From 56d96e897eb0d8e3cfa92e7903dfbb1ba6c6cacb Mon Sep 17 00:00:00 2001 From: Vladimir Safonkin Date: Thu, 15 Apr 2021 13:28:24 +0300 Subject: [PATCH 1/5] Improve key names validation for keys from user nuget config --- src/authutil.ts | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/authutil.ts b/src/authutil.ts index 463f0d3..218166f 100644 --- a/src/authutil.ts +++ b/src/authutil.ts @@ -25,6 +25,12 @@ export function configAuthentication( writeFeedToFile(feedUrl, existingNuGetConfig, tempNuGetConfig); } +function isValidKey( + key: string +): boolean { + return /^[0-9\w\-\_\.]+$/i.test(key); +} + function writeFeedToFile( feedUrl: string, existingFileLocation: string, @@ -109,9 +115,9 @@ function writeFeedToFile( xml = xml.ele('packageSourceCredentials'); sourceKeys.forEach(key => { - if (key.indexOf(' ') > -1) { + if (!isValidKey(key)) { throw new Error( - "This action currently can't handle source names with spaces. Remove the space from your repo's NuGet.config and try again." + "Source name can contain letters, numbers, and '-', '_', '.' symbols only, Please, fix source name in NuGet.config and try again." ); } From f9d7f16c0097351003dda0b454255f12bcac7d04 Mon Sep 17 00:00:00 2001 From: Vladimir Safonkin Date: Thu, 15 Apr 2021 13:30:04 +0300 Subject: [PATCH 2/5] Improve key names validation for keys from user nuget config --- src/authutil.ts | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/authutil.ts b/src/authutil.ts index 218166f..d94bf3b 100644 --- a/src/authutil.ts +++ b/src/authutil.ts @@ -25,9 +25,7 @@ export function configAuthentication( writeFeedToFile(feedUrl, existingNuGetConfig, tempNuGetConfig); } -function isValidKey( - key: string -): boolean { +function isValidKey(key: string): boolean { return /^[0-9\w\-\_\.]+$/i.test(key); } From 596753d72c1d75b2225f1078cdd974131c8b3726 Mon Sep 17 00:00:00 2001 From: Vladimir Safonkin Date: Thu, 15 Apr 2021 13:43:20 +0300 Subject: [PATCH 3/5] Minor fix --- src/authutil.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/authutil.ts b/src/authutil.ts index d94bf3b..e7e35b0 100644 --- a/src/authutil.ts +++ b/src/authutil.ts @@ -115,7 +115,7 @@ function writeFeedToFile( sourceKeys.forEach(key => { if (!isValidKey(key)) { throw new Error( - "Source name can contain letters, numbers, and '-', '_', '.' symbols only, Please, fix source name in NuGet.config and try again." + "Source name can contain letters, numbers, and '-', '_', '.' symbols only. Please, fix source name in NuGet.config and try again." ); } From 3b539379a873dc082ea175c5330c4115ac4301ba Mon Sep 17 00:00:00 2001 From: Vladimir Safonkin Date: Thu, 15 Apr 2021 13:44:48 +0300 Subject: [PATCH 4/5] Minor fix --- src/authutil.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/authutil.ts b/src/authutil.ts index e7e35b0..faf98ab 100644 --- a/src/authutil.ts +++ b/src/authutil.ts @@ -26,7 +26,7 @@ export function configAuthentication( } function isValidKey(key: string): boolean { - return /^[0-9\w\-\_\.]+$/i.test(key); + return /^[\w\-\.]+$/i.test(key); } function writeFeedToFile( From b81836a248209f4b7c6a619e301a5bc52962f210 Mon Sep 17 00:00:00 2001 From: Vladimir Safonkin Date: Thu, 15 Apr 2021 13:57:21 +0300 Subject: [PATCH 5/5] Fix index.js --- dist/index.js | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/dist/index.js b/dist/index.js index 15f8a3b..6ef97ad 100644 --- a/dist/index.js +++ b/dist/index.js @@ -4845,6 +4845,9 @@ function configAuthentication(feedUrl, existingFileLocation = '', processRoot = writeFeedToFile(feedUrl, existingNuGetConfig, tempNuGetConfig); } exports.configAuthentication = configAuthentication; +function isValidKey(key) { + return /^[\w\-\.]+$/i.test(key); +} function writeFeedToFile(feedUrl, existingFileLocation, tempFileLocation) { console.log(`dotnet-auth: Finding any source references in ${existingFileLocation}, writing a new temporary configuration file with credentials to ${tempFileLocation}`); let xml; @@ -4910,8 +4913,8 @@ function writeFeedToFile(feedUrl, existingFileLocation, tempFileLocation) { } xml = xml.ele('packageSourceCredentials'); sourceKeys.forEach(key => { - if (key.indexOf(' ') > -1) { - throw new Error("This action currently can't handle source names with spaces. Remove the space from your repo's NuGet.config and try again."); + if (!isValidKey(key)) { + throw new Error("Source name can contain letters, numbers, and '-', '_', '.' symbols only. Please, fix source name in NuGet.config and try again."); } xml = xml .ele(key)