Compare commits
32 Commits
v0.1.7
...
reintroduc
Author | SHA1 | Date | |
---|---|---|---|
5970a9ee86 | |||
4d12fe762c | |||
f20f71e9fd | |||
040bca2f2d | |||
44946dc88f | |||
58fa4b7a88 | |||
b260a9f8a6 | |||
17cd0d34de | |||
15d2aaca23 | |||
0465cdad11 | |||
69a9b03fd9 | |||
a80139913a | |||
6034af24fb | |||
0b1e2e4582 | |||
a3f0173fb3 | |||
2d72d869af | |||
730b76a669 | |||
815e458579 | |||
6ecde844e8 | |||
487fcd9442 | |||
8b7a7c0162 | |||
6c87482fb9 | |||
2956b0de81 | |||
0aec73c6d6 | |||
ce95482067 | |||
2861dc8673 | |||
dd98a235fd | |||
4de103f838 | |||
003621c2ca | |||
59c3b48916 | |||
8779b820d9 | |||
d2a05f5e5a |
32
CHANGELOG.md
32
CHANGELOG.md
@ -1,3 +1,35 @@
|
||||
- Add `asset` output as a JSON array containing information about the uploaded assets
|
||||
|
||||
## 0.1.14
|
||||
|
||||
- provides an new workflow input option `generate_release_notes` which when set to true will automatically generate release notes for you based on GitHub activity [#179](https://github.com/softprops/action-gh-release/pull/179). Please see the [GitHub docs for this feature](https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes) for more information
|
||||
|
||||
## 0.1.13
|
||||
|
||||
- fix issue with multiple runs concatenating release bodies [#145](https://github.com/softprops/action-gh-release/pull/145)
|
||||
|
||||
## 0.1.12
|
||||
|
||||
- fix bug leading to empty strings subsituted for inputs users don't provide breaking api calls [#144](https://github.com/softprops/action-gh-release/pull/144)
|
||||
|
||||
## 0.1.11
|
||||
|
||||
- better error message on release create failed [#143](https://github.com/softprops/action-gh-release/pull/143)
|
||||
|
||||
## 0.1.10
|
||||
|
||||
- fixed error message formatting for file uploads
|
||||
|
||||
## 0.1.9
|
||||
|
||||
- add support for linking release to GitHub discussion [#136](https://github.com/softprops/action-gh-release/pull/136)
|
||||
|
||||
## 0.1.8
|
||||
|
||||
- address recent warnings in assert upload api as well as introduce asset upload overrides, allowing for multiple runs for the same release with the same named asserts [#134](https://github.com/softprops/action-gh-release/pull/134)
|
||||
- fix backwards compatibility with `GITHUB_TOKEN` resolution. `GITHUB_TOKEN` is no resolved first from an env varibale and then from and input [#133](https://github.com/softprops/action-gh-release/pull/133)
|
||||
- trim white space in provided `tag_name` [#130](https://github.com/softprops/action-gh-release/pull/130)
|
||||
|
||||
## 0.1.7
|
||||
|
||||
- allow creating draft releases without a tag [#95](https://github.com/softprops/action-gh-release/pull/95)
|
||||
|
44
README.md
44
README.md
@ -152,6 +152,9 @@ jobs:
|
||||
if: startsWith(github.ref, 'refs/tags/')
|
||||
with:
|
||||
body_path: ${{ github.workspace }}-CHANGELOG.txt
|
||||
# note you'll typically need to create a personal access token
|
||||
# with permissions to create releases in the other repo
|
||||
token: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
|
||||
env:
|
||||
GITHUB_REPOSITORY: my_gh_org/my_gh_repo
|
||||
```
|
||||
@ -162,18 +165,21 @@ jobs:
|
||||
|
||||
The following are optional as `step.with` keys
|
||||
|
||||
| Name | Type | Description |
|
||||
| ------------------------- | ------- | --------------------------------------------------------------------------------------------------- |
|
||||
| `body` | String | Text communicating notable changes in this release |
|
||||
| `body_path` | String | Path to load text communicating notable changes in this release |
|
||||
| `draft` | Boolean | Indicator of whether or not this release is a draft |
|
||||
| `prerelease` | Boolean | Indicator of whether or not is a prerelease |
|
||||
| `files` | String | Newline-delimited globs of paths to assets to upload for release |
|
||||
| `name` | String | Name of the release. defaults to tag name |
|
||||
| `tag_name` | String | Name of a tag. defaults to `github.ref` |
|
||||
| `fail_on_unmatched_files` | Boolean | Indicator of whether to fail if any of the `files` globs match nothing |
|
||||
| `target_commitish` | String | Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA. |
|
||||
| `token` | String | Secret GitHub Personal Access Token. Defaults to `${{ github.token }}` |
|
||||
| Name | Type | Description |
|
||||
| -------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||
| `body` | String | Text communicating notable changes in this release |
|
||||
| `body_path` | String | Path to load text communicating notable changes in this release |
|
||||
| `draft` | Boolean | Indicator of whether or not this release is a draft |
|
||||
| `prerelease` | Boolean | Indicator of whether or not is a prerelease |
|
||||
| `files` | String | Newline-delimited globs of paths to assets to upload for release |
|
||||
| `name` | String | Name of the release. defaults to tag name |
|
||||
| `tag_name` | String | Name of a tag. defaults to `github.ref` |
|
||||
| `fail_on_unmatched_files` | Boolean | Indicator of whether to fail if any of the `files` globs match nothing |
|
||||
| `repository` | String | Name of a target repository in `<owner>/<repo>` format. Defaults to GITHUB_REPOSITORY env variable |
|
||||
| `target_commitish` | String | Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA. |
|
||||
| `token` | String | Secret GitHub Personal Access Token. Defaults to `${{ github.token }}` |
|
||||
| `discussion_category_name` | String | If specified, a discussion of the specified category is created and linked to the release. The value must be a category that already exists in the repository. For more information, see ["Managing categories for discussions in your repository."](https://docs.github.com/en/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository) |
|
||||
| `generate_release_notes` | Boolean | Whether to automatically generate the name and body for this release. If name is specified, the specified name will be used; otherwise, a name will be automatically generated. If body is specified, the body will be pre-pended to the automatically generated notes. See the [GitHub docs for this feature](https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes) for more information |
|
||||
|
||||
💡 When providing a `body` and `body_path` at the same time, `body_path` will be
|
||||
attempted first, then falling back on `body` if the path can not be read from.
|
||||
@ -191,6 +197,9 @@ The following outputs can be accessed via `${{ steps.<step-id>.outputs }}` from
|
||||
| `url` | String | Github.com URL for the release |
|
||||
| `id` | String | Release ID |
|
||||
| `upload_url` | String | URL for uploading assets to the release |
|
||||
| `assets` | String | JSON array containing information about each uploaded asset, in the format given [here](https://docs.github.com/en/rest/reference/repos#upload-a-release-asset--code-samples) (minus the `uploader` field) |
|
||||
|
||||
As an example, you can use `${{ fromJSON(steps.<step-id>.outputs.assets)[0].browser_download_url }}` to get the download URL of the first asset.
|
||||
|
||||
#### environment variables
|
||||
|
||||
@ -203,4 +212,15 @@ The following `step.env` keys are allowed as a fallback but deprecated in favor
|
||||
|
||||
> **⚠️ Note:** This action was previously implemented as a Docker container, limiting its use to GitHub Actions Linux virtual environments only. With recent releases, we now support cross platform usage. You'll need to remove the `docker://` prefix in these versions
|
||||
|
||||
### Permissions
|
||||
|
||||
This Action requires the following permissions on the GitHub integration token:
|
||||
|
||||
```yaml
|
||||
permissions:
|
||||
contents: write
|
||||
```
|
||||
|
||||
[GitHub token permissions](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) can be set for an individual job, workflow, or for Actions as a whole.
|
||||
|
||||
Doug Tangren (softprops) 2019
|
||||
|
@ -15,11 +15,11 @@ describe("github", () => {
|
||||
|
||||
describe("asset", () => {
|
||||
it("derives asset info from a path", async () => {
|
||||
const { name, mime, size, file } = asset("tests/data/foo/bar.txt");
|
||||
const { name, mime, size, data } = asset("tests/data/foo/bar.txt");
|
||||
assert.equal(name, "bar.txt");
|
||||
assert.equal(mime, "text/plain");
|
||||
assert.equal(size, 10);
|
||||
assert.equal(file.toString(), "release me");
|
||||
assert.equal(data.toString(), "release me");
|
||||
});
|
||||
});
|
||||
});
|
||||
|
@ -4,11 +4,22 @@ import {
|
||||
paths,
|
||||
parseConfig,
|
||||
parseInputFiles,
|
||||
unmatchedPatterns
|
||||
unmatchedPatterns,
|
||||
uploadUrl
|
||||
} from "../src/util";
|
||||
import * as assert from "assert";
|
||||
|
||||
describe("util", () => {
|
||||
describe("uploadUrl", () => {
|
||||
it("strips template", () => {
|
||||
assert.equal(
|
||||
uploadUrl(
|
||||
"https://uploads.github.com/repos/octocat/Hello-World/releases/1/assets{?name,label}"
|
||||
),
|
||||
"https://uploads.github.com/repos/octocat/Hello-World/releases/1/assets"
|
||||
);
|
||||
});
|
||||
});
|
||||
describe("parseInputFiles", () => {
|
||||
it("parses empty strings", () => {
|
||||
assert.deepStrictEqual(parseInputFiles(""), []);
|
||||
@ -38,7 +49,9 @@ describe("util", () => {
|
||||
input_files: [],
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_target_commitish: undefined
|
||||
input_target_commitish: undefined,
|
||||
input_discussion_category_name: undefined,
|
||||
input_generate_release_notes: false
|
||||
})
|
||||
);
|
||||
});
|
||||
@ -56,7 +69,9 @@ describe("util", () => {
|
||||
input_files: [],
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_target_commitish: undefined
|
||||
input_target_commitish: undefined,
|
||||
input_discussion_category_name: undefined,
|
||||
input_generate_release_notes: false
|
||||
})
|
||||
);
|
||||
});
|
||||
@ -74,30 +89,45 @@ describe("util", () => {
|
||||
input_files: [],
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_target_commitish: undefined
|
||||
input_target_commitish: undefined,
|
||||
input_discussion_category_name: undefined,
|
||||
input_generate_release_notes: false
|
||||
})
|
||||
);
|
||||
});
|
||||
});
|
||||
describe("parseConfig", () => {
|
||||
it("parses basic config", () => {
|
||||
assert.deepStrictEqual(parseConfig({}), {
|
||||
github_ref: "",
|
||||
github_repository: "",
|
||||
github_token: "",
|
||||
input_body: undefined,
|
||||
input_body_path: undefined,
|
||||
input_draft: undefined,
|
||||
input_prerelease: undefined,
|
||||
input_files: [],
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_fail_on_unmatched_files: false,
|
||||
input_target_commitish: undefined
|
||||
});
|
||||
assert.deepStrictEqual(
|
||||
parseConfig({
|
||||
// note: inputs declared in actions.yml, even when declared not required,
|
||||
// are still provided by the actions runtime env as empty strings instead of
|
||||
// the normal absent env value one would expect. this breaks things
|
||||
// as an empty string !== undefined in terms of what we pass to the api
|
||||
// so we cover that in a test case here to ensure undefined values are actually
|
||||
// resolved as undefined and not empty strings
|
||||
INPUT_TARGET_COMMITISH: "",
|
||||
INPUT_DISCUSSION_CATEGORY_NAME: ""
|
||||
}),
|
||||
{
|
||||
github_ref: "",
|
||||
github_repository: "",
|
||||
github_token: "",
|
||||
input_body: undefined,
|
||||
input_body_path: undefined,
|
||||
input_draft: undefined,
|
||||
input_prerelease: undefined,
|
||||
input_files: [],
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_fail_on_unmatched_files: false,
|
||||
input_target_commitish: undefined,
|
||||
input_discussion_category_name: undefined,
|
||||
input_generate_release_notes: false
|
||||
}
|
||||
);
|
||||
});
|
||||
});
|
||||
describe("parseConfig", () => {
|
||||
|
||||
it("parses basic config with commitish", () => {
|
||||
assert.deepStrictEqual(
|
||||
parseConfig({
|
||||
@ -115,7 +145,108 @@ describe("util", () => {
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_fail_on_unmatched_files: false,
|
||||
input_target_commitish: "affa18ef97bc9db20076945705aba8c516139abd"
|
||||
input_target_commitish: "affa18ef97bc9db20076945705aba8c516139abd",
|
||||
input_discussion_category_name: undefined,
|
||||
input_generate_release_notes: false
|
||||
}
|
||||
);
|
||||
});
|
||||
it("supports discussion category names", () => {
|
||||
assert.deepStrictEqual(
|
||||
parseConfig({
|
||||
INPUT_DISCUSSION_CATEGORY_NAME: "releases"
|
||||
}),
|
||||
{
|
||||
github_ref: "",
|
||||
github_repository: "",
|
||||
github_token: "",
|
||||
input_body: undefined,
|
||||
input_body_path: undefined,
|
||||
input_draft: undefined,
|
||||
input_prerelease: undefined,
|
||||
input_files: [],
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_fail_on_unmatched_files: false,
|
||||
input_target_commitish: undefined,
|
||||
input_discussion_category_name: "releases",
|
||||
input_generate_release_notes: false
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
it("supports generating release notes", () => {
|
||||
assert.deepStrictEqual(
|
||||
parseConfig({
|
||||
INPUT_GENERATE_RELEASE_NOTES: "true"
|
||||
}),
|
||||
{
|
||||
github_ref: "",
|
||||
github_repository: "",
|
||||
github_token: "",
|
||||
input_body: undefined,
|
||||
input_body_path: undefined,
|
||||
input_draft: undefined,
|
||||
input_prerelease: undefined,
|
||||
input_files: [],
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_fail_on_unmatched_files: false,
|
||||
input_target_commitish: undefined,
|
||||
input_discussion_category_name: undefined,
|
||||
input_generate_release_notes: true
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
it("prefers GITHUB_TOKEN over token input for backwards compatibility", () => {
|
||||
assert.deepStrictEqual(
|
||||
parseConfig({
|
||||
INPUT_DRAFT: "false",
|
||||
INPUT_PRERELEASE: "true",
|
||||
GITHUB_TOKEN: "env-token",
|
||||
INPUT_TOKEN: "input-token"
|
||||
}),
|
||||
{
|
||||
github_ref: "",
|
||||
github_repository: "",
|
||||
github_token: "env-token",
|
||||
input_body: undefined,
|
||||
input_body_path: undefined,
|
||||
input_draft: false,
|
||||
input_prerelease: true,
|
||||
input_files: [],
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_fail_on_unmatched_files: false,
|
||||
input_target_commitish: undefined,
|
||||
input_discussion_category_name: undefined,
|
||||
input_generate_release_notes: false
|
||||
}
|
||||
);
|
||||
});
|
||||
it("uses input token as the source of GITHUB_TOKEN by default", () => {
|
||||
assert.deepStrictEqual(
|
||||
parseConfig({
|
||||
INPUT_DRAFT: "false",
|
||||
INPUT_PRERELEASE: "true",
|
||||
INPUT_TOKEN: "input-token"
|
||||
}),
|
||||
{
|
||||
github_ref: "",
|
||||
github_repository: "",
|
||||
github_token: "input-token",
|
||||
input_body: undefined,
|
||||
input_body_path: undefined,
|
||||
input_draft: false,
|
||||
input_prerelease: true,
|
||||
input_files: [],
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_fail_on_unmatched_files: false,
|
||||
input_target_commitish: undefined,
|
||||
input_discussion_category_name: undefined,
|
||||
input_generate_release_notes: false
|
||||
}
|
||||
);
|
||||
});
|
||||
@ -137,7 +268,9 @@ describe("util", () => {
|
||||
input_name: undefined,
|
||||
input_tag_name: undefined,
|
||||
input_fail_on_unmatched_files: false,
|
||||
input_target_commitish: undefined
|
||||
input_target_commitish: undefined,
|
||||
input_discussion_category_name: undefined,
|
||||
input_generate_release_notes: false
|
||||
}
|
||||
);
|
||||
});
|
||||
|
12
action.yml
12
action.yml
@ -37,15 +37,23 @@ inputs:
|
||||
target_commitish:
|
||||
description: "Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA."
|
||||
required: false
|
||||
discussion_category_name:
|
||||
description: "If specified, a discussion of the specified category is created and linked to the release. The value must be a category that already exists in the repository. If there is already a discussion linked to the release, this parameter is ignored."
|
||||
required: false
|
||||
generate_release_notes:
|
||||
description: "Whether to automatically generate the name and body for this release. If name is specified, the specified name will be used; otherwise, a name will be automatically generated. If body is specified, the body will be pre-pended to the automatically generated notes."
|
||||
required: false
|
||||
env:
|
||||
"GITHUB_TOKEN": "As provided by Github Actions"
|
||||
outputs:
|
||||
url:
|
||||
description: 'URL to the Release HTML Page'
|
||||
description: "URL to the Release HTML Page"
|
||||
id:
|
||||
description: 'Release ID'
|
||||
description: "Release ID"
|
||||
upload_url:
|
||||
description: "URL for uploading assets to the release"
|
||||
assets:
|
||||
description: "JSON array containing information about each uploaded asset, in the format given [here](https://docs.github.com/en/rest/reference/repos#upload-a-release-asset--code-samples) (minus the `uploader` field)"
|
||||
runs:
|
||||
using: "node12"
|
||||
main: "dist/index.js"
|
||||
|
1139
dist/contextify.js
vendored
Normal file
1139
dist/contextify.js
vendored
Normal file
File diff suppressed because it is too large
Load Diff
83
dist/fixasync.js
vendored
Normal file
83
dist/fixasync.js
vendored
Normal file
@ -0,0 +1,83 @@
|
||||
'use strict';
|
||||
|
||||
// eslint-disable-next-line no-invalid-this, no-shadow
|
||||
const {GeneratorFunction, AsyncFunction, AsyncGeneratorFunction, global, internal, host, hook} = this;
|
||||
const {Contextify, Decontextify} = internal;
|
||||
// eslint-disable-next-line no-shadow
|
||||
const {Function, eval: eval_, Promise, Object, Reflect} = global;
|
||||
const {getOwnPropertyDescriptor, defineProperty, assign} = Object;
|
||||
const {apply: rApply, construct: rConstruct} = Reflect;
|
||||
|
||||
const FunctionHandler = {
|
||||
__proto__: null,
|
||||
apply(target, thiz, args) {
|
||||
const type = this.type;
|
||||
args = Decontextify.arguments(args);
|
||||
try {
|
||||
args = Contextify.value(hook(type, args));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
return rApply(target, thiz, args);
|
||||
},
|
||||
construct(target, args, newTarget) {
|
||||
const type = this.type;
|
||||
args = Decontextify.arguments(args);
|
||||
try {
|
||||
args = Contextify.value(hook(type, args));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
return rConstruct(target, args, newTarget);
|
||||
}
|
||||
};
|
||||
|
||||
function makeCheckFunction(type) {
|
||||
return assign({
|
||||
__proto__: null,
|
||||
type
|
||||
}, FunctionHandler);
|
||||
}
|
||||
|
||||
function override(obj, prop, value) {
|
||||
const desc = getOwnPropertyDescriptor(obj, prop);
|
||||
desc.value = value;
|
||||
defineProperty(obj, prop, desc);
|
||||
}
|
||||
|
||||
const proxiedFunction = new host.Proxy(Function, makeCheckFunction('function'));
|
||||
override(Function.prototype, 'constructor', proxiedFunction);
|
||||
if (GeneratorFunction) {
|
||||
Object.setPrototypeOf(GeneratorFunction, proxiedFunction);
|
||||
override(GeneratorFunction.prototype, 'constructor', new host.Proxy(GeneratorFunction, makeCheckFunction('generator_function')));
|
||||
}
|
||||
if (AsyncFunction) {
|
||||
Object.setPrototypeOf(AsyncFunction, proxiedFunction);
|
||||
override(AsyncFunction.prototype, 'constructor', new host.Proxy(AsyncFunction, makeCheckFunction('async_function')));
|
||||
}
|
||||
if (AsyncGeneratorFunction) {
|
||||
Object.setPrototypeOf(AsyncGeneratorFunction, proxiedFunction);
|
||||
override(AsyncGeneratorFunction.prototype, 'constructor', new host.Proxy(AsyncGeneratorFunction, makeCheckFunction('async_generator_function')));
|
||||
}
|
||||
|
||||
global.Function = proxiedFunction;
|
||||
global.eval = new host.Proxy(eval_, makeCheckFunction('eval'));
|
||||
|
||||
if (Promise) {
|
||||
|
||||
Promise.prototype.then = new host.Proxy(Promise.prototype.then, makeCheckFunction('promise_then'));
|
||||
// This seems not to work, and will produce
|
||||
// UnhandledPromiseRejectionWarning: TypeError: Method Promise.prototype.then called on incompatible receiver [object Object].
|
||||
// This is likely caused since the host.Promise.prototype.then cannot use the VM Proxy object.
|
||||
// Contextify.connect(host.Promise.prototype.then, Promise.prototype.then);
|
||||
|
||||
if (Promise.prototype.finally) {
|
||||
Promise.prototype.finally = new host.Proxy(Promise.prototype.finally, makeCheckFunction('promise_finally'));
|
||||
// Contextify.connect(host.Promise.prototype.finally, Promise.prototype.finally);
|
||||
}
|
||||
if (Promise.prototype.catch) {
|
||||
Promise.prototype.catch = new host.Proxy(Promise.prototype.catch, makeCheckFunction('promise_catch'));
|
||||
// Contextify.connect(host.Promise.prototype.catch, Promise.prototype.catch);
|
||||
}
|
||||
|
||||
}
|
136
dist/index.js
vendored
136
dist/index.js
vendored
File diff suppressed because one or more lines are too long
682
dist/sandbox.js
vendored
Normal file
682
dist/sandbox.js
vendored
Normal file
@ -0,0 +1,682 @@
|
||||
/* eslint-disable no-shadow, no-invalid-this */
|
||||
/* global vm, host, Contextify, Decontextify, VMError, options */
|
||||
|
||||
'use strict';
|
||||
|
||||
const {Script} = host.require('vm');
|
||||
const fs = host.require('fs');
|
||||
const pa = host.require('path');
|
||||
|
||||
const BUILTIN_MODULES = host.process.binding('natives');
|
||||
const parseJSON = JSON.parse;
|
||||
const importModuleDynamically = () => {
|
||||
// We can't throw an error object here because since vm.Script doesn't store a context, we can't properly contextify that error object.
|
||||
// eslint-disable-next-line no-throw-literal
|
||||
throw 'Dynamic imports are not allowed.';
|
||||
};
|
||||
|
||||
/**
|
||||
* @param {Object} host Hosts's internal objects.
|
||||
*/
|
||||
|
||||
return ((vm, host) => {
|
||||
'use strict';
|
||||
|
||||
const global = this;
|
||||
|
||||
const TIMERS = new host.WeakMap(); // Contains map of timers created inside sandbox
|
||||
const BUILTINS = {__proto__: null};
|
||||
const CACHE = {__proto__: null};
|
||||
const EXTENSIONS = {
|
||||
__proto__: null,
|
||||
['.json'](module, filename) {
|
||||
try {
|
||||
const code = fs.readFileSync(filename, 'utf8');
|
||||
module.exports = parseJSON(code);
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
['.node'](module, filename) {
|
||||
if (vm.options.require.context === 'sandbox') throw new VMError('Native modules can be required only with context set to \'host\'.');
|
||||
|
||||
try {
|
||||
module.exports = Contextify.readonly(host.require(filename));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
for (let i = 0; i < vm.options.sourceExtensions.length; i++) {
|
||||
const ext = vm.options.sourceExtensions[i];
|
||||
|
||||
EXTENSIONS['.' + ext] = (module, filename, dirname) => {
|
||||
if (vm.options.require.context !== 'sandbox') {
|
||||
try {
|
||||
module.exports = Contextify.readonly(host.require(filename));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
} else {
|
||||
let script;
|
||||
|
||||
try {
|
||||
// Load module
|
||||
let contents = fs.readFileSync(filename, 'utf8');
|
||||
contents = vm._compiler(contents, filename);
|
||||
|
||||
const code = host.STRICT_MODULE_PREFIX + contents + host.MODULE_SUFFIX;
|
||||
|
||||
const ccode = vm._hook('run', [code]);
|
||||
|
||||
// Precompile script
|
||||
script = new Script(ccode, {
|
||||
__proto__: null,
|
||||
filename: filename || 'vm.js',
|
||||
displayErrors: false,
|
||||
importModuleDynamically
|
||||
});
|
||||
|
||||
} catch (ex) {
|
||||
throw Contextify.value(ex);
|
||||
}
|
||||
|
||||
const closure = script.runInContext(global, {
|
||||
__proto__: null,
|
||||
filename: filename || 'vm.js',
|
||||
displayErrors: false,
|
||||
importModuleDynamically
|
||||
});
|
||||
|
||||
// run the script
|
||||
closure(module.exports, module.require, module, filename, dirname);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
const _parseExternalOptions = (options) => {
|
||||
if (host.Array.isArray(options)) {
|
||||
return {
|
||||
__proto__: null,
|
||||
external: options,
|
||||
transitive: false
|
||||
};
|
||||
}
|
||||
|
||||
return {
|
||||
__proto__: null,
|
||||
external: options.modules,
|
||||
transitive: options.transitive
|
||||
};
|
||||
};
|
||||
|
||||
/**
|
||||
* Resolve filename.
|
||||
*/
|
||||
|
||||
const _resolveFilename = (path) => {
|
||||
if (!path) return null;
|
||||
let hasPackageJson;
|
||||
try {
|
||||
path = pa.resolve(path);
|
||||
|
||||
const exists = fs.existsSync(path);
|
||||
const isdir = exists ? fs.statSync(path).isDirectory() : false;
|
||||
|
||||
// direct file match
|
||||
if (exists && !isdir) return path;
|
||||
|
||||
// load as file
|
||||
|
||||
for (let i = 0; i < vm.options.sourceExtensions.length; i++) {
|
||||
const ext = vm.options.sourceExtensions[i];
|
||||
if (fs.existsSync(`${path}.${ext}`)) return `${path}.${ext}`;
|
||||
}
|
||||
if (fs.existsSync(`${path}.json`)) return `${path}.json`;
|
||||
if (fs.existsSync(`${path}.node`)) return `${path}.node`;
|
||||
|
||||
// load as module
|
||||
|
||||
hasPackageJson = fs.existsSync(`${path}/package.json`);
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
if (hasPackageJson) {
|
||||
let pkg;
|
||||
try {
|
||||
pkg = fs.readFileSync(`${path}/package.json`, 'utf8');
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
try {
|
||||
pkg = parseJSON(pkg);
|
||||
} catch (ex) {
|
||||
throw new VMError(`Module '${path}' has invalid package.json`, 'EMODULEINVALID');
|
||||
}
|
||||
|
||||
let main;
|
||||
if (pkg && pkg.main) {
|
||||
main = _resolveFilename(`${path}/${pkg.main}`);
|
||||
if (!main) main = _resolveFilename(`${path}/index`);
|
||||
} else {
|
||||
main = _resolveFilename(`${path}/index`);
|
||||
}
|
||||
|
||||
return main;
|
||||
}
|
||||
|
||||
// load as directory
|
||||
|
||||
try {
|
||||
for (let i = 0; i < vm.options.sourceExtensions.length; i++) {
|
||||
const ext = vm.options.sourceExtensions[i];
|
||||
if (fs.existsSync(`${path}/index.${ext}`)) return `${path}/index.${ext}`;
|
||||
}
|
||||
|
||||
if (fs.existsSync(`${path}/index.json`)) return `${path}/index.json`;
|
||||
if (fs.existsSync(`${path}/index.node`)) return `${path}/index.node`;
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
return null;
|
||||
};
|
||||
|
||||
/**
|
||||
* Builtin require.
|
||||
*/
|
||||
|
||||
const _requireBuiltin = (moduleName) => {
|
||||
if (moduleName === 'buffer') return ({Buffer});
|
||||
if (BUILTINS[moduleName]) return BUILTINS[moduleName].exports; // Only compiled builtins are stored here
|
||||
|
||||
if (moduleName === 'util') {
|
||||
return Contextify.readonly(host.require(moduleName), {
|
||||
// Allows VM context to use util.inherits
|
||||
__proto__: null,
|
||||
inherits: (ctor, superCtor) => {
|
||||
ctor.super_ = superCtor;
|
||||
Object.setPrototypeOf(ctor.prototype, superCtor.prototype);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
if (moduleName === 'events' || moduleName === 'internal/errors') {
|
||||
let script;
|
||||
try {
|
||||
script = new Script(`(function (exports, require, module, process, internalBinding) {
|
||||
'use strict';
|
||||
const primordials = global;
|
||||
${BUILTIN_MODULES[moduleName]}
|
||||
\n
|
||||
});`, {
|
||||
filename: `${moduleName}.vm.js`
|
||||
});
|
||||
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
// setup module scope
|
||||
const module = BUILTINS[moduleName] = {
|
||||
exports: {},
|
||||
require: _requireBuiltin
|
||||
};
|
||||
|
||||
// run script
|
||||
try {
|
||||
// FIXME binding should be contextified
|
||||
script.runInContext(global)(module.exports, module.require, module, host.process, host.process.binding);
|
||||
} catch (e) {
|
||||
// e could be from inside or outside of sandbox
|
||||
throw new VMError(`Error loading '${moduleName}'`);
|
||||
}
|
||||
return module.exports;
|
||||
}
|
||||
|
||||
return Contextify.readonly(host.require(moduleName));
|
||||
};
|
||||
|
||||
/**
|
||||
* Prepare require.
|
||||
*/
|
||||
|
||||
const _prepareRequire = (currentDirname, parentAllowsTransitive = false) => {
|
||||
const _require = moduleName => {
|
||||
let requireObj;
|
||||
try {
|
||||
const optionsObj = vm.options;
|
||||
if (optionsObj.nesting && moduleName === 'vm2') return {VM: Contextify.readonly(host.VM), NodeVM: Contextify.readonly(host.NodeVM)};
|
||||
requireObj = optionsObj.require;
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
if (!requireObj) throw new VMError(`Access denied to require '${moduleName}'`, 'EDENIED');
|
||||
if (moduleName == null) throw new VMError("Module '' not found.", 'ENOTFOUND');
|
||||
if (typeof moduleName !== 'string') throw new VMError(`Invalid module name '${moduleName}'`, 'EINVALIDNAME');
|
||||
|
||||
let filename;
|
||||
let allowRequireTransitive = false;
|
||||
|
||||
// Mock?
|
||||
|
||||
try {
|
||||
const {mock} = requireObj;
|
||||
if (mock) {
|
||||
const mockModule = mock[moduleName];
|
||||
if (mockModule) {
|
||||
return Contextify.readonly(mockModule);
|
||||
}
|
||||
}
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
// Builtin?
|
||||
|
||||
if (BUILTIN_MODULES[moduleName]) {
|
||||
let allowed;
|
||||
try {
|
||||
const builtinObj = requireObj.builtin;
|
||||
if (host.Array.isArray(builtinObj)) {
|
||||
if (builtinObj.indexOf('*') >= 0) {
|
||||
allowed = builtinObj.indexOf(`-${moduleName}`) === -1;
|
||||
} else {
|
||||
allowed = builtinObj.indexOf(moduleName) >= 0;
|
||||
}
|
||||
} else if (builtinObj) {
|
||||
allowed = builtinObj[moduleName];
|
||||
} else {
|
||||
allowed = false;
|
||||
}
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
if (!allowed) throw new VMError(`Access denied to require '${moduleName}'`, 'EDENIED');
|
||||
|
||||
return _requireBuiltin(moduleName);
|
||||
}
|
||||
|
||||
// External?
|
||||
|
||||
let externalObj;
|
||||
try {
|
||||
externalObj = requireObj.external;
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
if (!externalObj) throw new VMError(`Access denied to require '${moduleName}'`, 'EDENIED');
|
||||
|
||||
if (/^(\.|\.\/|\.\.\/)/.exec(moduleName)) {
|
||||
// Module is relative file, e.g. ./script.js or ../script.js
|
||||
|
||||
if (!currentDirname) throw new VMError('You must specify script path to load relative modules.', 'ENOPATH');
|
||||
|
||||
filename = _resolveFilename(`${currentDirname}/${moduleName}`);
|
||||
} else if (/^(\/|\\|[a-zA-Z]:\\)/.exec(moduleName)) {
|
||||
// Module is absolute file, e.g. /script.js or //server/script.js or C:\script.js
|
||||
|
||||
filename = _resolveFilename(moduleName);
|
||||
} else {
|
||||
// Check node_modules in path
|
||||
|
||||
if (!currentDirname) throw new VMError('You must specify script path to load relative modules.', 'ENOPATH');
|
||||
|
||||
if (typeof externalObj === 'object') {
|
||||
let isWhitelisted;
|
||||
try {
|
||||
const { external, transitive } = _parseExternalOptions(externalObj);
|
||||
|
||||
isWhitelisted = external.some(ext => host.helpers.match(ext, moduleName)) || (transitive && parentAllowsTransitive);
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
if (!isWhitelisted) {
|
||||
throw new VMError(`The module '${moduleName}' is not whitelisted in VM.`, 'EDENIED');
|
||||
}
|
||||
|
||||
allowRequireTransitive = true;
|
||||
}
|
||||
|
||||
// FIXME the paths array has side effects
|
||||
const paths = currentDirname.split(pa.sep);
|
||||
|
||||
while (paths.length) {
|
||||
const path = paths.join(pa.sep);
|
||||
|
||||
// console.log moduleName, "#{path}#{pa.sep}node_modules#{pa.sep}#{moduleName}"
|
||||
|
||||
filename = _resolveFilename(`${path}${pa.sep}node_modules${pa.sep}${moduleName}`);
|
||||
if (filename) break;
|
||||
|
||||
paths.pop();
|
||||
}
|
||||
}
|
||||
|
||||
if (!filename) {
|
||||
let resolveFunc;
|
||||
try {
|
||||
resolveFunc = requireObj.resolve;
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
if (resolveFunc) {
|
||||
let resolved;
|
||||
try {
|
||||
resolved = requireObj.resolve(moduleName, currentDirname);
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
filename = _resolveFilename(resolved);
|
||||
}
|
||||
}
|
||||
if (!filename) throw new VMError(`Cannot find module '${moduleName}'`, 'ENOTFOUND');
|
||||
|
||||
// return cache whenever possible
|
||||
if (CACHE[filename]) return CACHE[filename].exports;
|
||||
|
||||
const dirname = pa.dirname(filename);
|
||||
const extname = pa.extname(filename);
|
||||
|
||||
let allowedModule = true;
|
||||
try {
|
||||
const rootObj = requireObj.root;
|
||||
if (rootObj) {
|
||||
const rootPaths = host.Array.isArray(rootObj) ? rootObj : host.Array.of(rootObj);
|
||||
allowedModule = rootPaths.some(path => host.String.prototype.startsWith.call(dirname, pa.resolve(path)));
|
||||
}
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
if (!allowedModule) {
|
||||
throw new VMError(`Module '${moduleName}' is not allowed to be required. The path is outside the border!`, 'EDENIED');
|
||||
}
|
||||
|
||||
const module = CACHE[filename] = {
|
||||
filename,
|
||||
exports: {},
|
||||
require: _prepareRequire(dirname, allowRequireTransitive)
|
||||
};
|
||||
|
||||
// lookup extensions
|
||||
if (EXTENSIONS[extname]) {
|
||||
EXTENSIONS[extname](module, filename, dirname);
|
||||
return module.exports;
|
||||
}
|
||||
|
||||
throw new VMError(`Failed to load '${moduleName}': Unknown type.`, 'ELOADFAIL');
|
||||
};
|
||||
|
||||
return _require;
|
||||
};
|
||||
|
||||
/**
|
||||
* Prepare sandbox.
|
||||
*/
|
||||
|
||||
// This is a function and not an arrow function, since the original is also a function
|
||||
global.setTimeout = function setTimeout(callback, delay, ...args) {
|
||||
if (typeof callback !== 'function') throw new TypeError('"callback" argument must be a function');
|
||||
let tmr;
|
||||
try {
|
||||
tmr = host.setTimeout(Decontextify.value(() => {
|
||||
// FIXME ...args has side effects
|
||||
callback(...args);
|
||||
}), Decontextify.value(delay));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
const local = Contextify.value(tmr);
|
||||
|
||||
TIMERS.set(local, tmr);
|
||||
return local;
|
||||
};
|
||||
|
||||
global.setInterval = function setInterval(callback, interval, ...args) {
|
||||
if (typeof callback !== 'function') throw new TypeError('"callback" argument must be a function');
|
||||
let tmr;
|
||||
try {
|
||||
tmr = host.setInterval(Decontextify.value(() => {
|
||||
// FIXME ...args has side effects
|
||||
callback(...args);
|
||||
}), Decontextify.value(interval));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
const local = Contextify.value(tmr);
|
||||
|
||||
TIMERS.set(local, tmr);
|
||||
return local;
|
||||
};
|
||||
|
||||
global.setImmediate = function setImmediate(callback, ...args) {
|
||||
if (typeof callback !== 'function') throw new TypeError('"callback" argument must be a function');
|
||||
let tmr;
|
||||
try {
|
||||
tmr = host.setImmediate(Decontextify.value(() => {
|
||||
// FIXME ...args has side effects
|
||||
callback(...args);
|
||||
}));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
const local = Contextify.value(tmr);
|
||||
|
||||
TIMERS.set(local, tmr);
|
||||
return local;
|
||||
};
|
||||
|
||||
global.clearTimeout = function clearTimeout(local) {
|
||||
try {
|
||||
host.clearTimeout(TIMERS.get(local));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
};
|
||||
|
||||
global.clearInterval = function clearInterval(local) {
|
||||
try {
|
||||
host.clearInterval(TIMERS.get(local));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
};
|
||||
|
||||
global.clearImmediate = function clearImmediate(local) {
|
||||
try {
|
||||
host.clearImmediate(TIMERS.get(local));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
};
|
||||
|
||||
function addListener(name, handler) {
|
||||
if (name !== 'beforeExit' && name !== 'exit') {
|
||||
throw new Error(`Access denied to listen for '${name}' event.`);
|
||||
}
|
||||
|
||||
try {
|
||||
host.process.on(name, Decontextify.value(handler));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
const {argv: optionArgv, env: optionsEnv} = options;
|
||||
|
||||
// FIXME wrong class structure
|
||||
global.process = {
|
||||
argv: optionArgv !== undefined ? Contextify.value(optionArgv) : [],
|
||||
title: host.process.title,
|
||||
version: host.process.version,
|
||||
versions: Contextify.readonly(host.process.versions),
|
||||
arch: host.process.arch,
|
||||
platform: host.process.platform,
|
||||
env: optionsEnv !== undefined ? Contextify.value(optionsEnv) : {},
|
||||
pid: host.process.pid,
|
||||
features: Contextify.readonly(host.process.features),
|
||||
nextTick: function nextTick(callback, ...args) {
|
||||
if (typeof callback !== 'function') {
|
||||
throw new Error('Callback must be a function.');
|
||||
}
|
||||
|
||||
try {
|
||||
host.process.nextTick(Decontextify.value(() => {
|
||||
// FIXME ...args has side effects
|
||||
callback(...args);
|
||||
}));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
hrtime: function hrtime(time) {
|
||||
try {
|
||||
return Contextify.value(host.process.hrtime(Decontextify.value(time)));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
cwd: function cwd() {
|
||||
try {
|
||||
return Contextify.value(host.process.cwd());
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
addListener,
|
||||
on: addListener,
|
||||
|
||||
once: function once(name, handler) {
|
||||
if (name !== 'beforeExit' && name !== 'exit') {
|
||||
throw new Error(`Access denied to listen for '${name}' event.`);
|
||||
}
|
||||
|
||||
try {
|
||||
host.process.once(name, Decontextify.value(handler));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
return this;
|
||||
},
|
||||
|
||||
listeners: function listeners(name) {
|
||||
if (name !== 'beforeExit' && name !== 'exit') {
|
||||
// Maybe add ({__proto__:null})[name] to throw when name fails in https://tc39.es/ecma262/#sec-topropertykey.
|
||||
return [];
|
||||
}
|
||||
|
||||
// Filter out listeners, which were not created in this sandbox
|
||||
try {
|
||||
return Contextify.value(host.process.listeners(name).filter(listener => Contextify.isVMProxy(listener)));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
|
||||
removeListener: function removeListener(name, handler) {
|
||||
if (name !== 'beforeExit' && name !== 'exit') {
|
||||
return this;
|
||||
}
|
||||
|
||||
try {
|
||||
host.process.removeListener(name, Decontextify.value(handler));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
|
||||
return this;
|
||||
},
|
||||
|
||||
umask: function umask() {
|
||||
if (arguments.length) {
|
||||
throw new Error('Access denied to set umask.');
|
||||
}
|
||||
|
||||
try {
|
||||
return Contextify.value(host.process.umask());
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
if (vm.options.console === 'inherit') {
|
||||
global.console = Contextify.readonly(host.console);
|
||||
} else if (vm.options.console === 'redirect') {
|
||||
global.console = {
|
||||
debug(...args) {
|
||||
try {
|
||||
// FIXME ...args has side effects
|
||||
vm.emit('console.debug', ...Decontextify.arguments(args));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
log(...args) {
|
||||
try {
|
||||
// FIXME ...args has side effects
|
||||
vm.emit('console.log', ...Decontextify.arguments(args));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
info(...args) {
|
||||
try {
|
||||
// FIXME ...args has side effects
|
||||
vm.emit('console.info', ...Decontextify.arguments(args));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
warn(...args) {
|
||||
try {
|
||||
// FIXME ...args has side effects
|
||||
vm.emit('console.warn', ...Decontextify.arguments(args));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
error(...args) {
|
||||
try {
|
||||
// FIXME ...args has side effects
|
||||
vm.emit('console.error', ...Decontextify.arguments(args));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
dir(...args) {
|
||||
try {
|
||||
vm.emit('console.dir', ...Decontextify.arguments(args));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
},
|
||||
time() {},
|
||||
timeEnd() {},
|
||||
trace(...args) {
|
||||
try {
|
||||
// FIXME ...args has side effects
|
||||
vm.emit('console.trace', ...Decontextify.arguments(args));
|
||||
} catch (e) {
|
||||
throw Contextify.value(e);
|
||||
}
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
/*
|
||||
Return contextified require.
|
||||
*/
|
||||
|
||||
return _prepareRequire;
|
||||
})(vm, host);
|
831
package-lock.json
generated
831
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
18
package.json
18
package.json
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "action-gh-release",
|
||||
"version": "0.1.7",
|
||||
"version": "0.1.14",
|
||||
"private": true,
|
||||
"description": "GitHub Action for creating GitHub Releases",
|
||||
"main": "lib/main.js",
|
||||
@ -12,7 +12,7 @@
|
||||
},
|
||||
"repository": {
|
||||
"type": "git",
|
||||
"url": "git+https://github.com/softprops/action-gh-template.git"
|
||||
"url": "git+https://github.com/softprops/action-gh-release.git"
|
||||
},
|
||||
"keywords": [
|
||||
"actions"
|
||||
@ -20,19 +20,21 @@
|
||||
"author": "softprops",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.2.6",
|
||||
"@actions/github": "^2.0.0",
|
||||
"@octokit/plugin-retry": "^3.0.2",
|
||||
"@octokit/plugin-throttling": "^3.2.1",
|
||||
"@octokit/action": "^3.18.0",
|
||||
"@actions/core": "^1.4.0",
|
||||
"@octokit/plugin-retry": "^3.0.9",
|
||||
"@octokit/plugin-throttling": "^3.5.1",
|
||||
"glob": "^7.1.6",
|
||||
"mime": "^2.4.4"
|
||||
"mime": "^2.4.4",
|
||||
"node-fetch": "^2.6.1"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/glob": "^7.1.1",
|
||||
"@types/jest": "^24.0.25",
|
||||
"@types/mime": "^2.0.1",
|
||||
"@types/node": "^12.12.24",
|
||||
"@zeit/ncc": "^0.21.0",
|
||||
"@types/node-fetch": "^2.5.12",
|
||||
"@vercel/ncc": "^0.33.0",
|
||||
"jest": "^24.9.0",
|
||||
"jest-circus": "^24.9.0",
|
||||
"prettier": "1.19.1",
|
||||
|
103
src/github.ts
103
src/github.ts
@ -1,14 +1,17 @@
|
||||
import { GitHub } from "@actions/github";
|
||||
import fetch from "node-fetch";
|
||||
import { Octokit } from "@octokit/action";
|
||||
import { Config, isTag, releaseBody } from "./util";
|
||||
import { lstatSync, readFileSync } from "fs";
|
||||
import { statSync, readFileSync } from "fs";
|
||||
import { getType } from "mime";
|
||||
import { basename } from "path";
|
||||
|
||||
type GitHub = InstanceType<typeof Octokit>;
|
||||
|
||||
export interface ReleaseAsset {
|
||||
name: string;
|
||||
mime: string;
|
||||
size: number;
|
||||
file: Buffer;
|
||||
data: Buffer;
|
||||
}
|
||||
|
||||
export interface Release {
|
||||
@ -16,11 +19,12 @@ export interface Release {
|
||||
upload_url: string;
|
||||
html_url: string;
|
||||
tag_name: string;
|
||||
name: string;
|
||||
body: string;
|
||||
name: string | null;
|
||||
body?: string | null | undefined;
|
||||
target_commitish: string;
|
||||
draft: boolean;
|
||||
prerelease: boolean;
|
||||
assets: Array<{ id: number; name: string }>;
|
||||
}
|
||||
|
||||
export interface Releaser {
|
||||
@ -39,6 +43,8 @@ export interface Releaser {
|
||||
draft: boolean | undefined;
|
||||
prerelease: boolean | undefined;
|
||||
target_commitish: string | undefined;
|
||||
discussion_category_name: string | undefined;
|
||||
generate_release_notes: boolean | undefined;
|
||||
}): Promise<{ data: Release }>;
|
||||
|
||||
updateRelease(params: {
|
||||
@ -51,6 +57,8 @@ export interface Releaser {
|
||||
body: string | undefined;
|
||||
draft: boolean | undefined;
|
||||
prerelease: boolean | undefined;
|
||||
discussion_category_name: string | undefined;
|
||||
generate_release_notes: boolean | undefined;
|
||||
}): Promise<{ data: Release }>;
|
||||
|
||||
allReleases(params: {
|
||||
@ -70,7 +78,7 @@ export class GitHubReleaser implements Releaser {
|
||||
repo: string;
|
||||
tag: string;
|
||||
}): Promise<{ data: Release }> {
|
||||
return this.github.repos.getReleaseByTag(params);
|
||||
return this.github.rest.repos.getReleaseByTag(params);
|
||||
}
|
||||
|
||||
createRelease(params: {
|
||||
@ -82,8 +90,10 @@ export class GitHubReleaser implements Releaser {
|
||||
draft: boolean | undefined;
|
||||
prerelease: boolean | undefined;
|
||||
target_commitish: string | undefined;
|
||||
discussion_category_name: string | undefined;
|
||||
generate_release_notes: boolean | undefined;
|
||||
}): Promise<{ data: Release }> {
|
||||
return this.github.repos.createRelease(params);
|
||||
return this.github.rest.repos.createRelease(params);
|
||||
}
|
||||
|
||||
updateRelease(params: {
|
||||
@ -96,8 +106,10 @@ export class GitHubReleaser implements Releaser {
|
||||
body: string | undefined;
|
||||
draft: boolean | undefined;
|
||||
prerelease: boolean | undefined;
|
||||
discussion_category_name: string | undefined;
|
||||
generate_release_notes: boolean | undefined;
|
||||
}): Promise<{ data: Release }> {
|
||||
return this.github.repos.updateRelease(params);
|
||||
return this.github.rest.repos.updateRelease(params);
|
||||
}
|
||||
|
||||
allReleases(params: {
|
||||
@ -106,7 +118,7 @@ export class GitHubReleaser implements Releaser {
|
||||
}): AsyncIterableIterator<{ data: Release[] }> {
|
||||
const updatedParams = { per_page: 100, ...params };
|
||||
return this.github.paginate.iterator(
|
||||
this.github.repos.listReleases.endpoint.merge(updatedParams)
|
||||
this.github.rest.repos.listReleases.endpoint.merge(updatedParams)
|
||||
);
|
||||
}
|
||||
}
|
||||
@ -115,8 +127,8 @@ export const asset = (path: string): ReleaseAsset => {
|
||||
return {
|
||||
name: basename(path),
|
||||
mime: mimeOrDefault(path),
|
||||
size: lstatSync(path).size,
|
||||
file: readFileSync(path)
|
||||
size: statSync(path).size,
|
||||
data: readFileSync(path)
|
||||
};
|
||||
};
|
||||
|
||||
@ -125,21 +137,46 @@ export const mimeOrDefault = (path: string): string => {
|
||||
};
|
||||
|
||||
export const upload = async (
|
||||
gh: GitHub,
|
||||
config: Config,
|
||||
github: GitHub,
|
||||
url: string,
|
||||
path: string
|
||||
path: string,
|
||||
currentAssets: Array<{ id: number; name: string }>
|
||||
): Promise<any> => {
|
||||
let { name, size, mime, file } = asset(path);
|
||||
const [owner, repo] = config.github_repository.split("/");
|
||||
const { name, size, mime, data: body } = asset(path);
|
||||
const currentAsset = currentAssets.find(
|
||||
({ name: currentName }) => currentName == name
|
||||
);
|
||||
if (currentAsset) {
|
||||
console.log(`♻️ Deleting previously uploaded asset ${name}...`);
|
||||
await github.rest.repos.deleteReleaseAsset({
|
||||
asset_id: currentAsset.id || 1,
|
||||
owner,
|
||||
repo
|
||||
});
|
||||
}
|
||||
console.log(`⬆️ Uploading ${name}...`);
|
||||
return await gh.repos.uploadReleaseAsset({
|
||||
url,
|
||||
const endpoint = new URL(url);
|
||||
endpoint.searchParams.append("name", name);
|
||||
const resp = await fetch(endpoint, {
|
||||
headers: {
|
||||
"content-length": size,
|
||||
"content-type": mime
|
||||
"content-length": `${size}`,
|
||||
"content-type": mime,
|
||||
authorization: `token ${config.github_token}`
|
||||
},
|
||||
name,
|
||||
file
|
||||
method: "POST",
|
||||
body
|
||||
});
|
||||
const json = await resp.json();
|
||||
if (resp.status !== 201) {
|
||||
throw new Error(
|
||||
`Failed to upload release asset ${name}. received status code ${
|
||||
resp.status
|
||||
}\n${json.message}\n${JSON.stringify(json.errors)}`
|
||||
);
|
||||
}
|
||||
return json;
|
||||
};
|
||||
|
||||
export const release = async (
|
||||
@ -158,6 +195,9 @@ export const release = async (
|
||||
(isTag(config.github_ref)
|
||||
? config.github_ref.replace("refs/tags/", "")
|
||||
: "");
|
||||
|
||||
const discussion_category_name = config.input_discussion_category_name;
|
||||
const generate_release_notes = config.input_generate_release_notes;
|
||||
try {
|
||||
// you can't get a an existing draft by tag
|
||||
// so we must find one in the list of all releases
|
||||
@ -194,12 +234,11 @@ export const release = async (
|
||||
|
||||
const tag_name = tag;
|
||||
const name = config.input_name || existingRelease.data.name || tag;
|
||||
|
||||
let body: string = "";
|
||||
if (existingRelease.data.body) body += existingRelease.data.body;
|
||||
let workflowBody = releaseBody(config);
|
||||
if (existingRelease.data.body && workflowBody) body += "\n";
|
||||
if (workflowBody) body += workflowBody;
|
||||
// revisit: support a new body-concat-strategy input for accumulating
|
||||
// body parts as a release gets updated. some users will likely want this while
|
||||
// others won't previously this was duplicating content for most which
|
||||
// no one wants
|
||||
let body = releaseBody(config) || existingRelease.data.body || "";
|
||||
|
||||
const draft =
|
||||
config.input_draft !== undefined
|
||||
@ -219,7 +258,9 @@ export const release = async (
|
||||
name,
|
||||
body,
|
||||
draft,
|
||||
prerelease
|
||||
prerelease,
|
||||
discussion_category_name,
|
||||
generate_release_notes
|
||||
});
|
||||
return release.data;
|
||||
} catch (error) {
|
||||
@ -246,7 +287,9 @@ export const release = async (
|
||||
body,
|
||||
draft,
|
||||
prerelease,
|
||||
target_commitish
|
||||
target_commitish,
|
||||
discussion_category_name,
|
||||
generate_release_notes
|
||||
});
|
||||
return release.data;
|
||||
} catch (error) {
|
||||
@ -254,7 +297,9 @@ export const release = async (
|
||||
console.log(
|
||||
`⚠️ GitHub release failed with status: ${
|
||||
error.status
|
||||
}, retrying... (${maxRetries - 1} retries remaining)`
|
||||
}\n${JSON.stringify(
|
||||
error.response.data.errors
|
||||
)}\nretrying... (${maxRetries - 1} retries remaining)`
|
||||
);
|
||||
return release(config, releaser, maxRetries - 1);
|
||||
}
|
||||
|
38
src/main.ts
38
src/main.ts
@ -1,7 +1,15 @@
|
||||
import { paths, parseConfig, isTag, unmatchedPatterns } from "./util";
|
||||
import {
|
||||
paths,
|
||||
parseConfig,
|
||||
isTag,
|
||||
unmatchedPatterns,
|
||||
uploadUrl
|
||||
} from "./util";
|
||||
import { release, upload, GitHubReleaser } from "./github";
|
||||
import { Octokit } from "@octokit/action";
|
||||
import { setFailed, setOutput } from "@actions/core";
|
||||
import { GitHub } from "@actions/github";
|
||||
import { retry } from "@octokit/plugin-retry";
|
||||
import { throttling } from "@octokit/plugin-throttling";
|
||||
import { env } from "process";
|
||||
|
||||
async function run() {
|
||||
@ -23,11 +31,10 @@ async function run() {
|
||||
throw new Error(`⚠️ There were unmatched files`);
|
||||
}
|
||||
}
|
||||
GitHub.plugin([
|
||||
require("@octokit/plugin-throttling"),
|
||||
require("@octokit/plugin-retry")
|
||||
]);
|
||||
const gh = new GitHub(config.github_token, {
|
||||
|
||||
const OctokitWithPlugins = Octokit.plugin(retry, throttling);
|
||||
const gh = new OctokitWithPlugins({
|
||||
auth: config.github_token,
|
||||
throttle: {
|
||||
onRateLimit: (retryAfter, options) => {
|
||||
console.warn(
|
||||
@ -47,19 +54,30 @@ async function run() {
|
||||
}
|
||||
}
|
||||
});
|
||||
let rel = await release(config, new GitHubReleaser(gh));
|
||||
//);
|
||||
const rel = await release(config, new GitHubReleaser(gh));
|
||||
if (config.input_files) {
|
||||
const files = paths(config.input_files);
|
||||
if (files.length == 0) {
|
||||
console.warn(`🤔 ${config.input_files} not include valid file.`);
|
||||
}
|
||||
await Promise.all(
|
||||
const currentAssets = rel.assets;
|
||||
const assets = await Promise.all(
|
||||
files.map(async path => {
|
||||
await upload(gh, rel.upload_url, path);
|
||||
const json = await upload(
|
||||
config,
|
||||
gh,
|
||||
uploadUrl(rel.upload_url),
|
||||
path,
|
||||
currentAssets
|
||||
);
|
||||
delete json.uploader;
|
||||
return json;
|
||||
})
|
||||
).catch(error => {
|
||||
throw error;
|
||||
});
|
||||
setOutput("assets", assets);
|
||||
}
|
||||
console.log(`🎉 Release ready at ${rel.html_url}`);
|
||||
setOutput("url", rel.html_url);
|
||||
|
26
src/util.ts
26
src/util.ts
@ -1,6 +1,5 @@
|
||||
import { getInput } from "@actions/core";
|
||||
import * as glob from "glob";
|
||||
import { lstatSync, readFileSync } from "fs";
|
||||
import { statSync, readFileSync } from "fs";
|
||||
|
||||
export interface Config {
|
||||
github_token: string;
|
||||
@ -17,8 +16,18 @@ export interface Config {
|
||||
input_prerelease?: boolean;
|
||||
input_fail_on_unmatched_files?: boolean;
|
||||
input_target_commitish?: string;
|
||||
input_discussion_category_name?: string;
|
||||
input_generate_release_notes?: boolean;
|
||||
}
|
||||
|
||||
export const uploadUrl = (url: string): string => {
|
||||
const templateMarkerPos = url.indexOf("{");
|
||||
if (templateMarkerPos > -1) {
|
||||
return url.substring(0, templateMarkerPos);
|
||||
}
|
||||
return url;
|
||||
};
|
||||
|
||||
export const releaseBody = (config: Config): string | undefined => {
|
||||
return (
|
||||
(config.input_body_path &&
|
||||
@ -42,11 +51,11 @@ export const parseInputFiles = (files: string): string[] => {
|
||||
|
||||
export const parseConfig = (env: Env): Config => {
|
||||
return {
|
||||
github_token: getInput("token") || env.GITHUB_TOKEN || "",
|
||||
github_token: env.GITHUB_TOKEN || env.INPUT_TOKEN || "",
|
||||
github_ref: env.GITHUB_REF || "",
|
||||
github_repository: env.INPUT_REPOSITORY || env.GITHUB_REPOSITORY || "",
|
||||
input_name: env.INPUT_NAME,
|
||||
input_tag_name: env.INPUT_TAG_NAME,
|
||||
input_tag_name: env.INPUT_TAG_NAME?.trim(),
|
||||
input_body: env.INPUT_BODY,
|
||||
input_body_path: env.INPUT_BODY_PATH,
|
||||
input_files: parseInputFiles(env.INPUT_FILES || ""),
|
||||
@ -55,14 +64,17 @@ export const parseConfig = (env: Env): Config => {
|
||||
? env.INPUT_PRERELEASE == "true"
|
||||
: undefined,
|
||||
input_fail_on_unmatched_files: env.INPUT_FAIL_ON_UNMATCHED_FILES == "true",
|
||||
input_target_commitish: env.INPUT_TARGET_COMMITISH
|
||||
input_target_commitish: env.INPUT_TARGET_COMMITISH || undefined,
|
||||
input_discussion_category_name:
|
||||
env.INPUT_DISCUSSION_CATEGORY_NAME || undefined,
|
||||
input_generate_release_notes: env.INPUT_GENERATE_RELEASE_NOTES == "true"
|
||||
};
|
||||
};
|
||||
|
||||
export const paths = (patterns: string[]): string[] => {
|
||||
return patterns.reduce((acc: string[], pattern: string): string[] => {
|
||||
return acc.concat(
|
||||
glob.sync(pattern).filter(path => lstatSync(path).isFile())
|
||||
glob.sync(pattern).filter(path => statSync(path).isFile())
|
||||
);
|
||||
}, []);
|
||||
};
|
||||
@ -70,7 +82,7 @@ export const paths = (patterns: string[]): string[] => {
|
||||
export const unmatchedPatterns = (patterns: string[]): string[] => {
|
||||
return patterns.reduce((acc: string[], pattern: string): string[] => {
|
||||
return acc.concat(
|
||||
glob.sync(pattern).filter(path => lstatSync(path).isFile()).length == 0
|
||||
glob.sync(pattern).filter(path => statSync(path).isFile()).length == 0
|
||||
? [pattern]
|
||||
: []
|
||||
);
|
||||
|
Reference in New Issue
Block a user