From 312555a5b9871beea1d7ae2e3e94b9ab88b2a162 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 11:57:00 -0600 Subject: [PATCH] Bump undici from 5.28.4 to 5.28.5 (#596) * Bump undici from 5.28.4 to 5.28.5 Bumps [undici](https://github.com/nodejs/undici) from 5.28.4 to 5.28.5. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.28.4...v5.28.5) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] * fix for the check failures * fix for licensed check failure --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aparna Jyothi --- .licenses/npm/@fastify/busboy.dep.yml | Bin 1319 -> 1319 bytes .licenses/npm/undici.dep.yml | Bin 1396 -> 1396 bytes dist/cache-save/index.js | 34 +++++++++++++++++++++----- dist/setup/index.js | 34 +++++++++++++++++++++----- package-lock.json | 17 +++++++------ 5 files changed, 66 insertions(+), 19 deletions(-) diff --git a/.licenses/npm/@fastify/busboy.dep.yml b/.licenses/npm/@fastify/busboy.dep.yml index 51267ac9fc9b09a1ca17f33bb01a8189fc2fed79..817d644a05ca715155fb1c76ec28814252f22b15 100644 GIT binary patch delta 12 TcmZ3^wVZ2$CZpj-t-mY)8wdm{ delta 12 TcmZ3^wVZ2$CZoYdt-mY)8v_I> diff --git a/.licenses/npm/undici.dep.yml b/.licenses/npm/undici.dep.yml index cc74a6d2dafa7bc3a78a6bc451e5b57672ac0514..961089c6539002815e4cb02802c7de40242b34f4 100644 GIT binary patch delta 12 Tcmeyu^@VGKJfrDGg%DN%AO!>r delta 12 Tcmeyu^@VGKJfq1*g%DN%AOHjl diff --git a/dist/cache-save/index.js b/dist/cache-save/index.js index cc27390..89265d8 100644 --- a/dist/cache-save/index.js +++ b/dist/cache-save/index.js @@ -70284,6 +70284,14 @@ const { isUint8Array, isArrayBuffer } = __nccwpck_require__(9830) const { File: UndiciFile } = __nccwpck_require__(8511) const { parseMIMEType, serializeAMimeType } = __nccwpck_require__(685) +let random +try { + const crypto = __nccwpck_require__(6005) + random = (max) => crypto.randomInt(0, max) +} catch { + random = (max) => Math.floor(Math.random(max)) +} + let ReadableStream = globalThis.ReadableStream /** @type {globalThis['File']} */ @@ -70369,7 +70377,7 @@ function extractBody (object, keepalive = false) { // Set source to a copy of the bytes held by object. source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength)) } else if (util.isFormDataLike(object)) { - const boundary = `----formdata-undici-0${`${Math.floor(Math.random() * 1e11)}`.padStart(11, '0')}` + const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}` const prefix = `--${boundary}\r\nContent-Disposition: form-data` /*! formdata-polyfill. MIT License. Jimmy Wärting */ @@ -89743,6 +89751,14 @@ module.exports = require("net"); /***/ }), +/***/ 6005: +/***/ ((module) => { + +"use strict"; +module.exports = require("node:crypto"); + +/***/ }), + /***/ 5673: /***/ ((module) => { @@ -89979,7 +89995,7 @@ Dicer.prototype._write = function (data, encoding, cb) { if (this._headerFirst && this._isPreamble) { if (!this._part) { this._part = new PartStream(this._partOpts) - if (this._events.preamble) { this.emit('preamble', this._part) } else { this._ignore() } + if (this.listenerCount('preamble') !== 0) { this.emit('preamble', this._part) } else { this._ignore() } } const r = this._hparser.push(data) if (!this._inHeader && r !== undefined && r < data.length) { data = data.slice(r) } else { return cb() } @@ -90036,7 +90052,7 @@ Dicer.prototype._oninfo = function (isMatch, data, start, end) { } } if (this._dashes === 2) { - if ((start + i) < end && this._events.trailer) { this.emit('trailer', data.slice(start + i, end)) } + if ((start + i) < end && this.listenerCount('trailer') !== 0) { this.emit('trailer', data.slice(start + i, end)) } this.reset() this._finished = true // no more parts will be added @@ -90054,7 +90070,13 @@ Dicer.prototype._oninfo = function (isMatch, data, start, end) { this._part._read = function (n) { self._unpause() } - if (this._isPreamble && this._events.preamble) { this.emit('preamble', this._part) } else if (this._isPreamble !== true && this._events.part) { this.emit('part', this._part) } else { this._ignore() } + if (this._isPreamble && this.listenerCount('preamble') !== 0) { + this.emit('preamble', this._part) + } else if (this._isPreamble !== true && this.listenerCount('part') !== 0) { + this.emit('part', this._part) + } else { + this._ignore() + } if (!this._isPreamble) { this._inHeader = true } } if (data && start < end && !this._ignoreData) { @@ -90737,7 +90759,7 @@ function Multipart (boy, cfg) { ++nfiles - if (!boy._events.file) { + if (boy.listenerCount('file') === 0) { self.parser._ignore() return } @@ -91266,7 +91288,7 @@ const decoders = { if (textDecoders.has(this.toString())) { try { return textDecoders.get(this).decode(data) - } catch (e) { } + } catch {} } return typeof data === 'string' ? data diff --git a/dist/setup/index.js b/dist/setup/index.js index 8047d99..395ec6a 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -82502,6 +82502,14 @@ const { isUint8Array, isArrayBuffer } = __nccwpck_require__(9830) const { File: UndiciFile } = __nccwpck_require__(8511) const { parseMIMEType, serializeAMimeType } = __nccwpck_require__(685) +let random +try { + const crypto = __nccwpck_require__(6005) + random = (max) => crypto.randomInt(0, max) +} catch { + random = (max) => Math.floor(Math.random(max)) +} + let ReadableStream = globalThis.ReadableStream /** @type {globalThis['File']} */ @@ -82587,7 +82595,7 @@ function extractBody (object, keepalive = false) { // Set source to a copy of the bytes held by object. source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength)) } else if (util.isFormDataLike(object)) { - const boundary = `----formdata-undici-0${`${Math.floor(Math.random() * 1e11)}`.padStart(11, '0')}` + const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}` const prefix = `--${boundary}\r\nContent-Disposition: form-data` /*! formdata-polyfill. MIT License. Jimmy Wärting */ @@ -102698,6 +102706,14 @@ module.exports = require("net"); /***/ }), +/***/ 6005: +/***/ ((module) => { + +"use strict"; +module.exports = require("node:crypto"); + +/***/ }), + /***/ 5673: /***/ ((module) => { @@ -102942,7 +102958,7 @@ Dicer.prototype._write = function (data, encoding, cb) { if (this._headerFirst && this._isPreamble) { if (!this._part) { this._part = new PartStream(this._partOpts) - if (this._events.preamble) { this.emit('preamble', this._part) } else { this._ignore() } + if (this.listenerCount('preamble') !== 0) { this.emit('preamble', this._part) } else { this._ignore() } } const r = this._hparser.push(data) if (!this._inHeader && r !== undefined && r < data.length) { data = data.slice(r) } else { return cb() } @@ -102999,7 +103015,7 @@ Dicer.prototype._oninfo = function (isMatch, data, start, end) { } } if (this._dashes === 2) { - if ((start + i) < end && this._events.trailer) { this.emit('trailer', data.slice(start + i, end)) } + if ((start + i) < end && this.listenerCount('trailer') !== 0) { this.emit('trailer', data.slice(start + i, end)) } this.reset() this._finished = true // no more parts will be added @@ -103017,7 +103033,13 @@ Dicer.prototype._oninfo = function (isMatch, data, start, end) { this._part._read = function (n) { self._unpause() } - if (this._isPreamble && this._events.preamble) { this.emit('preamble', this._part) } else if (this._isPreamble !== true && this._events.part) { this.emit('part', this._part) } else { this._ignore() } + if (this._isPreamble && this.listenerCount('preamble') !== 0) { + this.emit('preamble', this._part) + } else if (this._isPreamble !== true && this.listenerCount('part') !== 0) { + this.emit('part', this._part) + } else { + this._ignore() + } if (!this._isPreamble) { this._inHeader = true } } if (data && start < end && !this._ignoreData) { @@ -103700,7 +103722,7 @@ function Multipart (boy, cfg) { ++nfiles - if (!boy._events.file) { + if (boy.listenerCount('file') === 0) { self.parser._ignore() return } @@ -104229,7 +104251,7 @@ const decoders = { if (textDecoders.has(this.toString())) { try { return textDecoders.get(this).decode(data) - } catch (e) { } + } catch {} } return typeof data === 'string' ? data diff --git a/package-lock.json b/package-lock.json index e2072ef..a57385e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -18,7 +18,8 @@ "@actions/io": "^1.0.2", "fast-xml-parser": "^4.4.1", "json5": "^2.2.3", - "semver": "^7.6.0" + "semver": "^7.6.0", + "undici": "^5.28.5" }, "devDependencies": { "@types/jest": "^29.5.12", @@ -1033,9 +1034,10 @@ } }, "node_modules/@fastify/busboy": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@fastify/busboy/-/busboy-2.1.0.tgz", - "integrity": "sha512-+KpH+QxZU7O4675t3mnkQKcZZg56u+K/Ct2K+N2AZYNVK8kyeo/bI18tI8aPm3tvNNRyTWfj6s5tnGNlcbQRsA==", + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/@fastify/busboy/-/busboy-2.1.1.tgz", + "integrity": "sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA==", + "license": "MIT", "engines": { "node": ">=14" } @@ -6024,9 +6026,10 @@ } }, "node_modules/undici": { - "version": "5.28.4", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz", - "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==", + "version": "5.28.5", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.5.tgz", + "integrity": "sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==", + "license": "MIT", "dependencies": { "@fastify/busboy": "^2.0.0" },