actions/setup-go
1
0
Fork 0
mirror of https://github.com/actions/setup-go.git synced 2025-07-11 23:52:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix low security alert

Browse Source
This commit is contained in:
HarithaVattikuti 2025-07-08 12:21:14 -05:00
parent 71b05d8003
commit a963b3127a
4 changed files with 136 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.licenses/npm/brace-expansion.dep.yml generated
View File

@ -1,6 +1,6 @@
---
name: brace-expansion
version: 1.1.11
version: 1.1.12
type: npm
summary: Brace expansion as known from sh/bash
homepage: https://github.com/juliangruber/brace-expansion

43
dist/cache-save/index.js vendored
View File

@ -51577,7 +51577,7 @@ function expand(str, isTop) {
var isOptions = m.body.indexOf(',') >= 0;
if (!isSequence && !isOptions) {
// {a},b}
if (m.post.match(/,.*\}/)) {
if (m.post.match(/,(?!,).*\}/)) {
str = m.pre + '{' + m.body + escClose + m.post;
return expand(str);
}
@ -86631,13 +86631,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
};
})();
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
@ -86651,7 +86661,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.run = void 0;
exports.run = run;
const core = __importStar(__nccwpck_require__(2186));
const cache = __importStar(__nccwpck_require__(7799));
const fs_1 = __importDefault(__nccwpck_require__(7147));
@ -86690,7 +86700,6 @@ function run(earlyExit) {
}
});
}
exports.run = run;
const cachePackages = () => __awaiter(void 0, void 0, void 0, function* () {
const packageManager = 'default';
const state = core.getState(constants_1.State.CacheMatchedKey);
@ -86749,13 +86758,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
};
})();
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
@ -86766,7 +86785,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
});
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.isCacheFeatureAvailable = exports.isGhes = exports.getCacheDirectoryPath = exports.getPackageManagerInfo = exports.getCommandOutput = void 0;
exports.getCacheDirectoryPath = exports.getPackageManagerInfo = exports.getCommandOutput = void 0;
exports.isGhes = isGhes;
exports.isCacheFeatureAvailable = isCacheFeatureAvailable;
const cache = __importStar(__nccwpck_require__(7799));
const core = __importStar(__nccwpck_require__(2186));
const exec = __importStar(__nccwpck_require__(1514));
@ -86816,7 +86837,6 @@ function isGhes() {
const isLocalHost = hostname.endsWith('.LOCALHOST');
return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
}
exports.isGhes = isGhes;
function isCacheFeatureAvailable() {
if (cache.isFeatureAvailable()) {
return true;
@ -86828,7 +86848,6 @@ function isCacheFeatureAvailable() {
core.warning('The runner was not able to contact the cache service. Caching will be skipped');
return false;
}
exports.isCacheFeatureAvailable = isCacheFeatureAvailable;
/***/ }),

103
dist/setup/index.js vendored
View File

@ -55363,7 +55363,7 @@ function expand(str, isTop) {
var isOptions = m.body.indexOf(',') >= 0;
if (!isSequence && !isOptions) {
// {a},b}
if (m.post.match(/,.*\}/)) {
if (m.post.match(/,(?!,).*\}/)) {
str = m.pre + '{' + m.body + escClose + m.post;
return expand(str);
}
@ -92977,13 +92977,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
};
})();
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
@ -93067,13 +93077,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
};
})();
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
@ -93084,7 +93104,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
});
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.isCacheFeatureAvailable = exports.isGhes = exports.getCacheDirectoryPath = exports.getPackageManagerInfo = exports.getCommandOutput = void 0;
exports.getCacheDirectoryPath = exports.getPackageManagerInfo = exports.getCommandOutput = void 0;
exports.isGhes = isGhes;
exports.isCacheFeatureAvailable = isCacheFeatureAvailable;
const cache = __importStar(__nccwpck_require__(7799));
const core = __importStar(__nccwpck_require__(2186));
const exec = __importStar(__nccwpck_require__(1514));
@ -93134,7 +93156,6 @@ function isGhes() {
const isLocalHost = hostname.endsWith('.LOCALHOST');
return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
}
exports.isGhes = isGhes;
function isCacheFeatureAvailable() {
if (cache.isFeatureAvailable()) {
return true;
@ -93146,7 +93167,6 @@ function isCacheFeatureAvailable() {
core.warning('The runner was not able to contact the cache service. Caching will be skipped');
return false;
}
exports.isCacheFeatureAvailable = isCacheFeatureAvailable;
/***/ }),
@ -93192,13 +93212,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
};
})();
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
@ -93212,7 +93242,15 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.resolveStableVersionInput = exports.parseGoVersionFile = exports.makeSemver = exports.getVersionsDist = exports.findMatch = exports.getInfoFromManifest = exports.getManifest = exports.extractGoArchive = exports.getGo = void 0;
exports.getGo = getGo;
exports.extractGoArchive = extractGoArchive;
exports.getManifest = getManifest;
exports.getInfoFromManifest = getInfoFromManifest;
exports.findMatch = findMatch;
exports.getVersionsDist = getVersionsDist;
exports.makeSemver = makeSemver;
exports.parseGoVersionFile = parseGoVersionFile;
exports.resolveStableVersionInput = resolveStableVersionInput;
const tc = __importStar(__nccwpck_require__(7784));
const core = __importStar(__nccwpck_require__(2186));
const path = __importStar(__nccwpck_require__(1017));
@ -93307,7 +93345,6 @@ function getGo(versionSpec_1, checkLatest_1, auth_1) {
return downloadPath;
});
}
exports.getGo = getGo;
function resolveVersionFromManifest(versionSpec, stable, auth, arch, manifest) {
return __awaiter(this, void 0, void 0, function* () {
try {
@ -93396,7 +93433,6 @@ function extractGoArchive(archivePath) {
return extPath;
});
}
exports.extractGoArchive = extractGoArchive;
function isIToolRelease(obj) {
return (typeof obj === 'object' &&
obj !== null &&
@ -93434,7 +93470,6 @@ function getManifest(auth) {
return yield getManifestFromURL();
});
}
exports.getManifest = getManifest;
function getManifestFromRepo(auth) {
core.debug(`Getting manifest from ${MANIFEST_REPO_OWNER}/${MANIFEST_REPO_NAME}@${MANIFEST_REPO_BRANCH}`);
return tc.getManifestFromRepo(MANIFEST_REPO_OWNER, MANIFEST_REPO_NAME, auth, MANIFEST_REPO_BRANCH);
@ -93469,7 +93504,6 @@ function getInfoFromManifest(versionSpec_1, stable_1, auth_1) {
return info;
});
}
exports.getInfoFromManifest = getInfoFromManifest;
function getInfoFromDist(versionSpec, arch) {
return __awaiter(this, void 0, void 0, function* () {
const version = yield findMatch(versionSpec, arch);
@ -93521,7 +93555,6 @@ function findMatch(versionSpec_1) {
return result;
});
}
exports.findMatch = findMatch;
function getVersionsDist(dlUrl) {
return __awaiter(this, void 0, void 0, function* () {
// this returns versions descending so latest is first
@ -93532,7 +93565,6 @@ function getVersionsDist(dlUrl) {
return (yield http.getJson(dlUrl)).result;
});
}
exports.getVersionsDist = getVersionsDist;
//
// Convert the go version syntax into semver for semver matching
// 1.13.1 => 1.13.1
@ -93557,7 +93589,6 @@ function makeSemver(version) {
}
return fullVersion;
}
exports.makeSemver = makeSemver;
function parseGoVersionFile(versionFilePath) {
const contents = fs_1.default.readFileSync(versionFilePath).toString();
if (path.basename(versionFilePath) === 'go.mod' ||
@ -93567,7 +93598,6 @@ function parseGoVersionFile(versionFilePath) {
}
return contents.trim();
}
exports.parseGoVersionFile = parseGoVersionFile;
function resolveStableVersionDist(versionSpec, arch) {
return __awaiter(this, void 0, void 0, function* () {
const archFilter = sys.getArch(arch);
@ -93606,7 +93636,6 @@ function resolveStableVersionInput(versionSpec, arch, platform, manifest) {
}
});
}
exports.resolveStableVersionInput = resolveStableVersionInput;
/***/ }),
@ -93632,13 +93661,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
};
})();
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
@ -93652,7 +93691,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.parseGoVersion = exports.addBinToPath = exports.run = void 0;
exports.run = run;
exports.addBinToPath = addBinToPath;
exports.parseGoVersion = parseGoVersion;
const core = __importStar(__nccwpck_require__(2186));
const io = __importStar(__nccwpck_require__(7436));
const installer = __importStar(__nccwpck_require__(2574));
@ -93726,7 +93767,6 @@ function run() {
}
});
}
exports.run = run;
function addBinToPath() {
return __awaiter(this, void 0, void 0, function* () {
let added = false;
@ -93756,7 +93796,6 @@ function addBinToPath() {
return added;
});
}
exports.addBinToPath = addBinToPath;
function parseGoVersion(versionString) {
// get the installed version as an Action output
// based on go/src/cmd/go/internal/version/version.go:
@ -93764,7 +93803,6 @@ function parseGoVersion(versionString) {
// expecting go<version> for runtime.Version()
return versionString.split(' ')[2].slice('go'.length);
}
exports.parseGoVersion = parseGoVersion;
function resolveVersionInput() {
let version = core.getInput('go-version');
const versionFilePath = core.getInput('go-version-file');
@ -93812,7 +93850,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.getArch = exports.getPlatform = void 0;
exports.getPlatform = getPlatform;
exports.getArch = getArch;
const os_1 = __importDefault(__nccwpck_require__(2037));
function getPlatform() {
// darwin and linux match already
@ -93825,7 +93864,6 @@ function getPlatform() {
}
return plat;
}
exports.getPlatform = getPlatform;
function getArch(arch) {
// 'arm', 'arm64', 'ia32', 'mips', 'mipsel', 'ppc', 'ppc64', 's390', 's390x', 'x32', and 'x64'.
// wants amd64, 386, arm64, armv61, ppc641e, s390x
@ -93846,7 +93884,6 @@ function getArch(arch) {
}
return arch;
}
exports.getArch = getArch;
/***/ }),

19
package-lock.json generated
View File

@ -1959,9 +1959,9 @@
}
},
"node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
"integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
"integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
"dev": true,
"license": "MIT",
"dependencies": {
@ -2315,9 +2315,10 @@
"integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="
},
"node_modules/brace-expansion": {
"version": "1.1.11",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
"integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
"version": "1.1.12",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
"integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
"license": "MIT",
"dependencies": {
"balanced-match": "^1.0.0",
"concat-map": "0.0.1"
@ -3281,9 +3282,9 @@
}
},
"node_modules/filelist/node_modules/brace-expansion": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
"integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
"integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
"dev": true,
"license": "MIT",
"dependencies": {