Compare commits

..

32 Commits

Author SHA1 Message Date
5970a9ee86 latest ncc 2021-12-05 23:34:28 -05:00
4d12fe762c checkin other ncc generated files 2021-12-05 23:34:07 -05:00
f20f71e9fd fmt 2021-12-05 23:25:22 -05:00
040bca2f2d reintroduce octokit retry and throttling plugins 2021-12-05 23:19:25 -05:00
44946dc88f rebuild 2021-12-05 01:41:29 -05:00
58fa4b7a88 Add assets action output (#185) 2021-11-25 18:02:50 -05:00
b260a9f8a6 Follow symbolic links (#186) 2021-11-24 12:00:17 -05:00
17cd0d34de release prep for 0.1.14 (#183) 2021-11-15 01:30:36 -05:00
15d2aaca23 Fix repository url (#178) 2021-11-15 01:22:05 -05:00
0465cdad11 Support auto generating release notes (#179) 2021-11-07 17:06:35 -05:00
69a9b03fd9 Fix typo in message (#168) 2021-10-25 20:57:46 -04:00
a80139913a Specify required permissions in README (#164) 2021-09-27 15:55:09 -04:00
6034af24fb bump version and add changelog notes 2021-09-13 21:46:37 -04:00
0b1e2e4582 rebuild 2021-09-13 21:42:39 -04:00
a3f0173fb3 pick one body (#145) 2021-09-10 23:07:54 -04:00
2d72d869af bump version 2021-08-09 23:59:33 -04:00
730b76a669 make sure values not provided by users resolve to undefined (#144) 2021-08-09 23:57:43 -04:00
815e458579 bump version 2021-08-09 09:28:34 -04:00
6ecde844e8 better error on release create failure (#143) 2021-08-09 09:26:48 -04:00
487fcd9442 bump version 2021-08-08 12:15:54 -04:00
8b7a7c0162 stringify errors object 2021-08-08 12:12:34 -04:00
6c87482fb9 fix upload err fmt 2021-08-08 12:10:40 -04:00
2956b0de81 document input 2021-08-08 11:59:31 -04:00
0aec73c6d6 document discussion link input 2021-08-08 11:57:10 -04:00
ce95482067 bump version + update changelog 2021-08-08 11:55:10 -04:00
2861dc8673 support linking to discussions (#136)
* support linking to discussions

* fmt

* wire param
2021-08-08 02:07:02 -04:00
dd98a235fd update readme 2021-08-08 00:47:44 -04:00
4de103f838 update changelog 2021-08-08 00:31:19 -04:00
003621c2ca address asset upload warning (#134)
* bump version

* address asset upload warning

* refactor to new octokit api, work around release asset upload api

* format upload url

* unminify to debug

* try alt constructor

* utilize formatted upload url

* authorize upload

* pass token explicitly

* address conflicting uploads

* remove debugging artifacts
2021-08-08 00:28:01 -04:00
59c3b48916 add one more item to changelog 2021-07-30 18:43:29 -04:00
8779b820d9 backwards compat for GITHUB_TOKEN from env (#133)
* backwards compat for GITHUB_TOKEN from env

* update changelog
2021-07-30 18:41:53 -04:00
d2a05f5e5a fix: trimming tag_name to avoid error 422 when creating release (#130) 2021-07-30 09:09:00 -04:00
14 changed files with 3016 additions and 309 deletions

View File

@ -1,3 +1,35 @@
- Add `asset` output as a JSON array containing information about the uploaded assets
## 0.1.14
- provides an new workflow input option `generate_release_notes` which when set to true will automatically generate release notes for you based on GitHub activity [#179](https://github.com/softprops/action-gh-release/pull/179). Please see the [GitHub docs for this feature](https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes) for more information
## 0.1.13
- fix issue with multiple runs concatenating release bodies [#145](https://github.com/softprops/action-gh-release/pull/145)
## 0.1.12
- fix bug leading to empty strings subsituted for inputs users don't provide breaking api calls [#144](https://github.com/softprops/action-gh-release/pull/144)
## 0.1.11
- better error message on release create failed [#143](https://github.com/softprops/action-gh-release/pull/143)
## 0.1.10
- fixed error message formatting for file uploads
## 0.1.9
- add support for linking release to GitHub discussion [#136](https://github.com/softprops/action-gh-release/pull/136)
## 0.1.8
- address recent warnings in assert upload api as well as introduce asset upload overrides, allowing for multiple runs for the same release with the same named asserts [#134](https://github.com/softprops/action-gh-release/pull/134)
- fix backwards compatibility with `GITHUB_TOKEN` resolution. `GITHUB_TOKEN` is no resolved first from an env varibale and then from and input [#133](https://github.com/softprops/action-gh-release/pull/133)
- trim white space in provided `tag_name` [#130](https://github.com/softprops/action-gh-release/pull/130)
## 0.1.7
- allow creating draft releases without a tag [#95](https://github.com/softprops/action-gh-release/pull/95)

View File

@ -152,6 +152,9 @@ jobs:
if: startsWith(github.ref, 'refs/tags/')
with:
body_path: ${{ github.workspace }}-CHANGELOG.txt
# note you'll typically need to create a personal access token
# with permissions to create releases in the other repo
token: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
env:
GITHUB_REPOSITORY: my_gh_org/my_gh_repo
```
@ -162,18 +165,21 @@ jobs:
The following are optional as `step.with` keys
| Name | Type | Description |
| ------------------------- | ------- | --------------------------------------------------------------------------------------------------- |
| `body` | String | Text communicating notable changes in this release |
| `body_path` | String | Path to load text communicating notable changes in this release |
| `draft` | Boolean | Indicator of whether or not this release is a draft |
| `prerelease` | Boolean | Indicator of whether or not is a prerelease |
| `files` | String | Newline-delimited globs of paths to assets to upload for release |
| `name` | String | Name of the release. defaults to tag name |
| `tag_name` | String | Name of a tag. defaults to `github.ref` |
| `fail_on_unmatched_files` | Boolean | Indicator of whether to fail if any of the `files` globs match nothing |
| `target_commitish` | String | Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA. |
| `token` | String | Secret GitHub Personal Access Token. Defaults to `${{ github.token }}` |
| Name | Type | Description |
| -------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `body` | String | Text communicating notable changes in this release |
| `body_path` | String | Path to load text communicating notable changes in this release |
| `draft` | Boolean | Indicator of whether or not this release is a draft |
| `prerelease` | Boolean | Indicator of whether or not is a prerelease |
| `files` | String | Newline-delimited globs of paths to assets to upload for release |
| `name` | String | Name of the release. defaults to tag name |
| `tag_name` | String | Name of a tag. defaults to `github.ref` |
| `fail_on_unmatched_files` | Boolean | Indicator of whether to fail if any of the `files` globs match nothing |
| `repository` | String | Name of a target repository in `<owner>/<repo>` format. Defaults to GITHUB_REPOSITORY env variable |
| `target_commitish` | String | Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA. |
| `token` | String | Secret GitHub Personal Access Token. Defaults to `${{ github.token }}` |
| `discussion_category_name` | String | If specified, a discussion of the specified category is created and linked to the release. The value must be a category that already exists in the repository. For more information, see ["Managing categories for discussions in your repository."](https://docs.github.com/en/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository) |
| `generate_release_notes` | Boolean | Whether to automatically generate the name and body for this release. If name is specified, the specified name will be used; otherwise, a name will be automatically generated. If body is specified, the body will be pre-pended to the automatically generated notes. See the [GitHub docs for this feature](https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes) for more information |
💡 When providing a `body` and `body_path` at the same time, `body_path` will be
attempted first, then falling back on `body` if the path can not be read from.
@ -191,6 +197,9 @@ The following outputs can be accessed via `${{ steps.<step-id>.outputs }}` from
| `url` | String | Github.com URL for the release |
| `id` | String | Release ID |
| `upload_url` | String | URL for uploading assets to the release |
| `assets` | String | JSON array containing information about each uploaded asset, in the format given [here](https://docs.github.com/en/rest/reference/repos#upload-a-release-asset--code-samples) (minus the `uploader` field) |
As an example, you can use `${{ fromJSON(steps.<step-id>.outputs.assets)[0].browser_download_url }}` to get the download URL of the first asset.
#### environment variables
@ -203,4 +212,15 @@ The following `step.env` keys are allowed as a fallback but deprecated in favor
> **⚠️ Note:** This action was previously implemented as a Docker container, limiting its use to GitHub Actions Linux virtual environments only. With recent releases, we now support cross platform usage. You'll need to remove the `docker://` prefix in these versions
### Permissions
This Action requires the following permissions on the GitHub integration token:
```yaml
permissions:
contents: write
```
[GitHub token permissions](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) can be set for an individual job, workflow, or for Actions as a whole.
Doug Tangren (softprops) 2019

View File

@ -15,11 +15,11 @@ describe("github", () => {
describe("asset", () => {
it("derives asset info from a path", async () => {
const { name, mime, size, file } = asset("tests/data/foo/bar.txt");
const { name, mime, size, data } = asset("tests/data/foo/bar.txt");
assert.equal(name, "bar.txt");
assert.equal(mime, "text/plain");
assert.equal(size, 10);
assert.equal(file.toString(), "release me");
assert.equal(data.toString(), "release me");
});
});
});

View File

@ -4,11 +4,22 @@ import {
paths,
parseConfig,
parseInputFiles,
unmatchedPatterns
unmatchedPatterns,
uploadUrl
} from "../src/util";
import * as assert from "assert";
describe("util", () => {
describe("uploadUrl", () => {
it("strips template", () => {
assert.equal(
uploadUrl(
"https://uploads.github.com/repos/octocat/Hello-World/releases/1/assets{?name,label}"
),
"https://uploads.github.com/repos/octocat/Hello-World/releases/1/assets"
);
});
});
describe("parseInputFiles", () => {
it("parses empty strings", () => {
assert.deepStrictEqual(parseInputFiles(""), []);
@ -38,7 +49,9 @@ describe("util", () => {
input_files: [],
input_name: undefined,
input_tag_name: undefined,
input_target_commitish: undefined
input_target_commitish: undefined,
input_discussion_category_name: undefined,
input_generate_release_notes: false
})
);
});
@ -56,7 +69,9 @@ describe("util", () => {
input_files: [],
input_name: undefined,
input_tag_name: undefined,
input_target_commitish: undefined
input_target_commitish: undefined,
input_discussion_category_name: undefined,
input_generate_release_notes: false
})
);
});
@ -74,30 +89,45 @@ describe("util", () => {
input_files: [],
input_name: undefined,
input_tag_name: undefined,
input_target_commitish: undefined
input_target_commitish: undefined,
input_discussion_category_name: undefined,
input_generate_release_notes: false
})
);
});
});
describe("parseConfig", () => {
it("parses basic config", () => {
assert.deepStrictEqual(parseConfig({}), {
github_ref: "",
github_repository: "",
github_token: "",
input_body: undefined,
input_body_path: undefined,
input_draft: undefined,
input_prerelease: undefined,
input_files: [],
input_name: undefined,
input_tag_name: undefined,
input_fail_on_unmatched_files: false,
input_target_commitish: undefined
});
assert.deepStrictEqual(
parseConfig({
// note: inputs declared in actions.yml, even when declared not required,
// are still provided by the actions runtime env as empty strings instead of
// the normal absent env value one would expect. this breaks things
// as an empty string !== undefined in terms of what we pass to the api
// so we cover that in a test case here to ensure undefined values are actually
// resolved as undefined and not empty strings
INPUT_TARGET_COMMITISH: "",
INPUT_DISCUSSION_CATEGORY_NAME: ""
}),
{
github_ref: "",
github_repository: "",
github_token: "",
input_body: undefined,
input_body_path: undefined,
input_draft: undefined,
input_prerelease: undefined,
input_files: [],
input_name: undefined,
input_tag_name: undefined,
input_fail_on_unmatched_files: false,
input_target_commitish: undefined,
input_discussion_category_name: undefined,
input_generate_release_notes: false
}
);
});
});
describe("parseConfig", () => {
it("parses basic config with commitish", () => {
assert.deepStrictEqual(
parseConfig({
@ -115,7 +145,108 @@ describe("util", () => {
input_name: undefined,
input_tag_name: undefined,
input_fail_on_unmatched_files: false,
input_target_commitish: "affa18ef97bc9db20076945705aba8c516139abd"
input_target_commitish: "affa18ef97bc9db20076945705aba8c516139abd",
input_discussion_category_name: undefined,
input_generate_release_notes: false
}
);
});
it("supports discussion category names", () => {
assert.deepStrictEqual(
parseConfig({
INPUT_DISCUSSION_CATEGORY_NAME: "releases"
}),
{
github_ref: "",
github_repository: "",
github_token: "",
input_body: undefined,
input_body_path: undefined,
input_draft: undefined,
input_prerelease: undefined,
input_files: [],
input_name: undefined,
input_tag_name: undefined,
input_fail_on_unmatched_files: false,
input_target_commitish: undefined,
input_discussion_category_name: "releases",
input_generate_release_notes: false
}
);
});
it("supports generating release notes", () => {
assert.deepStrictEqual(
parseConfig({
INPUT_GENERATE_RELEASE_NOTES: "true"
}),
{
github_ref: "",
github_repository: "",
github_token: "",
input_body: undefined,
input_body_path: undefined,
input_draft: undefined,
input_prerelease: undefined,
input_files: [],
input_name: undefined,
input_tag_name: undefined,
input_fail_on_unmatched_files: false,
input_target_commitish: undefined,
input_discussion_category_name: undefined,
input_generate_release_notes: true
}
);
});
it("prefers GITHUB_TOKEN over token input for backwards compatibility", () => {
assert.deepStrictEqual(
parseConfig({
INPUT_DRAFT: "false",
INPUT_PRERELEASE: "true",
GITHUB_TOKEN: "env-token",
INPUT_TOKEN: "input-token"
}),
{
github_ref: "",
github_repository: "",
github_token: "env-token",
input_body: undefined,
input_body_path: undefined,
input_draft: false,
input_prerelease: true,
input_files: [],
input_name: undefined,
input_tag_name: undefined,
input_fail_on_unmatched_files: false,
input_target_commitish: undefined,
input_discussion_category_name: undefined,
input_generate_release_notes: false
}
);
});
it("uses input token as the source of GITHUB_TOKEN by default", () => {
assert.deepStrictEqual(
parseConfig({
INPUT_DRAFT: "false",
INPUT_PRERELEASE: "true",
INPUT_TOKEN: "input-token"
}),
{
github_ref: "",
github_repository: "",
github_token: "input-token",
input_body: undefined,
input_body_path: undefined,
input_draft: false,
input_prerelease: true,
input_files: [],
input_name: undefined,
input_tag_name: undefined,
input_fail_on_unmatched_files: false,
input_target_commitish: undefined,
input_discussion_category_name: undefined,
input_generate_release_notes: false
}
);
});
@ -137,7 +268,9 @@ describe("util", () => {
input_name: undefined,
input_tag_name: undefined,
input_fail_on_unmatched_files: false,
input_target_commitish: undefined
input_target_commitish: undefined,
input_discussion_category_name: undefined,
input_generate_release_notes: false
}
);
});

View File

@ -37,15 +37,23 @@ inputs:
target_commitish:
description: "Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA."
required: false
discussion_category_name:
description: "If specified, a discussion of the specified category is created and linked to the release. The value must be a category that already exists in the repository. If there is already a discussion linked to the release, this parameter is ignored."
required: false
generate_release_notes:
description: "Whether to automatically generate the name and body for this release. If name is specified, the specified name will be used; otherwise, a name will be automatically generated. If body is specified, the body will be pre-pended to the automatically generated notes."
required: false
env:
"GITHUB_TOKEN": "As provided by Github Actions"
outputs:
url:
description: 'URL to the Release HTML Page'
description: "URL to the Release HTML Page"
id:
description: 'Release ID'
description: "Release ID"
upload_url:
description: "URL for uploading assets to the release"
assets:
description: "JSON array containing information about each uploaded asset, in the format given [here](https://docs.github.com/en/rest/reference/repos#upload-a-release-asset--code-samples) (minus the `uploader` field)"
runs:
using: "node12"
main: "dist/index.js"

1139
dist/contextify.js vendored Normal file

File diff suppressed because it is too large Load Diff

83
dist/fixasync.js vendored Normal file
View File

@ -0,0 +1,83 @@
'use strict';
// eslint-disable-next-line no-invalid-this, no-shadow
const {GeneratorFunction, AsyncFunction, AsyncGeneratorFunction, global, internal, host, hook} = this;
const {Contextify, Decontextify} = internal;
// eslint-disable-next-line no-shadow
const {Function, eval: eval_, Promise, Object, Reflect} = global;
const {getOwnPropertyDescriptor, defineProperty, assign} = Object;
const {apply: rApply, construct: rConstruct} = Reflect;
const FunctionHandler = {
__proto__: null,
apply(target, thiz, args) {
const type = this.type;
args = Decontextify.arguments(args);
try {
args = Contextify.value(hook(type, args));
} catch (e) {
throw Contextify.value(e);
}
return rApply(target, thiz, args);
},
construct(target, args, newTarget) {
const type = this.type;
args = Decontextify.arguments(args);
try {
args = Contextify.value(hook(type, args));
} catch (e) {
throw Contextify.value(e);
}
return rConstruct(target, args, newTarget);
}
};
function makeCheckFunction(type) {
return assign({
__proto__: null,
type
}, FunctionHandler);
}
function override(obj, prop, value) {
const desc = getOwnPropertyDescriptor(obj, prop);
desc.value = value;
defineProperty(obj, prop, desc);
}
const proxiedFunction = new host.Proxy(Function, makeCheckFunction('function'));
override(Function.prototype, 'constructor', proxiedFunction);
if (GeneratorFunction) {
Object.setPrototypeOf(GeneratorFunction, proxiedFunction);
override(GeneratorFunction.prototype, 'constructor', new host.Proxy(GeneratorFunction, makeCheckFunction('generator_function')));
}
if (AsyncFunction) {
Object.setPrototypeOf(AsyncFunction, proxiedFunction);
override(AsyncFunction.prototype, 'constructor', new host.Proxy(AsyncFunction, makeCheckFunction('async_function')));
}
if (AsyncGeneratorFunction) {
Object.setPrototypeOf(AsyncGeneratorFunction, proxiedFunction);
override(AsyncGeneratorFunction.prototype, 'constructor', new host.Proxy(AsyncGeneratorFunction, makeCheckFunction('async_generator_function')));
}
global.Function = proxiedFunction;
global.eval = new host.Proxy(eval_, makeCheckFunction('eval'));
if (Promise) {
Promise.prototype.then = new host.Proxy(Promise.prototype.then, makeCheckFunction('promise_then'));
// This seems not to work, and will produce
// UnhandledPromiseRejectionWarning: TypeError: Method Promise.prototype.then called on incompatible receiver [object Object].
// This is likely caused since the host.Promise.prototype.then cannot use the VM Proxy object.
// Contextify.connect(host.Promise.prototype.then, Promise.prototype.then);
if (Promise.prototype.finally) {
Promise.prototype.finally = new host.Proxy(Promise.prototype.finally, makeCheckFunction('promise_finally'));
// Contextify.connect(host.Promise.prototype.finally, Promise.prototype.finally);
}
if (Promise.prototype.catch) {
Promise.prototype.catch = new host.Proxy(Promise.prototype.catch, makeCheckFunction('promise_catch'));
// Contextify.connect(host.Promise.prototype.catch, Promise.prototype.catch);
}
}

136
dist/index.js vendored

File diff suppressed because one or more lines are too long

682
dist/sandbox.js vendored Normal file
View File

@ -0,0 +1,682 @@
/* eslint-disable no-shadow, no-invalid-this */
/* global vm, host, Contextify, Decontextify, VMError, options */
'use strict';
const {Script} = host.require('vm');
const fs = host.require('fs');
const pa = host.require('path');
const BUILTIN_MODULES = host.process.binding('natives');
const parseJSON = JSON.parse;
const importModuleDynamically = () => {
// We can't throw an error object here because since vm.Script doesn't store a context, we can't properly contextify that error object.
// eslint-disable-next-line no-throw-literal
throw 'Dynamic imports are not allowed.';
};
/**
* @param {Object} host Hosts's internal objects.
*/
return ((vm, host) => {
'use strict';
const global = this;
const TIMERS = new host.WeakMap(); // Contains map of timers created inside sandbox
const BUILTINS = {__proto__: null};
const CACHE = {__proto__: null};
const EXTENSIONS = {
__proto__: null,
['.json'](module, filename) {
try {
const code = fs.readFileSync(filename, 'utf8');
module.exports = parseJSON(code);
} catch (e) {
throw Contextify.value(e);
}
},
['.node'](module, filename) {
if (vm.options.require.context === 'sandbox') throw new VMError('Native modules can be required only with context set to \'host\'.');
try {
module.exports = Contextify.readonly(host.require(filename));
} catch (e) {
throw Contextify.value(e);
}
}
};
for (let i = 0; i < vm.options.sourceExtensions.length; i++) {
const ext = vm.options.sourceExtensions[i];
EXTENSIONS['.' + ext] = (module, filename, dirname) => {
if (vm.options.require.context !== 'sandbox') {
try {
module.exports = Contextify.readonly(host.require(filename));
} catch (e) {
throw Contextify.value(e);
}
} else {
let script;
try {
// Load module
let contents = fs.readFileSync(filename, 'utf8');
contents = vm._compiler(contents, filename);
const code = host.STRICT_MODULE_PREFIX + contents + host.MODULE_SUFFIX;
const ccode = vm._hook('run', [code]);
// Precompile script
script = new Script(ccode, {
__proto__: null,
filename: filename || 'vm.js',
displayErrors: false,
importModuleDynamically
});
} catch (ex) {
throw Contextify.value(ex);
}
const closure = script.runInContext(global, {
__proto__: null,
filename: filename || 'vm.js',
displayErrors: false,
importModuleDynamically
});
// run the script
closure(module.exports, module.require, module, filename, dirname);
}
};
}
const _parseExternalOptions = (options) => {
if (host.Array.isArray(options)) {
return {
__proto__: null,
external: options,
transitive: false
};
}
return {
__proto__: null,
external: options.modules,
transitive: options.transitive
};
};
/**
* Resolve filename.
*/
const _resolveFilename = (path) => {
if (!path) return null;
let hasPackageJson;
try {
path = pa.resolve(path);
const exists = fs.existsSync(path);
const isdir = exists ? fs.statSync(path).isDirectory() : false;
// direct file match
if (exists && !isdir) return path;
// load as file
for (let i = 0; i < vm.options.sourceExtensions.length; i++) {
const ext = vm.options.sourceExtensions[i];
if (fs.existsSync(`${path}.${ext}`)) return `${path}.${ext}`;
}
if (fs.existsSync(`${path}.json`)) return `${path}.json`;
if (fs.existsSync(`${path}.node`)) return `${path}.node`;
// load as module
hasPackageJson = fs.existsSync(`${path}/package.json`);
} catch (e) {
throw Contextify.value(e);
}
if (hasPackageJson) {
let pkg;
try {
pkg = fs.readFileSync(`${path}/package.json`, 'utf8');
} catch (e) {
throw Contextify.value(e);
}
try {
pkg = parseJSON(pkg);
} catch (ex) {
throw new VMError(`Module '${path}' has invalid package.json`, 'EMODULEINVALID');
}
let main;
if (pkg && pkg.main) {
main = _resolveFilename(`${path}/${pkg.main}`);
if (!main) main = _resolveFilename(`${path}/index`);
} else {
main = _resolveFilename(`${path}/index`);
}
return main;
}
// load as directory
try {
for (let i = 0; i < vm.options.sourceExtensions.length; i++) {
const ext = vm.options.sourceExtensions[i];
if (fs.existsSync(`${path}/index.${ext}`)) return `${path}/index.${ext}`;
}
if (fs.existsSync(`${path}/index.json`)) return `${path}/index.json`;
if (fs.existsSync(`${path}/index.node`)) return `${path}/index.node`;
} catch (e) {
throw Contextify.value(e);
}
return null;
};
/**
* Builtin require.
*/
const _requireBuiltin = (moduleName) => {
if (moduleName === 'buffer') return ({Buffer});
if (BUILTINS[moduleName]) return BUILTINS[moduleName].exports; // Only compiled builtins are stored here
if (moduleName === 'util') {
return Contextify.readonly(host.require(moduleName), {
// Allows VM context to use util.inherits
__proto__: null,
inherits: (ctor, superCtor) => {
ctor.super_ = superCtor;
Object.setPrototypeOf(ctor.prototype, superCtor.prototype);
}
});
}
if (moduleName === 'events' || moduleName === 'internal/errors') {
let script;
try {
script = new Script(`(function (exports, require, module, process, internalBinding) {
'use strict';
const primordials = global;
${BUILTIN_MODULES[moduleName]}
\n
});`, {
filename: `${moduleName}.vm.js`
});
} catch (e) {
throw Contextify.value(e);
}
// setup module scope
const module = BUILTINS[moduleName] = {
exports: {},
require: _requireBuiltin
};
// run script
try {
// FIXME binding should be contextified
script.runInContext(global)(module.exports, module.require, module, host.process, host.process.binding);
} catch (e) {
// e could be from inside or outside of sandbox
throw new VMError(`Error loading '${moduleName}'`);
}
return module.exports;
}
return Contextify.readonly(host.require(moduleName));
};
/**
* Prepare require.
*/
const _prepareRequire = (currentDirname, parentAllowsTransitive = false) => {
const _require = moduleName => {
let requireObj;
try {
const optionsObj = vm.options;
if (optionsObj.nesting && moduleName === 'vm2') return {VM: Contextify.readonly(host.VM), NodeVM: Contextify.readonly(host.NodeVM)};
requireObj = optionsObj.require;
} catch (e) {
throw Contextify.value(e);
}
if (!requireObj) throw new VMError(`Access denied to require '${moduleName}'`, 'EDENIED');
if (moduleName == null) throw new VMError("Module '' not found.", 'ENOTFOUND');
if (typeof moduleName !== 'string') throw new VMError(`Invalid module name '${moduleName}'`, 'EINVALIDNAME');
let filename;
let allowRequireTransitive = false;
// Mock?
try {
const {mock} = requireObj;
if (mock) {
const mockModule = mock[moduleName];
if (mockModule) {
return Contextify.readonly(mockModule);
}
}
} catch (e) {
throw Contextify.value(e);
}
// Builtin?
if (BUILTIN_MODULES[moduleName]) {
let allowed;
try {
const builtinObj = requireObj.builtin;
if (host.Array.isArray(builtinObj)) {
if (builtinObj.indexOf('*') >= 0) {
allowed = builtinObj.indexOf(`-${moduleName}`) === -1;
} else {
allowed = builtinObj.indexOf(moduleName) >= 0;
}
} else if (builtinObj) {
allowed = builtinObj[moduleName];
} else {
allowed = false;
}
} catch (e) {
throw Contextify.value(e);
}
if (!allowed) throw new VMError(`Access denied to require '${moduleName}'`, 'EDENIED');
return _requireBuiltin(moduleName);
}
// External?
let externalObj;
try {
externalObj = requireObj.external;
} catch (e) {
throw Contextify.value(e);
}
if (!externalObj) throw new VMError(`Access denied to require '${moduleName}'`, 'EDENIED');
if (/^(\.|\.\/|\.\.\/)/.exec(moduleName)) {
// Module is relative file, e.g. ./script.js or ../script.js
if (!currentDirname) throw new VMError('You must specify script path to load relative modules.', 'ENOPATH');
filename = _resolveFilename(`${currentDirname}/${moduleName}`);
} else if (/^(\/|\\|[a-zA-Z]:\\)/.exec(moduleName)) {
// Module is absolute file, e.g. /script.js or //server/script.js or C:\script.js
filename = _resolveFilename(moduleName);
} else {
// Check node_modules in path
if (!currentDirname) throw new VMError('You must specify script path to load relative modules.', 'ENOPATH');
if (typeof externalObj === 'object') {
let isWhitelisted;
try {
const { external, transitive } = _parseExternalOptions(externalObj);
isWhitelisted = external.some(ext => host.helpers.match(ext, moduleName)) || (transitive && parentAllowsTransitive);
} catch (e) {
throw Contextify.value(e);
}
if (!isWhitelisted) {
throw new VMError(`The module '${moduleName}' is not whitelisted in VM.`, 'EDENIED');
}
allowRequireTransitive = true;
}
// FIXME the paths array has side effects
const paths = currentDirname.split(pa.sep);
while (paths.length) {
const path = paths.join(pa.sep);
// console.log moduleName, "#{path}#{pa.sep}node_modules#{pa.sep}#{moduleName}"
filename = _resolveFilename(`${path}${pa.sep}node_modules${pa.sep}${moduleName}`);
if (filename) break;
paths.pop();
}
}
if (!filename) {
let resolveFunc;
try {
resolveFunc = requireObj.resolve;
} catch (e) {
throw Contextify.value(e);
}
if (resolveFunc) {
let resolved;
try {
resolved = requireObj.resolve(moduleName, currentDirname);
} catch (e) {
throw Contextify.value(e);
}
filename = _resolveFilename(resolved);
}
}
if (!filename) throw new VMError(`Cannot find module '${moduleName}'`, 'ENOTFOUND');
// return cache whenever possible
if (CACHE[filename]) return CACHE[filename].exports;
const dirname = pa.dirname(filename);
const extname = pa.extname(filename);
let allowedModule = true;
try {
const rootObj = requireObj.root;
if (rootObj) {
const rootPaths = host.Array.isArray(rootObj) ? rootObj : host.Array.of(rootObj);
allowedModule = rootPaths.some(path => host.String.prototype.startsWith.call(dirname, pa.resolve(path)));
}
} catch (e) {
throw Contextify.value(e);
}
if (!allowedModule) {
throw new VMError(`Module '${moduleName}' is not allowed to be required. The path is outside the border!`, 'EDENIED');
}
const module = CACHE[filename] = {
filename,
exports: {},
require: _prepareRequire(dirname, allowRequireTransitive)
};
// lookup extensions
if (EXTENSIONS[extname]) {
EXTENSIONS[extname](module, filename, dirname);
return module.exports;
}
throw new VMError(`Failed to load '${moduleName}': Unknown type.`, 'ELOADFAIL');
};
return _require;
};
/**
* Prepare sandbox.
*/
// This is a function and not an arrow function, since the original is also a function
global.setTimeout = function setTimeout(callback, delay, ...args) {
if (typeof callback !== 'function') throw new TypeError('"callback" argument must be a function');
let tmr;
try {
tmr = host.setTimeout(Decontextify.value(() => {
// FIXME ...args has side effects
callback(...args);
}), Decontextify.value(delay));
} catch (e) {
throw Contextify.value(e);
}
const local = Contextify.value(tmr);
TIMERS.set(local, tmr);
return local;
};
global.setInterval = function setInterval(callback, interval, ...args) {
if (typeof callback !== 'function') throw new TypeError('"callback" argument must be a function');
let tmr;
try {
tmr = host.setInterval(Decontextify.value(() => {
// FIXME ...args has side effects
callback(...args);
}), Decontextify.value(interval));
} catch (e) {
throw Contextify.value(e);
}
const local = Contextify.value(tmr);
TIMERS.set(local, tmr);
return local;
};
global.setImmediate = function setImmediate(callback, ...args) {
if (typeof callback !== 'function') throw new TypeError('"callback" argument must be a function');
let tmr;
try {
tmr = host.setImmediate(Decontextify.value(() => {
// FIXME ...args has side effects
callback(...args);
}));
} catch (e) {
throw Contextify.value(e);
}
const local = Contextify.value(tmr);
TIMERS.set(local, tmr);
return local;
};
global.clearTimeout = function clearTimeout(local) {
try {
host.clearTimeout(TIMERS.get(local));
} catch (e) {
throw Contextify.value(e);
}
};
global.clearInterval = function clearInterval(local) {
try {
host.clearInterval(TIMERS.get(local));
} catch (e) {
throw Contextify.value(e);
}
};
global.clearImmediate = function clearImmediate(local) {
try {
host.clearImmediate(TIMERS.get(local));
} catch (e) {
throw Contextify.value(e);
}
};
function addListener(name, handler) {
if (name !== 'beforeExit' && name !== 'exit') {
throw new Error(`Access denied to listen for '${name}' event.`);
}
try {
host.process.on(name, Decontextify.value(handler));
} catch (e) {
throw Contextify.value(e);
}
return this;
}
const {argv: optionArgv, env: optionsEnv} = options;
// FIXME wrong class structure
global.process = {
argv: optionArgv !== undefined ? Contextify.value(optionArgv) : [],
title: host.process.title,
version: host.process.version,
versions: Contextify.readonly(host.process.versions),
arch: host.process.arch,
platform: host.process.platform,
env: optionsEnv !== undefined ? Contextify.value(optionsEnv) : {},
pid: host.process.pid,
features: Contextify.readonly(host.process.features),
nextTick: function nextTick(callback, ...args) {
if (typeof callback !== 'function') {
throw new Error('Callback must be a function.');
}
try {
host.process.nextTick(Decontextify.value(() => {
// FIXME ...args has side effects
callback(...args);
}));
} catch (e) {
throw Contextify.value(e);
}
},
hrtime: function hrtime(time) {
try {
return Contextify.value(host.process.hrtime(Decontextify.value(time)));
} catch (e) {
throw Contextify.value(e);
}
},
cwd: function cwd() {
try {
return Contextify.value(host.process.cwd());
} catch (e) {
throw Contextify.value(e);
}
},
addListener,
on: addListener,
once: function once(name, handler) {
if (name !== 'beforeExit' && name !== 'exit') {
throw new Error(`Access denied to listen for '${name}' event.`);
}
try {
host.process.once(name, Decontextify.value(handler));
} catch (e) {
throw Contextify.value(e);
}
return this;
},
listeners: function listeners(name) {
if (name !== 'beforeExit' && name !== 'exit') {
// Maybe add ({__proto__:null})[name] to throw when name fails in https://tc39.es/ecma262/#sec-topropertykey.
return [];
}
// Filter out listeners, which were not created in this sandbox
try {
return Contextify.value(host.process.listeners(name).filter(listener => Contextify.isVMProxy(listener)));
} catch (e) {
throw Contextify.value(e);
}
},
removeListener: function removeListener(name, handler) {
if (name !== 'beforeExit' && name !== 'exit') {
return this;
}
try {
host.process.removeListener(name, Decontextify.value(handler));
} catch (e) {
throw Contextify.value(e);
}
return this;
},
umask: function umask() {
if (arguments.length) {
throw new Error('Access denied to set umask.');
}
try {
return Contextify.value(host.process.umask());
} catch (e) {
throw Contextify.value(e);
}
}
};
if (vm.options.console === 'inherit') {
global.console = Contextify.readonly(host.console);
} else if (vm.options.console === 'redirect') {
global.console = {
debug(...args) {
try {
// FIXME ...args has side effects
vm.emit('console.debug', ...Decontextify.arguments(args));
} catch (e) {
throw Contextify.value(e);
}
},
log(...args) {
try {
// FIXME ...args has side effects
vm.emit('console.log', ...Decontextify.arguments(args));
} catch (e) {
throw Contextify.value(e);
}
},
info(...args) {
try {
// FIXME ...args has side effects
vm.emit('console.info', ...Decontextify.arguments(args));
} catch (e) {
throw Contextify.value(e);
}
},
warn(...args) {
try {
// FIXME ...args has side effects
vm.emit('console.warn', ...Decontextify.arguments(args));
} catch (e) {
throw Contextify.value(e);
}
},
error(...args) {
try {
// FIXME ...args has side effects
vm.emit('console.error', ...Decontextify.arguments(args));
} catch (e) {
throw Contextify.value(e);
}
},
dir(...args) {
try {
vm.emit('console.dir', ...Decontextify.arguments(args));
} catch (e) {
throw Contextify.value(e);
}
},
time() {},
timeEnd() {},
trace(...args) {
try {
// FIXME ...args has side effects
vm.emit('console.trace', ...Decontextify.arguments(args));
} catch (e) {
throw Contextify.value(e);
}
}
};
}
/*
Return contextified require.
*/
return _prepareRequire;
})(vm, host);

831
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
{
"name": "action-gh-release",
"version": "0.1.7",
"version": "0.1.14",
"private": true,
"description": "GitHub Action for creating GitHub Releases",
"main": "lib/main.js",
@ -12,7 +12,7 @@
},
"repository": {
"type": "git",
"url": "git+https://github.com/softprops/action-gh-template.git"
"url": "git+https://github.com/softprops/action-gh-release.git"
},
"keywords": [
"actions"
@ -20,19 +20,21 @@
"author": "softprops",
"license": "MIT",
"dependencies": {
"@actions/core": "^1.2.6",
"@actions/github": "^2.0.0",
"@octokit/plugin-retry": "^3.0.2",
"@octokit/plugin-throttling": "^3.2.1",
"@octokit/action": "^3.18.0",
"@actions/core": "^1.4.0",
"@octokit/plugin-retry": "^3.0.9",
"@octokit/plugin-throttling": "^3.5.1",
"glob": "^7.1.6",
"mime": "^2.4.4"
"mime": "^2.4.4",
"node-fetch": "^2.6.1"
},
"devDependencies": {
"@types/glob": "^7.1.1",
"@types/jest": "^24.0.25",
"@types/mime": "^2.0.1",
"@types/node": "^12.12.24",
"@zeit/ncc": "^0.21.0",
"@types/node-fetch": "^2.5.12",
"@vercel/ncc": "^0.33.0",
"jest": "^24.9.0",
"jest-circus": "^24.9.0",
"prettier": "1.19.1",

View File

@ -1,14 +1,17 @@
import { GitHub } from "@actions/github";
import fetch from "node-fetch";
import { Octokit } from "@octokit/action";
import { Config, isTag, releaseBody } from "./util";
import { lstatSync, readFileSync } from "fs";
import { statSync, readFileSync } from "fs";
import { getType } from "mime";
import { basename } from "path";
type GitHub = InstanceType<typeof Octokit>;
export interface ReleaseAsset {
name: string;
mime: string;
size: number;
file: Buffer;
data: Buffer;
}
export interface Release {
@ -16,11 +19,12 @@ export interface Release {
upload_url: string;
html_url: string;
tag_name: string;
name: string;
body: string;
name: string | null;
body?: string | null | undefined;
target_commitish: string;
draft: boolean;
prerelease: boolean;
assets: Array<{ id: number; name: string }>;
}
export interface Releaser {
@ -39,6 +43,8 @@ export interface Releaser {
draft: boolean | undefined;
prerelease: boolean | undefined;
target_commitish: string | undefined;
discussion_category_name: string | undefined;
generate_release_notes: boolean | undefined;
}): Promise<{ data: Release }>;
updateRelease(params: {
@ -51,6 +57,8 @@ export interface Releaser {
body: string | undefined;
draft: boolean | undefined;
prerelease: boolean | undefined;
discussion_category_name: string | undefined;
generate_release_notes: boolean | undefined;
}): Promise<{ data: Release }>;
allReleases(params: {
@ -70,7 +78,7 @@ export class GitHubReleaser implements Releaser {
repo: string;
tag: string;
}): Promise<{ data: Release }> {
return this.github.repos.getReleaseByTag(params);
return this.github.rest.repos.getReleaseByTag(params);
}
createRelease(params: {
@ -82,8 +90,10 @@ export class GitHubReleaser implements Releaser {
draft: boolean | undefined;
prerelease: boolean | undefined;
target_commitish: string | undefined;
discussion_category_name: string | undefined;
generate_release_notes: boolean | undefined;
}): Promise<{ data: Release }> {
return this.github.repos.createRelease(params);
return this.github.rest.repos.createRelease(params);
}
updateRelease(params: {
@ -96,8 +106,10 @@ export class GitHubReleaser implements Releaser {
body: string | undefined;
draft: boolean | undefined;
prerelease: boolean | undefined;
discussion_category_name: string | undefined;
generate_release_notes: boolean | undefined;
}): Promise<{ data: Release }> {
return this.github.repos.updateRelease(params);
return this.github.rest.repos.updateRelease(params);
}
allReleases(params: {
@ -106,7 +118,7 @@ export class GitHubReleaser implements Releaser {
}): AsyncIterableIterator<{ data: Release[] }> {
const updatedParams = { per_page: 100, ...params };
return this.github.paginate.iterator(
this.github.repos.listReleases.endpoint.merge(updatedParams)
this.github.rest.repos.listReleases.endpoint.merge(updatedParams)
);
}
}
@ -115,8 +127,8 @@ export const asset = (path: string): ReleaseAsset => {
return {
name: basename(path),
mime: mimeOrDefault(path),
size: lstatSync(path).size,
file: readFileSync(path)
size: statSync(path).size,
data: readFileSync(path)
};
};
@ -125,21 +137,46 @@ export const mimeOrDefault = (path: string): string => {
};
export const upload = async (
gh: GitHub,
config: Config,
github: GitHub,
url: string,
path: string
path: string,
currentAssets: Array<{ id: number; name: string }>
): Promise<any> => {
let { name, size, mime, file } = asset(path);
const [owner, repo] = config.github_repository.split("/");
const { name, size, mime, data: body } = asset(path);
const currentAsset = currentAssets.find(
({ name: currentName }) => currentName == name
);
if (currentAsset) {
console.log(`♻️ Deleting previously uploaded asset ${name}...`);
await github.rest.repos.deleteReleaseAsset({
asset_id: currentAsset.id || 1,
owner,
repo
});
}
console.log(`⬆️ Uploading ${name}...`);
return await gh.repos.uploadReleaseAsset({
url,
const endpoint = new URL(url);
endpoint.searchParams.append("name", name);
const resp = await fetch(endpoint, {
headers: {
"content-length": size,
"content-type": mime
"content-length": `${size}`,
"content-type": mime,
authorization: `token ${config.github_token}`
},
name,
file
method: "POST",
body
});
const json = await resp.json();
if (resp.status !== 201) {
throw new Error(
`Failed to upload release asset ${name}. received status code ${
resp.status
}\n${json.message}\n${JSON.stringify(json.errors)}`
);
}
return json;
};
export const release = async (
@ -158,6 +195,9 @@ export const release = async (
(isTag(config.github_ref)
? config.github_ref.replace("refs/tags/", "")
: "");
const discussion_category_name = config.input_discussion_category_name;
const generate_release_notes = config.input_generate_release_notes;
try {
// you can't get a an existing draft by tag
// so we must find one in the list of all releases
@ -194,12 +234,11 @@ export const release = async (
const tag_name = tag;
const name = config.input_name || existingRelease.data.name || tag;
let body: string = "";
if (existingRelease.data.body) body += existingRelease.data.body;
let workflowBody = releaseBody(config);
if (existingRelease.data.body && workflowBody) body += "\n";
if (workflowBody) body += workflowBody;
// revisit: support a new body-concat-strategy input for accumulating
// body parts as a release gets updated. some users will likely want this while
// others won't previously this was duplicating content for most which
// no one wants
let body = releaseBody(config) || existingRelease.data.body || "";
const draft =
config.input_draft !== undefined
@ -219,7 +258,9 @@ export const release = async (
name,
body,
draft,
prerelease
prerelease,
discussion_category_name,
generate_release_notes
});
return release.data;
} catch (error) {
@ -246,7 +287,9 @@ export const release = async (
body,
draft,
prerelease,
target_commitish
target_commitish,
discussion_category_name,
generate_release_notes
});
return release.data;
} catch (error) {
@ -254,7 +297,9 @@ export const release = async (
console.log(
`⚠️ GitHub release failed with status: ${
error.status
}, retrying... (${maxRetries - 1} retries remaining)`
}\n${JSON.stringify(
error.response.data.errors
)}\nretrying... (${maxRetries - 1} retries remaining)`
);
return release(config, releaser, maxRetries - 1);
}

View File

@ -1,7 +1,15 @@
import { paths, parseConfig, isTag, unmatchedPatterns } from "./util";
import {
paths,
parseConfig,
isTag,
unmatchedPatterns,
uploadUrl
} from "./util";
import { release, upload, GitHubReleaser } from "./github";
import { Octokit } from "@octokit/action";
import { setFailed, setOutput } from "@actions/core";
import { GitHub } from "@actions/github";
import { retry } from "@octokit/plugin-retry";
import { throttling } from "@octokit/plugin-throttling";
import { env } from "process";
async function run() {
@ -23,11 +31,10 @@ async function run() {
throw new Error(`⚠️ There were unmatched files`);
}
}
GitHub.plugin([
require("@octokit/plugin-throttling"),
require("@octokit/plugin-retry")
]);
const gh = new GitHub(config.github_token, {
const OctokitWithPlugins = Octokit.plugin(retry, throttling);
const gh = new OctokitWithPlugins({
auth: config.github_token,
throttle: {
onRateLimit: (retryAfter, options) => {
console.warn(
@ -47,19 +54,30 @@ async function run() {
}
}
});
let rel = await release(config, new GitHubReleaser(gh));
//);
const rel = await release(config, new GitHubReleaser(gh));
if (config.input_files) {
const files = paths(config.input_files);
if (files.length == 0) {
console.warn(`🤔 ${config.input_files} not include valid file.`);
}
await Promise.all(
const currentAssets = rel.assets;
const assets = await Promise.all(
files.map(async path => {
await upload(gh, rel.upload_url, path);
const json = await upload(
config,
gh,
uploadUrl(rel.upload_url),
path,
currentAssets
);
delete json.uploader;
return json;
})
).catch(error => {
throw error;
});
setOutput("assets", assets);
}
console.log(`🎉 Release ready at ${rel.html_url}`);
setOutput("url", rel.html_url);

View File

@ -1,6 +1,5 @@
import { getInput } from "@actions/core";
import * as glob from "glob";
import { lstatSync, readFileSync } from "fs";
import { statSync, readFileSync } from "fs";
export interface Config {
github_token: string;
@ -17,8 +16,18 @@ export interface Config {
input_prerelease?: boolean;
input_fail_on_unmatched_files?: boolean;
input_target_commitish?: string;
input_discussion_category_name?: string;
input_generate_release_notes?: boolean;
}
export const uploadUrl = (url: string): string => {
const templateMarkerPos = url.indexOf("{");
if (templateMarkerPos > -1) {
return url.substring(0, templateMarkerPos);
}
return url;
};
export const releaseBody = (config: Config): string | undefined => {
return (
(config.input_body_path &&
@ -42,11 +51,11 @@ export const parseInputFiles = (files: string): string[] => {
export const parseConfig = (env: Env): Config => {
return {
github_token: getInput("token") || env.GITHUB_TOKEN || "",
github_token: env.GITHUB_TOKEN || env.INPUT_TOKEN || "",
github_ref: env.GITHUB_REF || "",
github_repository: env.INPUT_REPOSITORY || env.GITHUB_REPOSITORY || "",
input_name: env.INPUT_NAME,
input_tag_name: env.INPUT_TAG_NAME,
input_tag_name: env.INPUT_TAG_NAME?.trim(),
input_body: env.INPUT_BODY,
input_body_path: env.INPUT_BODY_PATH,
input_files: parseInputFiles(env.INPUT_FILES || ""),
@ -55,14 +64,17 @@ export const parseConfig = (env: Env): Config => {
? env.INPUT_PRERELEASE == "true"
: undefined,
input_fail_on_unmatched_files: env.INPUT_FAIL_ON_UNMATCHED_FILES == "true",
input_target_commitish: env.INPUT_TARGET_COMMITISH
input_target_commitish: env.INPUT_TARGET_COMMITISH || undefined,
input_discussion_category_name:
env.INPUT_DISCUSSION_CATEGORY_NAME || undefined,
input_generate_release_notes: env.INPUT_GENERATE_RELEASE_NOTES == "true"
};
};
export const paths = (patterns: string[]): string[] => {
return patterns.reduce((acc: string[], pattern: string): string[] => {
return acc.concat(
glob.sync(pattern).filter(path => lstatSync(path).isFile())
glob.sync(pattern).filter(path => statSync(path).isFile())
);
}, []);
};
@ -70,7 +82,7 @@ export const paths = (patterns: string[]): string[] => {
export const unmatchedPatterns = (patterns: string[]): string[] => {
return patterns.reduce((acc: string[], pattern: string): string[] => {
return acc.concat(
glob.sync(pattern).filter(path => lstatSync(path).isFile()).length == 0
glob.sync(pattern).filter(path => statSync(path).isFile()).length == 0
? [pattern]
: []
);