Skip to content

Commit

Permalink
Fix short lived access token query (#59)
Browse files Browse the repository at this point in the history 
* Fix develocity-token-expiry configuration

* Fix vulnerability in path-to-regexp
  • Loading branch information
@jprinet
jprinet authored Sep 13, 2024
1 parent 02ca668 commit 6f6f51c
Show file tree
Hide file tree
Showing 6 changed files with 8 additions and 7 deletions.
2 changes: 1 addition & 1 deletion build-scan-shared/src/auth/short-lived-token.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ class ShortLivedTokenClient {
retryInterval = 1000

async fetchToken(serverUrl: string, accessKey: HostnameAccessKey, expiry: string): Promise<HostnameAccessKey> {
const queryParams = expiry ? `?expiresInHours${expiry}` : ''
const queryParams = expiry ? `?expiresInHours=${expiry}` : ''
const sanitizedServerUrl = !serverUrl.endsWith('/') ? `${serverUrl}/` : serverUrl
const headers = {
'Content-Type': 'application/json',
Expand Down
2 changes: 1 addition & 1 deletion dist/maven-publish-build-scan/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134475,7 +134475,7 @@ class ShortLivedTokenClient {
maxRetries = 3;
retryInterval = 1000;
async fetchToken(serverUrl, accessKey, expiry) {
const queryParams = expiry ? `?expiresInHours${expiry}` : '';
const queryParams = expiry ? `?expiresInHours=${expiry}` : '';
const sanitizedServerUrl = !serverUrl.endsWith('/') ? `${serverUrl}/` : serverUrl;
const headers = {
'Content-Type': 'application/json',
Expand Down
2 changes: 1 addition & 1 deletion dist/maven-setup/main/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41095,7 +41095,7 @@ class ShortLivedTokenClient {
maxRetries = 3;
retryInterval = 1000;
async fetchToken(serverUrl, accessKey, expiry) {
const queryParams = expiry ? `?expiresInHours${expiry}` : '';
const queryParams = expiry ? `?expiresInHours=${expiry}` : '';
const sanitizedServerUrl = !serverUrl.endsWith('/') ? `${serverUrl}/` : serverUrl;
const headers = {
'Content-Type': 'application/json',
Expand Down
2 changes: 1 addition & 1 deletion dist/maven-setup/post/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134475,7 +134475,7 @@ class ShortLivedTokenClient {
maxRetries = 3;
retryInterval = 1000;
async fetchToken(serverUrl, accessKey, expiry) {
const queryParams = expiry ? `?expiresInHours${expiry}` : '';
const queryParams = expiry ? `?expiresInHours=${expiry}` : '';
const sanitizedServerUrl = !serverUrl.endsWith('/') ? `${serverUrl}/` : serverUrl;
const headers = {
'Content-Type': 'application/json',
Expand Down
6 changes: 3 additions & 3 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions release/changelog.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
- Fixes a bug where setting the develocity-token-expiry parameter had no effect

0 comments on commit 6f6f51c

Please sign in to comment.