From 152094029bb66d8382da2126d6b9dc2f2745a8c0 Mon Sep 17 00:00:00 2001 From: Javed Mohamed Date: Mon, 28 Aug 2023 15:29:29 -0500 Subject: [PATCH] Derive home from $HOME instead of /etc/passwd --- dist/cleanup.js | 59 ++++++++++++++++++------------------------------- dist/index.js | 59 ++++++++++++++++++------------------------------- paths.js | 2 +- 3 files changed, 45 insertions(+), 75 deletions(-) diff --git a/dist/cleanup.js b/dist/cleanup.js index 61fc276..6d87604 100644 --- a/dist/cleanup.js +++ b/dist/cleanup.js @@ -292,14 +292,13 @@ var __importStar = (this && this.__importStar) || function (mod) { return result; }; Object.defineProperty(exports, "__esModule", { value: true }); -exports.prepareKeyValueMessage = exports.issueFileCommand = void 0; +exports.issueCommand = void 0; // We use any as a valid input type /* eslint-disable @typescript-eslint/no-explicit-any */ const fs = __importStar(__webpack_require__(747)); const os = __importStar(__webpack_require__(87)); -const uuid_1 = __webpack_require__(62); const utils_1 = __webpack_require__(82); -function issueFileCommand(command, message) { +function issueCommand(command, message) { const filePath = process.env[`GITHUB_${command}`]; if (!filePath) { throw new Error(`Unable to find environment variable for file command ${command}`); @@ -311,22 +310,7 @@ function issueFileCommand(command, message) { encoding: 'utf8' }); } -exports.issueFileCommand = issueFileCommand; -function prepareKeyValueMessage(key, value) { - const delimiter = `ghadelimiter_${uuid_1.v4()}`; - const convertedValue = utils_1.toCommandValue(value); - // These should realistically never happen, but just in case someone finds a - // way to exploit uuid generation let's not allow keys or values that contain - // the delimiter. - if (key.includes(delimiter)) { - throw new Error(`Unexpected input: name should not contain the delimiter "${delimiter}"`); - } - if (convertedValue.includes(delimiter)) { - throw new Error(`Unexpected input: value should not contain the delimiter "${delimiter}"`); - } - return `${key}<<${delimiter}${os.EOL}${convertedValue}${os.EOL}${delimiter}`; -} -exports.prepareKeyValueMessage = prepareKeyValueMessage; +exports.issueCommand = issueCommand; //# sourceMappingURL=file-command.js.map /***/ }), @@ -1684,6 +1668,7 @@ const file_command_1 = __webpack_require__(102); const utils_1 = __webpack_require__(82); const os = __importStar(__webpack_require__(87)); const path = __importStar(__webpack_require__(622)); +const uuid_1 = __webpack_require__(62); const oidc_utils_1 = __webpack_require__(742); /** * The code to exit an action @@ -1713,9 +1698,20 @@ function exportVariable(name, val) { process.env[name] = convertedVal; const filePath = process.env['GITHUB_ENV'] || ''; if (filePath) { - return file_command_1.issueFileCommand('ENV', file_command_1.prepareKeyValueMessage(name, val)); + const delimiter = `ghadelimiter_${uuid_1.v4()}`; + // These should realistically never happen, but just in case someone finds a way to exploit uuid generation let's not allow keys or values that contain the delimiter. + if (name.includes(delimiter)) { + throw new Error(`Unexpected input: name should not contain the delimiter "${delimiter}"`); + } + if (convertedVal.includes(delimiter)) { + throw new Error(`Unexpected input: value should not contain the delimiter "${delimiter}"`); + } + const commandValue = `${name}<<${delimiter}${os.EOL}${convertedVal}${os.EOL}${delimiter}`; + file_command_1.issueCommand('ENV', commandValue); + } + else { + command_1.issueCommand('set-env', { name }, convertedVal); } - command_1.issueCommand('set-env', { name }, convertedVal); } exports.exportVariable = exportVariable; /** @@ -1733,7 +1729,7 @@ exports.setSecret = setSecret; function addPath(inputPath) { const filePath = process.env['GITHUB_PATH'] || ''; if (filePath) { - file_command_1.issueFileCommand('PATH', inputPath); + file_command_1.issueCommand('PATH', inputPath); } else { command_1.issueCommand('add-path', {}, inputPath); @@ -1773,10 +1769,7 @@ function getMultilineInput(name, options) { const inputs = getInput(name, options) .split('\n') .filter(x => x !== ''); - if (options && options.trimWhitespace === false) { - return inputs; - } - return inputs.map(input => input.trim()); + return inputs; } exports.getMultilineInput = getMultilineInput; /** @@ -1809,12 +1802,8 @@ exports.getBooleanInput = getBooleanInput; */ // eslint-disable-next-line @typescript-eslint/no-explicit-any function setOutput(name, value) { - const filePath = process.env['GITHUB_OUTPUT'] || ''; - if (filePath) { - return file_command_1.issueFileCommand('OUTPUT', file_command_1.prepareKeyValueMessage(name, value)); - } process.stdout.write(os.EOL); - command_1.issueCommand('set-output', { name }, utils_1.toCommandValue(value)); + command_1.issueCommand('set-output', { name }, value); } exports.setOutput = setOutput; /** @@ -1943,11 +1932,7 @@ exports.group = group; */ // eslint-disable-next-line @typescript-eslint/no-explicit-any function saveState(name, value) { - const filePath = process.env['GITHUB_STATE'] || ''; - if (filePath) { - return file_command_1.issueFileCommand('STATE', file_command_1.prepareKeyValueMessage(name, value)); - } - command_1.issueCommand('save-state', { name }, utils_1.toCommandValue(value)); + command_1.issueCommand('save-state', { name }, value); } exports.saveState = saveState; /** @@ -2841,7 +2826,7 @@ const os = __webpack_require__(87); module.exports = (process.env['OS'] != 'Windows_NT') ? { // Use getent() system call, since this is what ssh does; makes a difference in Docker-based // Action runs, where $HOME is different from the pwent - homePath: os.userInfo().homedir, + homePath: os.homedir(), sshAgentCmdDefault: 'ssh-agent', sshAddCmdDefault: 'ssh-add', gitCmdDefault: 'git' diff --git a/dist/index.js b/dist/index.js index 2c23f23..8ac3ee9 100644 --- a/dist/index.js +++ b/dist/index.js @@ -292,14 +292,13 @@ var __importStar = (this && this.__importStar) || function (mod) { return result; }; Object.defineProperty(exports, "__esModule", { value: true }); -exports.prepareKeyValueMessage = exports.issueFileCommand = void 0; +exports.issueCommand = void 0; // We use any as a valid input type /* eslint-disable @typescript-eslint/no-explicit-any */ const fs = __importStar(__webpack_require__(747)); const os = __importStar(__webpack_require__(87)); -const uuid_1 = __webpack_require__(62); const utils_1 = __webpack_require__(82); -function issueFileCommand(command, message) { +function issueCommand(command, message) { const filePath = process.env[`GITHUB_${command}`]; if (!filePath) { throw new Error(`Unable to find environment variable for file command ${command}`); @@ -311,22 +310,7 @@ function issueFileCommand(command, message) { encoding: 'utf8' }); } -exports.issueFileCommand = issueFileCommand; -function prepareKeyValueMessage(key, value) { - const delimiter = `ghadelimiter_${uuid_1.v4()}`; - const convertedValue = utils_1.toCommandValue(value); - // These should realistically never happen, but just in case someone finds a - // way to exploit uuid generation let's not allow keys or values that contain - // the delimiter. - if (key.includes(delimiter)) { - throw new Error(`Unexpected input: name should not contain the delimiter "${delimiter}"`); - } - if (convertedValue.includes(delimiter)) { - throw new Error(`Unexpected input: value should not contain the delimiter "${delimiter}"`); - } - return `${key}<<${delimiter}${os.EOL}${convertedValue}${os.EOL}${delimiter}`; -} -exports.prepareKeyValueMessage = prepareKeyValueMessage; +exports.issueCommand = issueCommand; //# sourceMappingURL=file-command.js.map /***/ }), @@ -1765,6 +1749,7 @@ const file_command_1 = __webpack_require__(102); const utils_1 = __webpack_require__(82); const os = __importStar(__webpack_require__(87)); const path = __importStar(__webpack_require__(622)); +const uuid_1 = __webpack_require__(62); const oidc_utils_1 = __webpack_require__(742); /** * The code to exit an action @@ -1794,9 +1779,20 @@ function exportVariable(name, val) { process.env[name] = convertedVal; const filePath = process.env['GITHUB_ENV'] || ''; if (filePath) { - return file_command_1.issueFileCommand('ENV', file_command_1.prepareKeyValueMessage(name, val)); + const delimiter = `ghadelimiter_${uuid_1.v4()}`; + // These should realistically never happen, but just in case someone finds a way to exploit uuid generation let's not allow keys or values that contain the delimiter. + if (name.includes(delimiter)) { + throw new Error(`Unexpected input: name should not contain the delimiter "${delimiter}"`); + } + if (convertedVal.includes(delimiter)) { + throw new Error(`Unexpected input: value should not contain the delimiter "${delimiter}"`); + } + const commandValue = `${name}<<${delimiter}${os.EOL}${convertedVal}${os.EOL}${delimiter}`; + file_command_1.issueCommand('ENV', commandValue); + } + else { + command_1.issueCommand('set-env', { name }, convertedVal); } - command_1.issueCommand('set-env', { name }, convertedVal); } exports.exportVariable = exportVariable; /** @@ -1814,7 +1810,7 @@ exports.setSecret = setSecret; function addPath(inputPath) { const filePath = process.env['GITHUB_PATH'] || ''; if (filePath) { - file_command_1.issueFileCommand('PATH', inputPath); + file_command_1.issueCommand('PATH', inputPath); } else { command_1.issueCommand('add-path', {}, inputPath); @@ -1854,10 +1850,7 @@ function getMultilineInput(name, options) { const inputs = getInput(name, options) .split('\n') .filter(x => x !== ''); - if (options && options.trimWhitespace === false) { - return inputs; - } - return inputs.map(input => input.trim()); + return inputs; } exports.getMultilineInput = getMultilineInput; /** @@ -1890,12 +1883,8 @@ exports.getBooleanInput = getBooleanInput; */ // eslint-disable-next-line @typescript-eslint/no-explicit-any function setOutput(name, value) { - const filePath = process.env['GITHUB_OUTPUT'] || ''; - if (filePath) { - return file_command_1.issueFileCommand('OUTPUT', file_command_1.prepareKeyValueMessage(name, value)); - } process.stdout.write(os.EOL); - command_1.issueCommand('set-output', { name }, utils_1.toCommandValue(value)); + command_1.issueCommand('set-output', { name }, value); } exports.setOutput = setOutput; /** @@ -2024,11 +2013,7 @@ exports.group = group; */ // eslint-disable-next-line @typescript-eslint/no-explicit-any function saveState(name, value) { - const filePath = process.env['GITHUB_STATE'] || ''; - if (filePath) { - return file_command_1.issueFileCommand('STATE', file_command_1.prepareKeyValueMessage(name, value)); - } - command_1.issueCommand('save-state', { name }, utils_1.toCommandValue(value)); + command_1.issueCommand('save-state', { name }, value); } exports.saveState = saveState; /** @@ -2922,7 +2907,7 @@ const os = __webpack_require__(87); module.exports = (process.env['OS'] != 'Windows_NT') ? { // Use getent() system call, since this is what ssh does; makes a difference in Docker-based // Action runs, where $HOME is different from the pwent - homePath: os.userInfo().homedir, + homePath: os.homedir(), sshAgentCmdDefault: 'ssh-agent', sshAddCmdDefault: 'ssh-add', gitCmdDefault: 'git' diff --git a/paths.js b/paths.js index 1c6fbf0..c4bf5d4 100644 --- a/paths.js +++ b/paths.js @@ -3,7 +3,7 @@ const os = require('os'); module.exports = (process.env['OS'] != 'Windows_NT') ? { // Use getent() system call, since this is what ssh does; makes a difference in Docker-based // Action runs, where $HOME is different from the pwent - homePath: os.userInfo().homedir, + homePath: os.homedir(), sshAgentCmdDefault: 'ssh-agent', sshAddCmdDefault: 'ssh-add', gitCmdDefault: 'git'