actions/setup-php
1
0
Fork 0
mirror of https://github.com/shivammathur/setup-php.git synced 2026-05-15 09:57:44 +07:00
Code Issues Packages Projects Releases Wiki Activity

GHSA-pqwm-q9pv-ph8r - Fix CWE-78 [skip ci]

Browse Source 
Co-Authored-By: maki <amarrec@quarkslab.com>
This commit is contained in:
Shivam Mathur
2026-05-14 03:56:37 +05:30
parent 6eb42c595e
commit 10e197b409
11 changed files with 237 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
__tests__/tools.test.ts
View File

@@ -187,6 +187,7 @@ describe('Tools tests', () => {
${'1.2.3-dev'} | ${'tool'} | ${'phar'} | ${'1.2.3-dev'}
${'1.2.3-alpha1'} | ${'tool'} | ${'phar'} | ${'1.2.3-alpha1'}
${'1.2.3-alpha.1'} | ${'tool'} | ${'phar'} | ${'1.2.3-alpha.1'}
${'1.>=0'} | ${'tool'} | ${'phar'} | ${'1.0'}
`(
'checking getVersion: $version, $tool, $type',
async ({version, tool, type, expected}) => {
@@ -321,6 +322,28 @@ describe('Tools tests', () => {
expect(await tools.addPackage(data)).toContain(script);
});
it.each`
release | os | expected
${'tool:>=1.2'} | ${'linux'} | ${'add_composer_tool tool "tool:>=1.2" user/ global'}
${'tool:1.*'} | ${'linux'} | ${'add_composer_tool tool "tool:1.*" user/ global'}
${'tool:>=1.2'} | ${'win32'} | ${'Add-ComposerTool tool "tool:>=1.2" user/ global'}
${'psalm:^5||^6'} | ${'linux'} | ${'add_composer_tool tool "psalm:^5||^6" user/ global'}
${'psalm:>=5,<6'} | ${'linux'} | ${'add_composer_tool tool "psalm:>=5,<6" user/ global'}
`(
'addPackage quotes constraint operators: $release, $os',
async ({release, os, expected}) => {
const data = getData({
tool: 'tool',
version: '>=1.2',
repository: 'user/tool',
os: os,
scope: 'global'
});
data['release'] = release;
expect(await tools.addPackage(data)).toContain(expected);
}
);
it.each`
version | php_version | os | script
${'latest'} | ${'8.0'} | ${'linux'} | ${'add_tool https://github.com/phar-io/phive/releases/download/3.2.1/phive-3.2.1.phar phive'}
@@ -651,7 +674,7 @@ describe('Tools tests', () => {
'add_devtools phpize',
'add_tool https://github.com/phpmd/phpmd/releases/latest/download/phpmd.phar phpmd "--version"',
'add_tool https://github.com/phpspec/phpspec/releases/latest/download/phpspec.phar phpspec "-V"',
'add_composer_tool phpunit-bridge phpunit-bridge:5.6.* symfony/ global',
'add_composer_tool phpunit-bridge "phpunit-bridge:5.6.*" symfony/ global',
'add_composer_tool phpunit-polyfills phpunit-polyfills:1.0.1 yoast/ global',
'add_protoc 1.2.3',
'add_tool https://github.com/vimeo/psalm/releases/latest/download/psalm.phar psalm "-v"',
@@ -711,7 +734,7 @@ describe('Tools tests', () => {
'Add-ComposerTool codeception codeception codeception/ global',
'Add-ComposerTool prestissimo prestissimo hirak/ global',
'Add-ComposerTool automatic-composer-prefetcher automatic-composer-prefetcher narrowspark/ global',
'Add-ComposerTool phinx phinx:1.2.* robmorgan/ scoped',
'Add-ComposerTool phinx "phinx:1.2.*" robmorgan/ scoped',
'Add-ComposerTool phinx phinx:^1.2 robmorgan/ global',
'Add-ComposerTool tool tool:1.2.3 user/ global',
'Add-ComposerTool tool tool:~1.2 user/ global'