From d3b37e3d0d00b46af4771a18517c0c21b468e60e Mon Sep 17 00:00:00 2001 From: Shivam Mathur Date: Tue, 17 Mar 2020 05:58:55 +0530 Subject: [PATCH 1/4] Add SECURITY.md --- .github/SECURITY.md | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/SECURITY.md diff --git a/.github/SECURITY.md b/.github/SECURITY.md new file mode 100644 index 00000000..08f0e5c9 --- /dev/null +++ b/.github/SECURITY.md @@ -0,0 +1,30 @@ +# Security Policy + +## Supported Versions + +The following versions of this project are supported for security updates. + +| Version | Supported | +| ------- | ------------------ | +| 1.8.x | :white_check_mark: | +| 2.1.x | :white_check_mark: | + +## Supported PHP Versions + +This security policy only applies to the latest patches of the following PHP versions. + +| Version | Supported | +| ------- | ------------------ | +| 7.2 | :white_check_mark: | +| 7.3 | :white_check_mark: | +| 7.4 | :white_check_mark: | +| 8.0 | :white_check_mark: | + +## Reporting a Vulnerability + +If you have found any issues that might have security implications in the versions supported, please send a report privately to [contact@shivammathur.com](mailto:contact@shivammathur.com) +Do not report security reports publicly. + +## Tidelift + +If you use this GitHub Action through a Tidelift subscription, please refer to [https://tidelift.com/security](https://tidelift.com/security). \ No newline at end of file From a6533acdd40bae64988c8e907602b6d2fd462ffc Mon Sep 17 00:00:00 2001 From: Shivam Mathur Date: Tue, 17 Mar 2020 06:00:13 +0530 Subject: [PATCH 2/4] Update FUNDING.yml --- .github/FUNDING.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index 07da43fb..acf31d4e 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,6 +1,6 @@ # These are supported funding model platforms -github: shivammathur +tidelift: "npm/setup-php" community_bridge: setup-php issuehunt: shivammathur patreon: shivammathur From ba69b25cab0b499ddec90e411047ec2c5e932caf Mon Sep 17 00:00:00 2001 From: Shivam Mathur Date: Mon, 16 Mar 2020 11:18:01 +0530 Subject: [PATCH 3/4] Install PhpManager from GitHub repo --- src/scripts/win32.ps1 | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/scripts/win32.ps1 b/src/scripts/win32.ps1 index 185a1d99..fc42ce08 100644 --- a/src/scripts/win32.ps1 +++ b/src/scripts/win32.ps1 @@ -20,6 +20,18 @@ Function Add-Log($mark, $subject, $message) { printf "\033[%s;1m%s \033[0m\033[34;1m%s \033[0m\033[90;1m%s \033[0m\n" $code $mark $subject $message } +Function Install-PhpManager() { + $repo = "mlocati/powershell-phpmanager" + $zip_file = "$php_dir\PhpManager.zip" + $tags = Invoke-WebRequest https://api.github.com/repos/$repo/tags | ConvertFrom-Json + $tag = $tags[0].Name + $module_path = "$php_dir\PhpManager\powershell-phpmanager-$tag\PhpManager" + Invoke-WebRequest -UseBasicParsing -Uri https://github.com/$repo/archive/$tag.zip -OutFile $zip_file + Expand-Archive -Path $zip_file -DestinationPath $php_dir\PhpManager + Import-Module $module_path + Add-Content -Path $PsHome\profile.ps1 -Value "Import-Module $module_path" +} + Function Add-Extension { Param ( [Parameter(Position = 0, Mandatory = $true)] @@ -204,7 +216,7 @@ if((Test-Path env:PHPTS) -and $env:PHPTS -eq 'ts') { } Step-Log "Setup PhpManager" -Install-Module -Name PhpManager -Force -Scope CurrentUser +Install-PhpManager >$null 2>&1 Add-Log $tick "PhpManager" "Installed" $installed = $null From b9a78a31fb24d84ac0c764ff9d4552496063153d Mon Sep 17 00:00:00 2001 From: Shivam Mathur Date: Wed, 18 Mar 2020 13:02:24 +0530 Subject: [PATCH 4/4] Bump version to 2.1.3 --- package-lock.json | 92 ++++++++++++++++++----------------------------- package.json | 6 ++-- 2 files changed, 38 insertions(+), 60 deletions(-) diff --git a/package-lock.json b/package-lock.json index f530a772..cd232011 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "setup-php", - "version": "2.1.2", + "version": "2.1.3", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -291,14 +291,6 @@ "requires": { "exec-sh": "^0.3.2", "minimist": "^1.2.0" - }, - "dependencies": { - "minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - } } }, "@istanbuljs/load-nyc-config": { @@ -711,12 +703,12 @@ "dev": true }, "@typescript-eslint/eslint-plugin": { - "version": "2.23.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-2.23.0.tgz", - "integrity": "sha512-8iA4FvRsz8qTjR0L/nK9RcRUN3QtIHQiOm69FzV7WS3SE+7P7DyGGwh3k4UNR2JBbk+Ej2Io+jLAaqKibNhmtw==", + "version": "2.24.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-2.24.0.tgz", + "integrity": "sha512-wJRBeaMeT7RLQ27UQkDFOu25MqFOBus8PtOa9KaT5ZuxC1kAsd7JEHqWt4YXuY9eancX0GK9C68i5OROnlIzBA==", "dev": true, "requires": { - "@typescript-eslint/experimental-utils": "2.23.0", + "@typescript-eslint/experimental-utils": "2.24.0", "eslint-utils": "^1.4.3", "functional-red-black-tree": "^1.0.1", "regexpp": "^3.0.0", @@ -724,32 +716,32 @@ } }, "@typescript-eslint/experimental-utils": { - "version": "2.23.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-2.23.0.tgz", - "integrity": "sha512-OswxY59RcXH3NNPmq+4Kis2CYZPurRU6mG5xPcn24CjFyfdVli5mySwZz/g/xDbJXgDsYqNGq7enV0IziWGXVQ==", + "version": "2.24.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-2.24.0.tgz", + "integrity": "sha512-DXrwuXTdVh3ycNCMYmWhUzn/gfqu9N0VzNnahjiDJvcyhfBy4gb59ncVZVxdp5XzBC77dCncu0daQgOkbvPwBw==", "dev": true, "requires": { "@types/json-schema": "^7.0.3", - "@typescript-eslint/typescript-estree": "2.23.0", + "@typescript-eslint/typescript-estree": "2.24.0", "eslint-scope": "^5.0.0" } }, "@typescript-eslint/parser": { - "version": "2.23.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-2.23.0.tgz", - "integrity": "sha512-k61pn/Nepk43qa1oLMiyqApC6x5eP5ddPz6VUYXCAuXxbmRLqkPYzkFRKl42ltxzB2luvejlVncrEpflgQoSUg==", + "version": "2.24.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-2.24.0.tgz", + "integrity": "sha512-H2Y7uacwSSg8IbVxdYExSI3T7uM1DzmOn2COGtCahCC3g8YtM1xYAPi2MAHyfPs61VKxP/J/UiSctcRgw4G8aw==", "dev": true, "requires": { "@types/eslint-visitor-keys": "^1.0.0", - "@typescript-eslint/experimental-utils": "2.23.0", - "@typescript-eslint/typescript-estree": "2.23.0", + "@typescript-eslint/experimental-utils": "2.24.0", + "@typescript-eslint/typescript-estree": "2.24.0", "eslint-visitor-keys": "^1.1.0" } }, "@typescript-eslint/typescript-estree": { - "version": "2.23.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-2.23.0.tgz", - "integrity": "sha512-pmf7IlmvXdlEXvE/JWNNJpEvwBV59wtJqA8MLAxMKLXNKVRC3HZBXR/SlZLPWTCcwOSg9IM7GeRSV3SIerGVqw==", + "version": "2.24.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-2.24.0.tgz", + "integrity": "sha512-RJ0yMe5owMSix55qX7Mi9V6z2FDuuDpN6eR5fzRJrp+8in9UF41IGNQHbg5aMK4/PjVaEQksLvz0IA8n+Mr/FA==", "dev": true, "requires": { "debug": "^4.1.1", @@ -3673,20 +3665,12 @@ "dev": true }, "json5": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.1.1.tgz", - "integrity": "sha512-l+3HXD0GEI3huGq1njuqtzYK8OYJyXMkOLtQ53pjWh89tvWS2h6l+1zMkYWqlb57+SiQodKZyvMEFb2X+KrFhQ==", + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.1.2.tgz", + "integrity": "sha512-MoUOQ4WdiN3yxhm7NEVJSJrieAo5hNSLQ5sj05OTRHPL9HOBy8u4Bu88jsC1jvqAdN+E1bJmsUcZH+1HQxliqQ==", "dev": true, "requires": { - "minimist": "^1.2.0" - }, - "dependencies": { - "minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - } + "minimist": "^1.2.5" } }, "jsprim": { @@ -3870,9 +3854,9 @@ } }, "minimist": { - "version": "0.0.8", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz", - "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0=", + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", "dev": true }, "mixin-deep": { @@ -3897,12 +3881,12 @@ } }, "mkdirp": { - "version": "0.5.1", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz", - "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=", + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.3.tgz", + "integrity": "sha512-P+2gwrFqx8lhew375MQHHeTlY8AuOJSrGf0R5ddkEndUkmwpgUob/vQuBD1V22/Cw1/lJr4x+EjllSezBThzBg==", "dev": true, "requires": { - "minimist": "0.0.8" + "minimist": "^1.2.5" } }, "ms": { @@ -4781,12 +4765,6 @@ "to-regex": "^3.0.2" } }, - "minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", - "dev": true - }, "normalize-path": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-2.1.1.tgz", @@ -5893,9 +5871,9 @@ } }, "yargs": { - "version": "15.3.0", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-15.3.0.tgz", - "integrity": "sha512-g/QCnmjgOl1YJjGsnUg2SatC7NUYEiLXJqxNOQU9qSpjzGtGXda9b+OKccr1kLTy8BN9yqEyqfq5lxlwdc13TA==", + "version": "15.3.1", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-15.3.1.tgz", + "integrity": "sha512-92O1HWEjw27sBfgmXiixJWT5hRBp2eobqXicLtPBIDBhYB+1HpwZlXmbW2luivBJHBzki+7VyCLRtAkScbTBQA==", "dev": true, "requires": { "cliui": "^6.0.0", @@ -5908,7 +5886,7 @@ "string-width": "^4.2.0", "which-module": "^2.0.0", "y18n": "^4.0.0", - "yargs-parser": "^18.1.0" + "yargs-parser": "^18.1.1" }, "dependencies": { "find-up": { @@ -5963,9 +5941,9 @@ } }, "yargs-parser": { - "version": "18.1.0", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-18.1.0.tgz", - "integrity": "sha512-o/Jr6JBOv6Yx3pL+5naWSoIA2jJ+ZkMYQG/ie9qFbukBe4uzmBatlXFOiu/tNKRWEtyf+n5w7jc/O16ufqOTdQ==", + "version": "18.1.1", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-18.1.1.tgz", + "integrity": "sha512-KRHEsOM16IX7XuLnMOqImcPNbLVXMNHYAoFc3BKR8Ortl5gzDbtXvvEoGx9imk5E+X1VeNKNlcHr8B8vi+7ipA==", "dev": true, "requires": { "camelcase": "^5.0.0", diff --git a/package.json b/package.json index 08d4bb89..4e65753a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "setup-php", - "version": "2.1.2", + "version": "2.1.3", "private": false, "description": "Setup PHP for use with GitHub Actions", "main": "dist/index.js", @@ -32,8 +32,8 @@ "devDependencies": { "@types/jest": "^25.1.4", "@types/node": "^13.9.1", - "@typescript-eslint/eslint-plugin": "^2.23.0", - "@typescript-eslint/parser": "^2.23.0", + "@typescript-eslint/eslint-plugin": "^2.24.0", + "@typescript-eslint/parser": "^2.24.0", "@zeit/ncc": "^0.21.1", "eslint": "^6.8.0", "eslint-config-prettier": "^6.10.0",