Zvejj+ewLLKLf99ZC+9v+yCxoYf9vSyH+WkzPLB2LuUtRMGNkooMqdugGBFStIKXOuvH1W+EctA==" +,"_from": "@actions/http-client@1.0.8" } \ No newline at end of file diff --git a/node_modules/@actions/http-client/proxy.js b/node_modules/@actions/http-client/proxy.js index 7233779e..06936b39 100644 --- a/node_modules/@actions/http-client/proxy.js +++ b/node_modules/@actions/http-client/proxy.js @@ -9,12 +9,10 @@ function getProxyUrl(reqUrl) { } let proxyVar; if (usingSsl) { - proxyVar = process.env["https_proxy"] || - process.env["HTTPS_PROXY"]; + proxyVar = process.env['https_proxy'] || process.env['HTTPS_PROXY']; } else { - proxyVar = process.env["http_proxy"] || - process.env["HTTP_PROXY"]; + proxyVar = process.env['http_proxy'] || process.env['HTTP_PROXY']; } if (proxyVar) { proxyUrl = url.parse(proxyVar); @@ -26,7 +24,7 @@ function checkBypass(reqUrl) { if (!reqUrl.hostname) { return false; } - let noProxy = process.env["no_proxy"] || process.env["NO_PROXY"] || ''; + let noProxy = process.env['no_proxy'] || process.env['NO_PROXY'] || ''; if (!noProxy) { return false; } @@ -47,7 +45,10 @@ function checkBypass(reqUrl) { upperReqHosts.push(`${upperReqHosts[0]}:${reqPort}`); } // Compare request host against noproxy - for (let upperNoProxyItem of noProxy.split(',').map(x => x.trim().toUpperCase()).filter(x => x)) { + for (let upperNoProxyItem of noProxy + .split(',') + .map(x => x.trim().toUpperCase()) + .filter(x => x)) { if (upperReqHosts.some(x => x === upperNoProxyItem)) { return true; } diff --git a/package.json b/package.json index db5bea1a..f2dda5fd 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "typescript-action", - "version": "1.0.2", + "version": "1.0.3", "private": true, "description": "TypeScript template action", "main": "lib/main.js",