Sanitize artifact name before using

2021-11-05 08:31:07 +00:00 · 2021-11-05 08:31:07 +00:00 · f360da772a
commit f360da772a
parent ea169430d2
9 changed files with 30 additions and 6 deletions
--- a/lib/actions-util.js
+++ b/lib/actions-util.js
@ -19,7 +19,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.sendStatusReport = exports.createStatusReportBase = exports.getRef = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.getWorkflowRunID = exports.getWorkflow = exports.formatWorkflowCause = exports.formatWorkflowErrors = exports.validateWorkflow = exports.getWorkflowErrors = exports.WorkflowErrors = exports.patternIsSuperset = exports.getCommitOid = exports.getToolCacheDirectory = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
+exports.sanitizeArifactName = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.sendStatusReport = exports.createStatusReportBase = exports.getRef = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.getWorkflowRunID = exports.getWorkflow = exports.formatWorkflowCause = exports.formatWorkflowErrors = exports.validateWorkflow = exports.getWorkflowErrors = exports.WorkflowErrors = exports.patternIsSuperset = exports.getCommitOid = exports.getToolCacheDirectory = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
@ -574,4 +574,8 @@ async function isAnalyzingDefaultBranch() {
    return currentRef === defaultBranch;
 }
 exports.isAnalyzingDefaultBranch = isAnalyzingDefaultBranch;
+function sanitizeArifactName(name) {
+    return name.replace(/[^a-zA-Z0-9_\\-]+/g, "");
+}
+exports.sanitizeArifactName = sanitizeArifactName;
 //# sourceMappingURL=actions-util.js.map
--- a/lib/actions-util.js.map
+++ b/lib/actions-util.js.map
--- a/lib/actions-util.test.js
+++ b/lib/actions-util.test.js
@ -440,4 +440,10 @@ on: ["push"]
        t.deepEqual(await actionsutil.isAnalyzingDefaultBranch(), false);
    });
 });
+(0, ava_1.default)("sanitizeArifactName", (t) => {
+    t.deepEqual(actionsutil.sanitizeArifactName("hello-world_"), "hello-world_");
+    t.deepEqual(actionsutil.sanitizeArifactName("hello`world`"), "helloworld");
+    t.deepEqual(actionsutil.sanitizeArifactName("hello===123"), "hello123");
+    t.deepEqual(actionsutil.sanitizeArifactName("*m)a&n^y%i££n+v!a:l[i]d"), "manyinvalid");
+});
 //# sourceMappingURL=actions-util.test.js.map
--- a/lib/actions-util.test.js.map
+++ b/lib/actions-util.test.js.map
--- a/lib/analyze-action.js
+++ b/lib/analyze-action.js
@ -173,7 +173,7 @@ async function uploadDebugArtifacts(toUpload, rootDir) {
        for (const entry of Object.entries(JSON.parse(matrix)).sort())
            suffix += `-${entry[1]}`;
    }
-    await artifact.create().uploadArtifact(`${util_1.DEBUG_ARTIFACT_NAME}${suffix}`, toUpload.map((file) => path.normalize(file)), path.normalize(rootDir));
+    await artifact.create().uploadArtifact(actionsUtil.sanitizeArifactName(`${util_1.DEBUG_ARTIFACT_NAME}${suffix}`), toUpload.map((file) => path.normalize(file)), path.normalize(rootDir));
 }
 function listFolder(dir) {
    const entries = fs.readdirSync(dir, { withFileTypes: true });
--- a/lib/analyze-action.js.map
+++ b/lib/analyze-action.js.map
--- a/src/actions-util.test.ts
+++ b/src/actions-util.test.ts
@ -680,3 +680,13 @@ test("isAnalyzingDefaultBranch()", async (t) => {
    t.deepEqual(await actionsutil.isAnalyzingDefaultBranch(), false);
  });
 });
+
+test("sanitizeArifactName", (t) => {
+  t.deepEqual(actionsutil.sanitizeArifactName("hello-world_"), "hello-world_");
+  t.deepEqual(actionsutil.sanitizeArifactName("hello`world`"), "helloworld");
+  t.deepEqual(actionsutil.sanitizeArifactName("hello===123"), "hello123");
+  t.deepEqual(
+    actionsutil.sanitizeArifactName("*m)a&n^y%i££n+v!a:l[i]d"),
+    "manyinvalid"
+  );
+});
--- a/src/actions-util.ts
+++ b/src/actions-util.ts
@ -709,3 +709,7 @@ export async function isAnalyzingDefaultBranch(): Promise<boolean> {

  return currentRef === defaultBranch;
 }
+
+export function sanitizeArifactName(name: string): string {
+  return name.replace(/[^a-zA-Z0-9_\\-]+/g, "");
+}
--- a/src/analyze-action.ts
+++ b/src/analyze-action.ts
@ -244,7 +244,7 @@ async function uploadDebugArtifacts(toUpload: string[], rootDir: string) {
      suffix += `-${entry[1]}`;
  }
  await artifact.create().uploadArtifact(
-    `${DEBUG_ARTIFACT_NAME}${suffix}`,
+    actionsUtil.sanitizeArifactName(`${DEBUG_ARTIFACT_NAME}${suffix}`),
    toUpload.map((file) => path.normalize(file)),
    path.normalize(rootDir)
  );