diff --git a/tools/github_reporter/index.js b/tools/github_reporter/index.js index 68e9de5be2484c..9abd7e231e1421 100644 --- a/tools/github_reporter/index.js +++ b/tools/github_reporter/index.js @@ -571,10 +571,10 @@ var require_proxy = __commonJS({ })(); if (proxyVar) { try { - return new URL(proxyVar); + return new DecodedURL(proxyVar); } catch (_a) { if (!proxyVar.startsWith("http://") && !proxyVar.startsWith("https://")) - return new URL(`http://${proxyVar}`); + return new DecodedURL(`http://${proxyVar}`); } } else { return void 0; @@ -617,6 +617,19 @@ var require_proxy = __commonJS({ const hostLower = host.toLowerCase(); return hostLower === "localhost" || hostLower.startsWith("127.") || hostLower.startsWith("[::1]") || hostLower.startsWith("[0:0:0:0:0:0:0:1]"); } + var DecodedURL = class extends URL { + constructor(url, base) { + super(url, base); + this._decodedUsername = decodeURIComponent(super.username); + this._decodedPassword = decodeURIComponent(super.password); + } + get username() { + return this._decodedUsername; + } + get password() { + return this._decodedPassword; + } + }; } }); @@ -1141,6 +1154,121 @@ var require_errors = __commonJS({ } }); +// node_modules/@reporters/github/node_modules/undici/lib/core/constants.js +var require_constants = __commonJS({ + "node_modules/@reporters/github/node_modules/undici/lib/core/constants.js"(exports2, module2) { + "use strict"; + var headerNameLowerCasedRecord = {}; + var wellknownHeaderNames = [ + "Accept", + "Accept-Encoding", + "Accept-Language", + "Accept-Ranges", + "Access-Control-Allow-Credentials", + "Access-Control-Allow-Headers", + "Access-Control-Allow-Methods", + "Access-Control-Allow-Origin", + "Access-Control-Expose-Headers", + "Access-Control-Max-Age", + "Access-Control-Request-Headers", + "Access-Control-Request-Method", + "Age", + "Allow", + "Alt-Svc", + "Alt-Used", + "Authorization", + "Cache-Control", + "Clear-Site-Data", + "Connection", + "Content-Disposition", + "Content-Encoding", + "Content-Language", + "Content-Length", + "Content-Location", + "Content-Range", + "Content-Security-Policy", + "Content-Security-Policy-Report-Only", + "Content-Type", + "Cookie", + "Cross-Origin-Embedder-Policy", + "Cross-Origin-Opener-Policy", + "Cross-Origin-Resource-Policy", + "Date", + "Device-Memory", + "Downlink", + "ECT", + "ETag", + "Expect", + "Expect-CT", + "Expires", + "Forwarded", + "From", + "Host", + "If-Match", + "If-Modified-Since", + "If-None-Match", + "If-Range", + "If-Unmodified-Since", + "Keep-Alive", + "Last-Modified", + "Link", + "Location", + "Max-Forwards", + "Origin", + "Permissions-Policy", + "Pragma", + "Proxy-Authenticate", + "Proxy-Authorization", + "RTT", + "Range", + "Referer", + "Referrer-Policy", + "Refresh", + "Retry-After", + "Sec-WebSocket-Accept", + "Sec-WebSocket-Extensions", + "Sec-WebSocket-Key", + "Sec-WebSocket-Protocol", + "Sec-WebSocket-Version", + "Server", + "Server-Timing", + "Service-Worker-Allowed", + "Service-Worker-Navigation-Preload", + "Set-Cookie", + "SourceMap", + "Strict-Transport-Security", + "Supports-Loading-Mode", + "TE", + "Timing-Allow-Origin", + "Trailer", + "Transfer-Encoding", + "Upgrade", + "Upgrade-Insecure-Requests", + "User-Agent", + "Vary", + "Via", + "WWW-Authenticate", + "X-Content-Type-Options", + "X-DNS-Prefetch-Control", + "X-Frame-Options", + "X-Permitted-Cross-Domain-Policies", + "X-Powered-By", + "X-Requested-With", + "X-XSS-Protection" + ]; + for (let i = 0; i < wellknownHeaderNames.length; ++i) { + const key = wellknownHeaderNames[i]; + const lowerCasedKey = key.toLowerCase(); + headerNameLowerCasedRecord[key] = headerNameLowerCasedRecord[lowerCasedKey] = lowerCasedKey; + } + Object.setPrototypeOf(headerNameLowerCasedRecord, null); + module2.exports = { + wellknownHeaderNames, + headerNameLowerCasedRecord + }; + } +}); + // node_modules/@reporters/github/node_modules/undici/lib/core/util.js var require_util = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/core/util.js"(exports2, module2) { @@ -1154,6 +1282,7 @@ var require_util = __commonJS({ var { Blob: Blob2 } = require("buffer"); var nodeUtil = require("util"); var { stringify: stringify2 } = require("querystring"); + var { headerNameLowerCasedRecord } = require_constants(); var [nodeMajor, nodeMinor] = process.versions.node.split(".").map((v) => Number(v)); function nop() { } @@ -1297,6 +1426,9 @@ var require_util = __commonJS({ const m = val.toString().match(KEEPALIVE_TIMEOUT_EXPR); return m ? parseInt(m[1], 10) * 1e3 : null; } + function headerNameToString(value) { + return headerNameLowerCasedRecord[value] || value.toLowerCase(); + } function parseHeaders(headers, obj = {}) { if (!Array.isArray(headers)) return headers; @@ -1500,6 +1632,7 @@ var require_util = __commonJS({ isIterable, isAsyncIterable, isDestroyed, + headerNameToString, parseRawHeaders, parseHeaders, parseKeepAliveTimeout, @@ -3595,7 +3728,7 @@ var require_main = __commonJS({ }); // node_modules/@reporters/github/node_modules/undici/lib/fetch/constants.js -var require_constants = __commonJS({ +var require_constants2 = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/fetch/constants.js"(exports2, module2) { "use strict"; var { MessageChannel, receiveMessageOnPort } = require("worker_threads"); @@ -3833,15 +3966,18 @@ var require_global = __commonJS({ var require_util2 = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/fetch/util.js"(exports2, module2) { "use strict"; - var { redirectStatusSet, referrerPolicySet: referrerPolicyTokens, badPortsSet } = require_constants(); + var { redirectStatusSet, referrerPolicySet: referrerPolicyTokens, badPortsSet } = require_constants2(); var { getGlobalOrigin } = require_global(); var { performance: performance2 } = require("perf_hooks"); var { isBlobLike, toUSVString, ReadableStreamFrom } = require_util(); var assert = require("assert"); var { isUint8Array } = require("util/types"); + var supportedHashes = []; var crypto4; try { crypto4 = require("crypto"); + const possibleRelevantHashes = ["sha256", "sha384", "sha512"]; + supportedHashes = crypto4.getHashes().filter((hash) => possibleRelevantHashes.includes(hash)); } catch { } function responseURL(response) { @@ -4117,45 +4253,37 @@ var require_util2 = __commonJS({ if (parsedMetadata.length === 0) { return true; } - const list = parsedMetadata.sort((c, d) => d.algo.localeCompare(c.algo)); - const strongest = list[0].algo; - const metadata = list.filter((item) => item.algo === strongest); + const strongest = getStrongestMetadata(parsedMetadata); + const metadata = filterMetadataListByAlgorithm(parsedMetadata, strongest); for (const item of metadata) { const algorithm = item.algo; - let expectedValue = item.hash; - if (expectedValue.endsWith("==")) { - expectedValue = expectedValue.slice(0, -2); - } + const expectedValue = item.hash; let actualValue = crypto4.createHash(algorithm).update(bytes).digest("base64"); - if (actualValue.endsWith("==")) { - actualValue = actualValue.slice(0, -2); - } - if (actualValue === expectedValue) { - return true; - } - let actualBase64URL = crypto4.createHash(algorithm).update(bytes).digest("base64url"); - if (actualBase64URL.endsWith("==")) { - actualBase64URL = actualBase64URL.slice(0, -2); + if (actualValue[actualValue.length - 1] === "=") { + if (actualValue[actualValue.length - 2] === "=") { + actualValue = actualValue.slice(0, -2); + } else { + actualValue = actualValue.slice(0, -1); + } } - if (actualBase64URL === expectedValue) { + if (compareBase64Mixed(actualValue, expectedValue)) { return true; } } return false; } - var parseHashWithOptions = /((?sha256|sha384|sha512)-(?[A-z0-9+/]{1}.*={0,2}))( +[\x21-\x7e]?)?/i; + var parseHashWithOptions = /(?sha256|sha384|sha512)-((?[A-Za-z0-9+/]+|[A-Za-z0-9_-]+)={0,2}(?:\s|$)( +[!-~]*)?)?/i; function parseMetadata(metadata) { const result = []; let empty = true; - const supportedHashes = crypto4.getHashes(); for (const token of metadata.split(" ")) { empty = false; const parsedToken = parseHashWithOptions.exec(token); - if (parsedToken === null || parsedToken.groups === void 0) { + if (parsedToken === null || parsedToken.groups === void 0 || parsedToken.groups.algo === void 0) { continue; } - const algorithm = parsedToken.groups.algo; - if (supportedHashes.includes(algorithm.toLowerCase())) { + const algorithm = parsedToken.groups.algo.toLowerCase(); + if (supportedHashes.includes(algorithm)) { result.push(parsedToken.groups); } } @@ -4164,6 +4292,51 @@ var require_util2 = __commonJS({ } return result; } + function getStrongestMetadata(metadataList) { + let algorithm = metadataList[0].algo; + if (algorithm[3] === "5") { + return algorithm; + } + for (let i = 1; i < metadataList.length; ++i) { + const metadata = metadataList[i]; + if (metadata.algo[3] === "5") { + algorithm = "sha512"; + break; + } else if (algorithm[3] === "3") { + continue; + } else if (metadata.algo[3] === "3") { + algorithm = "sha384"; + } + } + return algorithm; + } + function filterMetadataListByAlgorithm(metadataList, algorithm) { + if (metadataList.length === 1) { + return metadataList; + } + let pos = 0; + for (let i = 0; i < metadataList.length; ++i) { + if (metadataList[i].algo === algorithm) { + metadataList[pos++] = metadataList[i]; + } + } + metadataList.length = pos; + return metadataList; + } + function compareBase64Mixed(actualValue, expectedValue) { + if (actualValue.length !== expectedValue.length) { + return false; + } + for (let i = 0; i < actualValue.length; ++i) { + if (actualValue[i] !== expectedValue[i]) { + if (actualValue[i] === "+" && expectedValue[i] === "-" || actualValue[i] === "/" && expectedValue[i] === "_") { + continue; + } + return false; + } + } + return true; + } function tryUpgradeRequestToAPotentiallyTrustworthyURL(request) { } function sameOrigin(A, B) { @@ -4387,7 +4560,8 @@ var require_util2 = __commonJS({ urlHasHttpsScheme, urlIsHttpHttpsScheme, readAllBytes, - normalizeMethodRecord + normalizeMethodRecord, + parseMetadata }; } }); @@ -5424,7 +5598,7 @@ var require_body = __commonJS({ var { FormData } = require_formdata(); var { kState } = require_symbols2(); var { webidl } = require_webidl(); - var { DOMException: DOMException2, structuredClone } = require_constants(); + var { DOMException: DOMException2, structuredClone } = require_constants2(); var { Blob: Blob2, File: NativeFile } = require("buffer"); var { kBodyUsed } = require_symbols(); var assert = require("assert"); @@ -6520,7 +6694,7 @@ var require_utils2 = __commonJS({ }); // node_modules/@reporters/github/node_modules/undici/lib/llhttp/constants.js -var require_constants2 = __commonJS({ +var require_constants3 = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/llhttp/constants.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); @@ -6955,7 +7129,17 @@ var require_RedirectHandler = __commonJS({ } } function shouldRemoveHeader(header, removeContent, unknownOrigin) { - return header.length === 4 && header.toString().toLowerCase() === "host" || removeContent && header.toString().toLowerCase().indexOf("content-") === 0 || unknownOrigin && header.length === 13 && header.toString().toLowerCase() === "authorization" || unknownOrigin && header.length === 6 && header.toString().toLowerCase() === "cookie"; + if (header.length === 4) { + return util2.headerNameToString(header) === "host"; + } + if (removeContent && util2.headerNameToString(header).startsWith("content-")) { + return true; + } + if (unknownOrigin && (header.length === 13 || header.length === 6 || header.length === 19)) { + const name = util2.headerNameToString(header); + return name === "authorization" || name === "cookie" || name === "proxy-authorization"; + } + return false; } function cleanRequestHeaders(headers, removeContent, unknownOrigin) { const ret = []; @@ -7400,7 +7584,7 @@ var require_client = __commonJS({ ); resume(client); } - var constants = require_constants2(); + var constants = require_constants3(); var createRedirectInterceptor = require_redirectInterceptor(); var EMPTY_BUF = Buffer.alloc(0); async function lazyllhttp() { @@ -12104,7 +12288,7 @@ var require_response = __commonJS({ redirectStatusSet, nullBodyStatus, DOMException: DOMException2 - } = require_constants(); + } = require_constants2(); var { kState, kHeaders, kGuard, kRealm } = require_symbols2(); var { webidl } = require_webidl(); var { FormData } = require_formdata(); @@ -12486,7 +12670,7 @@ var require_request2 = __commonJS({ requestCredentials, requestCache, requestDuplex - } = require_constants(); + } = require_constants2(); var { kEnumerableProperty } = util2; var { kHeaders, kSignal, kState, kGuard, kRealm } = require_symbols2(); var { webidl } = require_webidl(); @@ -13155,7 +13339,7 @@ var require_fetch = __commonJS({ requestBodyHeader, subresourceSet, DOMException: DOMException2 - } = require_constants(); + } = require_constants2(); var { kHeadersList } = require_symbols(); var EE = require("events"); var { Readable, pipeline } = require("stream"); @@ -14519,7 +14703,7 @@ var require_util4 = __commonJS({ } = require_symbols3(); var { ProgressEvent } = require_progressevent(); var { getEncoding } = require_encoding(); - var { DOMException: DOMException2 } = require_constants(); + var { DOMException: DOMException2 } = require_constants2(); var { serializeAMimeType, parseMIMEType } = require_dataURL(); var { types } = require("util"); var { StringDecoder } = require("string_decoder"); @@ -15635,7 +15819,7 @@ var require_cachestorage = __commonJS({ }); // node_modules/@reporters/github/node_modules/undici/lib/cookies/constants.js -var require_constants3 = __commonJS({ +var require_constants4 = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/cookies/constants.js"(exports2, module2) { "use strict"; var maxAttributeValueSize = 1024; @@ -15810,7 +15994,7 @@ var require_util6 = __commonJS({ var require_parse = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/cookies/parse.js"(exports2, module2) { "use strict"; - var { maxNameValuePairSize, maxAttributeValueSize } = require_constants3(); + var { maxNameValuePairSize, maxAttributeValueSize } = require_constants4(); var { isCTLExcludingHtab } = require_util6(); var { collectASequenceOfCodePointsFast } = require_dataURL(); var assert = require("assert"); @@ -16075,7 +16259,7 @@ var require_cookies = __commonJS({ }); // node_modules/@reporters/github/node_modules/undici/lib/websocket/constants.js -var require_constants4 = __commonJS({ +var require_constants5 = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/websocket/constants.js"(exports2, module2) { "use strict"; var uid = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"; @@ -16383,7 +16567,7 @@ var require_util7 = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/websocket/util.js"(exports2, module2) { "use strict"; var { kReadyState, kController, kResponse, kBinaryType, kWebSocketURL } = require_symbols5(); - var { states, opcodes } = require_constants4(); + var { states, opcodes } = require_constants5(); var { MessageEvent, ErrorEvent } = require_events(); function isEstablished(ws) { return ws[kReadyState] === states.OPEN; @@ -16473,7 +16657,7 @@ var require_connection = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/websocket/connection.js"(exports2, module2) { "use strict"; var diagnosticsChannel = require("diagnostics_channel"); - var { uid, states } = require_constants4(); + var { uid, states } = require_constants5(); var { kReadyState, kSentClose, @@ -16620,7 +16804,7 @@ var require_connection = __commonJS({ var require_frame = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/websocket/frame.js"(exports2, module2) { "use strict"; - var { maxUnsigned16Bit } = require_constants4(); + var { maxUnsigned16Bit } = require_constants5(); var crypto4; try { crypto4 = require("crypto"); @@ -16679,7 +16863,7 @@ var require_receiver = __commonJS({ "use strict"; var { Writable } = require("stream"); var diagnosticsChannel = require("diagnostics_channel"); - var { parserStates, opcodes, states, emptyBuffer } = require_constants4(); + var { parserStates, opcodes, states, emptyBuffer } = require_constants5(); var { kReadyState, kSentClose, kResponse, kReceivedClose } = require_symbols5(); var { isValidStatusCode, failWebsocketConnection, websocketMessageReceived } = require_util7(); var { WebsocketFrameSend } = require_frame(); @@ -16914,10 +17098,10 @@ var require_websocket = __commonJS({ "node_modules/@reporters/github/node_modules/undici/lib/websocket/websocket.js"(exports2, module2) { "use strict"; var { webidl } = require_webidl(); - var { DOMException: DOMException2 } = require_constants(); + var { DOMException: DOMException2 } = require_constants2(); var { URLSerializer } = require_dataURL(); var { getGlobalOrigin } = require_global(); - var { staticPropertyDescriptors, states, opcodes, emptyBuffer } = require_constants4(); + var { staticPropertyDescriptors, states, opcodes, emptyBuffer } = require_constants5(); var { kWebSocketURL, kReadyState, @@ -18000,7 +18184,7 @@ var require_lib = __commonJS({ } const usingSsl = parsedUrl.protocol === "https:"; proxyAgent = new undici_1.ProxyAgent(Object.assign({ uri: proxyUrl.href, pipelining: !this._keepAlive ? 0 : 1 }, (proxyUrl.username || proxyUrl.password) && { - token: `${proxyUrl.username}:${proxyUrl.password}` + token: `Basic ${Buffer.from(`${proxyUrl.username}:${proxyUrl.password}`).toString("base64")}` })); this._proxyAgentDispatcher = proxyAgent; if (usingSsl && this._ignoreSslError) { diff --git a/tools/github_reporter/package.json b/tools/github_reporter/package.json index 1c5f4fa5675b35..5e37b4fc5a0307 100644 --- a/tools/github_reporter/package.json +++ b/tools/github_reporter/package.json @@ -1,6 +1,6 @@ { "name": "@reporters/github", - "version": "1.7.0", + "version": "1.7.1", "description": "A github actions reporter for `node:test`", "type": "commonjs", "keywords": [