From ceb20b242df24c1f8bf064b3c943c31c2555ddd8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Jan 2025 13:00:34 -0600 Subject: [PATCH] Bump @actions/http-client from 2.2.1 to 2.2.3 (#1020) * Bump @actions/http-client from 2.2.1 to 2.2.3 Bumps [@actions/http-client](https://github.com/actions/toolkit/tree/HEAD/packages/http-client) from 2.2.1 to 2.2.3. - [Changelog](https://github.com/actions/toolkit/blob/main/packages/http-client/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/http-client) --- updated-dependencies: - dependency-name: "@actions/http-client" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * fix for licensed and check-dist checks failures --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aparna Jyothi --- .licenses/npm/@actions/http-client.dep.yml | Bin 1406 -> 1406 bytes dist/cache-save/index.js | 19 ++++++++++++++++--- dist/setup/index.js | 19 ++++++++++++++++--- package-lock.json | 9 +++++---- package.json | 2 +- 5 files changed, 38 insertions(+), 11 deletions(-) diff --git a/.licenses/npm/@actions/http-client.dep.yml b/.licenses/npm/@actions/http-client.dep.yml index cdccff4e12d03fd72ab43975a6fb77dd0764565e..1bf161b7b3dc624a5a70674d27ef50072c5b4209 100644 GIT binary patch delta 12 Tcmeyz^^a?U9;5L_eScN}A!7tL delta 12 Tcmeyz^^a?U9;4w#eScN}Az1`9 diff --git a/dist/cache-save/index.js b/dist/cache-save/index.js index 22ad6fe9..125299e9 100644 --- a/dist/cache-save/index.js +++ b/dist/cache-save/index.js @@ -9362,7 +9362,7 @@ class HttpClient { } const usingSsl = parsedUrl.protocol === 'https:'; proxyAgent = new undici_1.ProxyAgent(Object.assign({ uri: proxyUrl.href, pipelining: !this._keepAlive ? 0 : 1 }, ((proxyUrl.username || proxyUrl.password) && { - token: `${proxyUrl.username}:${proxyUrl.password}` + token: `Basic ${Buffer.from(`${proxyUrl.username}:${proxyUrl.password}`).toString('base64')}` }))); this._proxyAgentDispatcher = proxyAgent; if (usingSsl && this._ignoreSslError) { @@ -9476,11 +9476,11 @@ function getProxyUrl(reqUrl) { })(); if (proxyVar) { try { - return new URL(proxyVar); + return new DecodedURL(proxyVar); } catch (_a) { if (!proxyVar.startsWith('http://') && !proxyVar.startsWith('https://')) - return new URL(`http://${proxyVar}`); + return new DecodedURL(`http://${proxyVar}`); } } else { @@ -9539,6 +9539,19 @@ function isLoopbackAddress(host) { hostLower.startsWith('[::1]') || hostLower.startsWith('[0:0:0:0:0:0:0:1]')); } +class DecodedURL extends URL { + constructor(url, base) { + super(url, base); + this._decodedUsername = decodeURIComponent(super.username); + this._decodedPassword = decodeURIComponent(super.password); + } + get username() { + return this._decodedUsername; + } + get password() { + return this._decodedPassword; + } +} //# sourceMappingURL=proxy.js.map /***/ }), diff --git a/dist/setup/index.js b/dist/setup/index.js index dd670a20..540e14de 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -10554,7 +10554,7 @@ class HttpClient { } const usingSsl = parsedUrl.protocol === 'https:'; proxyAgent = new undici_1.ProxyAgent(Object.assign({ uri: proxyUrl.href, pipelining: !this._keepAlive ? 0 : 1 }, ((proxyUrl.username || proxyUrl.password) && { - token: `${proxyUrl.username}:${proxyUrl.password}` + token: `Basic ${Buffer.from(`${proxyUrl.username}:${proxyUrl.password}`).toString('base64')}` }))); this._proxyAgentDispatcher = proxyAgent; if (usingSsl && this._ignoreSslError) { @@ -10668,11 +10668,11 @@ function getProxyUrl(reqUrl) { })(); if (proxyVar) { try { - return new URL(proxyVar); + return new DecodedURL(proxyVar); } catch (_a) { if (!proxyVar.startsWith('http://') && !proxyVar.startsWith('https://')) - return new URL(`http://${proxyVar}`); + return new DecodedURL(`http://${proxyVar}`); } } else { @@ -10731,6 +10731,19 @@ function isLoopbackAddress(host) { hostLower.startsWith('[::1]') || hostLower.startsWith('[0:0:0:0:0:0:0:1]')); } +class DecodedURL extends URL { + constructor(url, base) { + super(url, base); + this._decodedUsername = decodeURIComponent(super.username); + this._decodedPassword = decodeURIComponent(super.password); + } + get username() { + return this._decodedUsername; + } + get password() { + return this._decodedPassword; + } +} //# sourceMappingURL=proxy.js.map /***/ }), diff --git a/package-lock.json b/package-lock.json index 6a8fdf6a..4fc6c936 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,7 @@ "@actions/core": "^1.10.0", "@actions/exec": "^1.1.0", "@actions/glob": "^0.4.0", - "@actions/http-client": "^2.2.1", + "@actions/http-client": "^2.2.3", "@actions/io": "^1.0.2", "@actions/tool-cache": "^2.0.1", "@iarna/toml": "^3.0.0", @@ -109,9 +109,10 @@ } }, "node_modules/@actions/http-client": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.1.tgz", - "integrity": "sha512-KhC/cZsq7f8I4LfZSJKgCvEwfkE8o1538VoBeoGzokVLLnbFDEAdFD3UhoMklxo2un9NJVBdANOresx7vTHlHw==", + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz", + "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==", + "license": "MIT", "dependencies": { "tunnel": "^0.0.6", "undici": "^5.25.4" diff --git a/package.json b/package.json index c9dcfeca..65f7159b 100644 --- a/package.json +++ b/package.json @@ -29,7 +29,7 @@ "@actions/core": "^1.10.0", "@actions/exec": "^1.1.0", "@actions/glob": "^0.4.0", - "@actions/http-client": "^2.2.1", + "@actions/http-client": "^2.2.3", "@actions/io": "^1.0.2", "@actions/tool-cache": "^2.0.1", "@iarna/toml": "^3.0.0",