Update checked-in dependencies
This commit is contained in:
github-actions[bot]
parent
08e5c8d618
commit
5275714183
148 changed files with 4045 additions and 39247 deletions
74
node_modules/@actions/cache/lib/internal/shared/util.js
generated
vendored
Normal file
74
node_modules/@actions/cache/lib/internal/shared/util.js
generated
vendored
Normal file
|
|
@ -0,0 +1,74 @@
|
|||
"use strict";
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
exports.maskSecretUrls = exports.maskSigUrl = void 0;
|
||||
const core_1 = require("@actions/core");
|
||||
/**
|
||||
* Masks the `sig` parameter in a URL and sets it as a secret.
|
||||
*
|
||||
* @param url - The URL containing the signature parameter to mask
|
||||
* @remarks
|
||||
* This function attempts to parse the provided URL and identify the 'sig' query parameter.
|
||||
* If found, it registers both the raw and URL-encoded signature values as secrets using
|
||||
* the Actions `setSecret` API, which prevents them from being displayed in logs.
|
||||
*
|
||||
* The function handles errors gracefully if URL parsing fails, logging them as debug messages.
|
||||
*
|
||||
* @example
|
||||
* ```typescript
|
||||
* // Mask a signature in an Azure SAS token URL
|
||||
* maskSigUrl('https://example.blob.core.windows.net/container/file.txt?sig=abc123&se=2023-01-01');
|
||||
* ```
|
||||
*/
|
||||
function maskSigUrl(url) {
|
||||
if (!url)
|
||||
return;
|
||||
try {
|
||||
const parsedUrl = new URL(url);
|
||||
const signature = parsedUrl.searchParams.get('sig');
|
||||
if (signature) {
|
||||
(0, core_1.setSecret)(signature);
|
||||
(0, core_1.setSecret)(encodeURIComponent(signature));
|
||||
}
|
||||
}
|
||||
catch (error) {
|
||||
(0, core_1.debug)(`Failed to parse URL: ${url} ${error instanceof Error ? error.message : String(error)}`);
|
||||
}
|
||||
}
|
||||
exports.maskSigUrl = maskSigUrl;
|
||||
/**
|
||||
* Masks sensitive information in URLs containing signature parameters.
|
||||
* Currently supports masking 'sig' parameters in the 'signed_upload_url'
|
||||
* and 'signed_download_url' properties of the provided object.
|
||||
*
|
||||
* @param body - The object should contain a signature
|
||||
* @remarks
|
||||
* This function extracts URLs from the object properties and calls maskSigUrl
|
||||
* on each one to redact sensitive signature information. The function doesn't
|
||||
* modify the original object; it only marks the signatures as secrets for
|
||||
* logging purposes.
|
||||
*
|
||||
* @example
|
||||
* ```typescript
|
||||
* const responseBody = {
|
||||
* signed_upload_url: 'https://blob.core.windows.net/?sig=abc123',
|
||||
* signed_download_url: 'https://blob.core/windows.net/?sig=def456'
|
||||
* };
|
||||
* maskSecretUrls(responseBody);
|
||||
* ```
|
||||
*/
|
||||
function maskSecretUrls(body) {
|
||||
if (typeof body !== 'object' || body === null) {
|
||||
(0, core_1.debug)('body is not an object or is null');
|
||||
return;
|
||||
}
|
||||
if ('signed_upload_url' in body &&
|
||||
typeof body.signed_upload_url === 'string') {
|
||||
maskSigUrl(body.signed_upload_url);
|
||||
}
|
||||
if ('signed_download_url' in body &&
|
||||
typeof body.signed_download_url === 'string') {
|
||||
maskSigUrl(body.signed_download_url);
|
||||
}
|
||||
}
|
||||
exports.maskSecretUrls = maskSecretUrls;
|
||||
//# sourceMappingURL=util.js.map
|
||||
Loading…
Add table
Add a link
Reference in a new issue