diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 020c41d20..72da44c72 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -107893,10 +107893,13 @@ function writeDiagnostic(config, language, diagnostic) { try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index e401797e9..9a8363372 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -165812,10 +165812,13 @@ function writeDiagnostic(config, language, diagnostic) { try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/lib/init-action.js b/lib/init-action.js index 977240f21..3e779fe79 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -105398,10 +105398,13 @@ function writeDiagnostic(config, language, diagnostic) { try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 48a206e8a..0c492ed45 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -105468,10 +105468,13 @@ function writeDiagnostic(config, language, diagnostic) { try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index faca0370a..c34c46ec7 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -107503,10 +107503,13 @@ function writeDiagnostic(config, language, diagnostic) { try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index d412f3547..e4b8dbde7 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -108259,10 +108259,13 @@ function writeDiagnostic(config, language, diagnostic) { try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/src/diagnostics.ts b/src/diagnostics.ts index 6b1911d05..ab9ca4a7a 100644 --- a/src/diagnostics.ts +++ b/src/diagnostics.ts @@ -173,10 +173,15 @@ function writeDiagnostic( const uniqueSuffix = Math.floor(Math.random() * 0x100000000) .toString(16) .padStart(8, "0"); + // We should only need to remove colons, but to be defensive, only allow a restricted set of + // characters. + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "", + ); const jsonPath = path.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json`, + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json`, ); writeFileSync(jsonPath, JSON.stringify(diagnostic));