From 1ff1dea6a9d1de5b4795e5314291e04acc63c38b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 2 Mar 2025 17:13:18 -0800
Subject: [PATCH 1/2] fix(deps): bump the production-dependencies group with 2
updates (#210)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps the production-dependencies group with 2 updates:
[@octokit/auth-app](https://github.com/octokit/auth-app.js) and
[undici](https://github.com/nodejs/undici).
Updates `@octokit/auth-app` from 7.1.4 to 7.1.5
Release notes
Sourced from @octokit/auth-app's
releases.
v7.1.5
7.1.5
(2025-02-15)
Bug Fixes
- deps: update octokit dependencies to mitigate ReDos
vulnerability [security] (#678)
(499d1f6)
Commits
499d1f6
fix(deps): update octokit dependencies to mitigate ReDos vulnerability
[secur...d971a53
chore(deps): update dependency prettier to v3.5.1 (#673)b68bbc3
chore(deps): update dependency esbuild to ^0.25.0 (#672)7e719d4
build(deps-dev): bump vitest, @vitest/coverage-v8 and
@vitest/ui (#671)08dd3cf
build(deps): lock file maintenance (#670)870cb26
build(deps-dev): bump vite from 5.4.11 to 5.4.14 (#669)e64d718
build(deps): lock file maintenance (#668)f20db49
build(deps): lock file maintenance (#666)7e34dce
build(deps): lock file maintenance (#664)- See full diff in compare
view
Updates `undici` from 7.3.0 to 7.4.0
Release notes
Sourced from undici's
releases.
v7.4.0
What's Changed
New Contributors
Full Changelog: https://github.com/nodejs/undici/compare/v7.3.0...v7.4.0
Commits
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore ` will
remove the ignore condition of the specified dependency and ignore
conditions
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
package-lock.json | 90 ++++++++++++++++++++++++-----------------------
package.json | 4 +--
2 files changed, 48 insertions(+), 46 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 213a9c8..4a957f0 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,19 +1,19 @@
{
"name": "create-github-app-token",
- "version": "1.11.4",
+ "version": "1.11.5",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "create-github-app-token",
- "version": "1.11.4",
+ "version": "1.11.5",
"license": "MIT",
"dependencies": {
"@actions/core": "^1.11.1",
- "@octokit/auth-app": "^7.1.4",
+ "@octokit/auth-app": "^7.1.5",
"@octokit/request": "^9.2.2",
"p-retry": "^6.2.1",
- "undici": "^7.3.0"
+ "undici": "^7.4.0"
},
"devDependencies": {
"@sinonjs/fake-timers": "^14.0.0",
@@ -670,16 +670,16 @@
}
},
"node_modules/@octokit/auth-app": {
- "version": "7.1.4",
- "resolved": "https://registry.npmjs.org/@octokit/auth-app/-/auth-app-7.1.4.tgz",
- "integrity": "sha512-5F+3l/maq9JfWQ4bV28jT2G/K8eu9OJ317yzXPTGe4Kw+lKDhFaS4dQ3Ltmb6xImKxfCQdqDqMXODhc9YLipLw==",
+ "version": "7.1.5",
+ "resolved": "https://registry.npmjs.org/@octokit/auth-app/-/auth-app-7.1.5.tgz",
+ "integrity": "sha512-boklS4E6LpbA3nRx+SU2fRKRGZJdOGoSZne/i3Y0B5rfHOcGwFgcXrwDLdtbv4igfDSnAkZaoNBv1GYjPDKRNw==",
"license": "MIT",
"dependencies": {
- "@octokit/auth-oauth-app": "^8.1.2",
- "@octokit/auth-oauth-user": "^5.1.2",
- "@octokit/request": "^9.1.4",
- "@octokit/request-error": "^6.1.6",
- "@octokit/types": "^13.6.2",
+ "@octokit/auth-oauth-app": "^8.1.3",
+ "@octokit/auth-oauth-user": "^5.1.3",
+ "@octokit/request": "^9.2.1",
+ "@octokit/request-error": "^6.1.7",
+ "@octokit/types": "^13.8.0",
"toad-cache": "^3.7.0",
"universal-github-app-jwt": "^2.2.0",
"universal-user-agent": "^7.0.0"
@@ -689,14 +689,14 @@
}
},
"node_modules/@octokit/auth-oauth-app": {
- "version": "8.1.2",
- "resolved": "https://registry.npmjs.org/@octokit/auth-oauth-app/-/auth-oauth-app-8.1.2.tgz",
- "integrity": "sha512-3woNZgq5/S6RS+9ZTq+JdymxVr7E0s4EYxF20ugQvgX3pomdPUL5r/XdTY9wALoBM2eHVy4ettr5fKpatyTyHw==",
+ "version": "8.1.3",
+ "resolved": "https://registry.npmjs.org/@octokit/auth-oauth-app/-/auth-oauth-app-8.1.3.tgz",
+ "integrity": "sha512-4e6OjVe5rZ8yBe8w7byBjpKtSXFuro7gqeGAAZc7QYltOF8wB93rJl2FE0a4U1Mt88xxPv/mS+25/0DuLk0Ewg==",
"license": "MIT",
"dependencies": {
- "@octokit/auth-oauth-device": "^7.1.2",
- "@octokit/auth-oauth-user": "^5.1.2",
- "@octokit/request": "^9.1.4",
+ "@octokit/auth-oauth-device": "^7.1.3",
+ "@octokit/auth-oauth-user": "^5.1.3",
+ "@octokit/request": "^9.2.1",
"@octokit/types": "^13.6.2",
"universal-user-agent": "^7.0.0"
},
@@ -705,13 +705,13 @@
}
},
"node_modules/@octokit/auth-oauth-device": {
- "version": "7.1.2",
- "resolved": "https://registry.npmjs.org/@octokit/auth-oauth-device/-/auth-oauth-device-7.1.2.tgz",
- "integrity": "sha512-gTOIzDeV36OhVfxCl69FmvJix7tJIiU6dlxuzLVAzle7fYfO8UDyddr9B+o4CFQVaMBLMGZ9ak2CWMYcGeZnPw==",
+ "version": "7.1.3",
+ "resolved": "https://registry.npmjs.org/@octokit/auth-oauth-device/-/auth-oauth-device-7.1.3.tgz",
+ "integrity": "sha512-BECO/N4B/Uikj0w3GCvjf/odMujtYTP3q82BJSjxC2J3rxTEiZIJ+z2xnRlDb0IE9dQSaTgRqUPVOieSbFcVzg==",
"license": "MIT",
"dependencies": {
- "@octokit/oauth-methods": "^5.1.3",
- "@octokit/request": "^9.1.4",
+ "@octokit/oauth-methods": "^5.1.4",
+ "@octokit/request": "^9.2.1",
"@octokit/types": "^13.6.2",
"universal-user-agent": "^7.0.0"
},
@@ -720,14 +720,14 @@
}
},
"node_modules/@octokit/auth-oauth-user": {
- "version": "5.1.2",
- "resolved": "https://registry.npmjs.org/@octokit/auth-oauth-user/-/auth-oauth-user-5.1.2.tgz",
- "integrity": "sha512-PgVDDPJgZYb3qSEXK4moksA23tfn68zwSAsQKZ1uH6IV9IaNEYx35OXXI80STQaLYnmEE86AgU0tC1YkM4WjsA==",
+ "version": "5.1.3",
+ "resolved": "https://registry.npmjs.org/@octokit/auth-oauth-user/-/auth-oauth-user-5.1.3.tgz",
+ "integrity": "sha512-zNPByPn9K7TC+OOHKGxU+MxrE9SZAN11UHYEFLsK2NRn3akJN2LHRl85q+Eypr3tuB2GrKx3rfj2phJdkYCvzw==",
"license": "MIT",
"dependencies": {
- "@octokit/auth-oauth-device": "^7.1.2",
- "@octokit/oauth-methods": "^5.1.2",
- "@octokit/request": "^9.1.4",
+ "@octokit/auth-oauth-device": "^7.1.3",
+ "@octokit/oauth-methods": "^5.1.3",
+ "@octokit/request": "^9.2.1",
"@octokit/types": "^13.6.2",
"universal-user-agent": "^7.0.0"
},
@@ -758,14 +758,14 @@
}
},
"node_modules/@octokit/oauth-methods": {
- "version": "5.1.3",
- "resolved": "https://registry.npmjs.org/@octokit/oauth-methods/-/oauth-methods-5.1.3.tgz",
- "integrity": "sha512-M+bDBi5H8FnH0xhCTg0m9hvcnppdDnxUqbZyOkxlLblKpLAR+eT2nbDPvJDp0eLrvJWA1I8OX0KHf/sBMQARRA==",
+ "version": "5.1.4",
+ "resolved": "https://registry.npmjs.org/@octokit/oauth-methods/-/oauth-methods-5.1.4.tgz",
+ "integrity": "sha512-Jc/ycnePClOvO1WL7tlC+TRxOFtyJBGuTDsL4dzXNiVZvzZdrPuNw7zHI3qJSUX2n6RLXE5L0SkFmYyNaVUFoQ==",
"license": "MIT",
"dependencies": {
"@octokit/oauth-authorization-url": "^7.0.0",
- "@octokit/request": "^9.1.4",
- "@octokit/request-error": "^6.1.6",
+ "@octokit/request": "^9.2.1",
+ "@octokit/request-error": "^6.1.7",
"@octokit/types": "^13.6.2"
},
"engines": {
@@ -773,9 +773,10 @@
}
},
"node_modules/@octokit/openapi-types": {
- "version": "22.2.0",
- "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-22.2.0.tgz",
- "integrity": "sha512-QBhVjcUa9W7Wwhm6DBFu6ZZ+1/t/oYxqc2tp81Pi41YNuJinbFRx8B133qVOrAaBbF7D/m0Et6f9/pZt9Rc+tg=="
+ "version": "23.0.1",
+ "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-23.0.1.tgz",
+ "integrity": "sha512-izFjMJ1sir0jn0ldEKhZ7xegCTj/ObmEDlEfpFrx4k/JyZSMRHbO3/rBwgE7f3m2DHt+RrNGIVw4wSmwnm3t/g==",
+ "license": "MIT"
},
"node_modules/@octokit/request": {
"version": "9.2.2",
@@ -806,11 +807,12 @@
}
},
"node_modules/@octokit/types": {
- "version": "13.6.2",
- "resolved": "https://registry.npmjs.org/@octokit/types/-/types-13.6.2.tgz",
- "integrity": "sha512-WpbZfZUcZU77DrSW4wbsSgTPfKcp286q3ItaIgvSbBpZJlu6mnYXAkjZz6LVZPXkEvLIM8McanyZejKTYUHipA==",
+ "version": "13.8.0",
+ "resolved": "https://registry.npmjs.org/@octokit/types/-/types-13.8.0.tgz",
+ "integrity": "sha512-x7DjTIbEpEWXK99DMd01QfWy0hd5h4EN+Q7shkdKds3otGQP+oWE/y0A76i1OvH9fygo4ddvNf7ZvF0t78P98A==",
+ "license": "MIT",
"dependencies": {
- "@octokit/openapi-types": "^22.2.0"
+ "@octokit/openapi-types": "^23.0.1"
}
},
"node_modules/@pkgjs/parseargs": {
@@ -3637,9 +3639,9 @@
}
},
"node_modules/undici": {
- "version": "7.3.0",
- "resolved": "https://registry.npmjs.org/undici/-/undici-7.3.0.tgz",
- "integrity": "sha512-Qy96NND4Dou5jKoSJ2gm8ax8AJM/Ey9o9mz7KN1bb9GP+G0l20Zw8afxTnY2f4b7hmhn/z8aC2kfArVQlAhFBw==",
+ "version": "7.4.0",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-7.4.0.tgz",
+ "integrity": "sha512-PUQM3/es3noM24oUn10u3kNNap0AbxESOmnssmW+dOi9yGwlUSi5nTNYl3bNbTkWOF8YZDkx2tCmj9OtQ3iGGw==",
"license": "MIT",
"engines": {
"node": ">=20.18.1"
diff --git a/package.json b/package.json
index 22f41cc..a20f28e 100644
--- a/package.json
+++ b/package.json
@@ -13,10 +13,10 @@
"license": "MIT",
"dependencies": {
"@actions/core": "^1.11.1",
- "@octokit/auth-app": "^7.1.4",
+ "@octokit/auth-app": "^7.1.5",
"@octokit/request": "^9.2.2",
"p-retry": "^6.2.1",
- "undici": "^7.3.0"
+ "undici": "^7.4.0"
},
"devDependencies": {
"@sinonjs/fake-timers": "^14.0.0",
From 21cfef2b496dd8ef5b904c159339626a10ad380e Mon Sep 17 00:00:00 2001
From: semantic-release-bot
Date: Mon, 3 Mar 2025 01:13:50 +0000
Subject: [PATCH 2/2] build(release): 1.11.6 [skip ci]
## [1.11.6](https://github.com/actions/create-github-app-token/compare/v1.11.5...v1.11.6) (2025-03-03)
### Bug Fixes
* **deps:** bump the production-dependencies group with 2 updates ([#210](https://github.com/actions/create-github-app-token/issues/210)) ([1ff1dea](https://github.com/actions/create-github-app-token/commit/1ff1dea6a9d1de5b4795e5314291e04acc63c38b))
---
dist/main.cjs | 92 +++++++++++++++++++++++----------------------------
dist/post.cjs | 66 ++++++++++++++++++------------------
package.json | 2 +-
3 files changed, 76 insertions(+), 84 deletions(-)
diff --git a/dist/main.cjs b/dist/main.cjs
index 3f84d9e..9620203 100644
--- a/dist/main.cjs
+++ b/dist/main.cjs
@@ -25550,7 +25550,7 @@ var require_body2 = __commonJS({
const crypto = require("node:crypto");
random = (max) => crypto.randomInt(0, max);
} catch {
- random = (max) => Math.floor(Math.random(max));
+ random = (max) => Math.floor(Math.random() * max);
}
var textEncoder = new TextEncoder();
function noop() {
@@ -28815,7 +28815,6 @@ var require_env_http_proxy_agent = __commonJS({
"http:": 80,
"https:": 443
};
- var experimentalWarned = false;
var EnvHttpProxyAgent = class extends DispatcherBase {
#noProxyValue = null;
#noProxyEntries = null;
@@ -28823,12 +28822,6 @@ var require_env_http_proxy_agent = __commonJS({
constructor(opts = {}) {
super();
this.#opts = opts;
- if (!experimentalWarned) {
- experimentalWarned = true;
- process.emitWarning("EnvHttpProxyAgent is experimental, expect them to change at any time.", {
- code: "UNDICI-EHPA"
- });
- }
const { httpProxy, httpsProxy, noProxy, ...agentOpts } = opts;
this[kNoProxyAgent] = new Agent(agentOpts);
const HTTP_PROXY = httpProxy ?? process.env.http_proxy ?? process.env.HTTP_PROXY;
@@ -30579,8 +30572,10 @@ var require_mock_utils2 = __commonJS({
return data;
} else if (typeof data === "object") {
return JSON.stringify(data);
- } else {
+ } else if (data) {
return data.toString();
+ } else {
+ return "";
}
}
function getMockDispatch(mockDispatches, key) {
@@ -32043,10 +32038,13 @@ var require_cache2 = __commonJS({
if (typeof key !== "string" || typeof val !== "string") {
throw new Error("opts.headers is not a valid header map");
}
- headers[key] = val;
+ headers[key.toLowerCase()] = val;
}
} else if (typeof opts.headers === "object") {
- headers = opts.headers;
+ headers = {};
+ for (const key of Object.keys(opts.headers)) {
+ headers[key.toLowerCase()] = opts.headers[key];
+ }
} else {
throw new Error("opts.headers is not an object");
}
@@ -32201,17 +32199,13 @@ var require_cache2 = __commonJS({
return headers;
}
const output = (
- /** @type {Record} */
+ /** @type {Record} */
{}
);
const varyingHeaders = typeof varyHeader === "string" ? varyHeader.split(",") : varyHeader;
for (const header of varyingHeaders) {
const trimmedHeader = header.trim().toLowerCase();
- if (headers[trimmedHeader]) {
- output[trimmedHeader] = headers[trimmedHeader];
- } else {
- return void 0;
- }
+ output[trimmedHeader] = headers[trimmedHeader] ?? null;
}
return output;
}
@@ -32793,7 +32787,12 @@ var require_memory_cache_store = __commonJS({
assertCacheKey(key);
const topLevelKey = `${key.origin}:${key.path}`;
const now = Date.now();
- const entry = this.#entries.get(topLevelKey)?.find((entry2) => entry2.deleteAt > now && entry2.method === key.method && (entry2.vary == null || Object.keys(entry2.vary).every((headerName) => entry2.vary[headerName] === key.headers?.[headerName])));
+ const entry = this.#entries.get(topLevelKey)?.find((entry2) => entry2.deleteAt > now && entry2.method === key.method && (entry2.vary == null || Object.keys(entry2.vary).every((headerName) => {
+ if (entry2.vary[headerName] === null) {
+ return key.headers[headerName] === void 0;
+ }
+ return entry2.vary[headerName] === key.headers[headerName];
+ })));
return entry == null ? void 0 : {
statusMessage: entry.statusMessage,
statusCode: entry.statusCode,
@@ -33379,7 +33378,7 @@ var require_sqlite_cache_store = __commonJS({
assertCacheKey(key);
const value = this.#findValue(key);
return value ? {
- body: value.body ? Buffer.from(value.body.buffer) : void 0,
+ body: value.body ? Buffer.from(value.body.buffer, value.body.byteOffset, value.body.byteLength) : void 0,
statusCode: value.statusCode,
statusMessage: value.statusMessage,
headers: value.headers ? JSON.parse(value.headers) : void 0,
@@ -33524,9 +33523,6 @@ var require_sqlite_cache_store = __commonJS({
}
let matches = true;
if (value.vary) {
- if (!headers) {
- return void 0;
- }
const vary = JSON.parse(value.vary);
for (const header in vary) {
if (!headerValueEquals(headers[header], vary[header])) {
@@ -33543,16 +33539,17 @@ var require_sqlite_cache_store = __commonJS({
}
};
function headerValueEquals(lhs, rhs) {
+ if (lhs == null && rhs == null) {
+ return true;
+ }
+ if (lhs == null && rhs != null || lhs != null && rhs == null) {
+ return false;
+ }
if (Array.isArray(lhs) && Array.isArray(rhs)) {
if (lhs.length !== rhs.length) {
return false;
}
- for (let i = 0; i < lhs.length; i++) {
- if (rhs.includes(lhs[i])) {
- return false;
- }
- }
- return true;
+ return lhs.every((x, i) => x === rhs[i]);
}
return lhs === rhs;
}
@@ -34518,6 +34515,12 @@ var require_request4 = __commonJS({
signal.removeEventListener("abort", abort);
});
var dependentControllerMap = /* @__PURE__ */ new WeakMap();
+ var abortSignalHasEventHandlerLeakWarning;
+ try {
+ abortSignalHasEventHandlerLeakWarning = getMaxListeners(new AbortController().signal) > 0;
+ } catch {
+ abortSignalHasEventHandlerLeakWarning = false;
+ }
function buildAbort(acRef) {
return abort;
function abort() {
@@ -34745,11 +34748,8 @@ var require_request4 = __commonJS({
this[kAbortController] = ac;
const acRef = new WeakRef(ac);
const abort = buildAbort(acRef);
- try {
- if (typeof getMaxListeners === "function" && getMaxListeners(signal) === defaultMaxListeners) {
- setMaxListeners(1500, signal);
- }
- } catch {
+ if (abortSignalHasEventHandlerLeakWarning && getMaxListeners(signal) === defaultMaxListeners) {
+ setMaxListeners(1500, signal);
}
util.addAbortListener(signal, abort);
requestFinalizer.register(ac, { signal, abort }, abort);
@@ -40739,8 +40739,7 @@ async function oauthRequest(request2, route, parameters) {
return response;
}
async function exchangeWebFlowCode(options) {
- const request2 = options.request || /* istanbul ignore next: we always pass a custom request in tests */
- request;
+ const request2 = options.request || request;
const response = await oauthRequest(
request2,
"POST /login/oauth/access_token",
@@ -40777,8 +40776,7 @@ function toTimestamp(apiTimeInMs, expirationInSeconds) {
return new Date(apiTimeInMs + expirationInSeconds * 1e3).toISOString();
}
async function createDeviceCode(options) {
- const request2 = options.request || /* istanbul ignore next: we always pass a custom request in tests */
- request;
+ const request2 = options.request || request;
const parameters = {
client_id: options.clientId
};
@@ -40788,8 +40786,7 @@ async function createDeviceCode(options) {
return oauthRequest(request2, "POST /login/device/code", parameters);
}
async function exchangeDeviceCode(options) {
- const request2 = options.request || /* istanbul ignore next: we always pass a custom request in tests */
- request;
+ const request2 = options.request || request;
const response = await oauthRequest(
request2,
"POST /login/oauth/access_token",
@@ -40827,8 +40824,7 @@ function toTimestamp2(apiTimeInMs, expirationInSeconds) {
return new Date(apiTimeInMs + expirationInSeconds * 1e3).toISOString();
}
async function checkToken(options) {
- const request2 = options.request || /* istanbul ignore next: we always pass a custom request in tests */
- request;
+ const request2 = options.request || request;
const response = await request2("POST /applications/{client_id}/token", {
headers: {
authorization: `basic ${btoa(
@@ -40853,8 +40849,7 @@ async function checkToken(options) {
return { ...response, authentication };
}
async function refreshToken(options) {
- const request2 = options.request || /* istanbul ignore next: we always pass a custom request in tests */
- request;
+ const request2 = options.request || request;
const response = await oauthRequest(
request2,
"POST /login/oauth/access_token",
@@ -40884,8 +40879,7 @@ function toTimestamp3(apiTimeInMs, expirationInSeconds) {
return new Date(apiTimeInMs + expirationInSeconds * 1e3).toISOString();
}
async function resetToken(options) {
- const request2 = options.request || /* istanbul ignore next: we always pass a custom request in tests */
- request;
+ const request2 = options.request || request;
const auth5 = btoa(`${options.clientId}:${options.clientSecret}`);
const response = await request2(
"PATCH /applications/{client_id}/token",
@@ -40912,8 +40906,7 @@ async function resetToken(options) {
return { ...response, authentication };
}
async function deleteToken(options) {
- const request2 = options.request || /* istanbul ignore next: we always pass a custom request in tests */
- request;
+ const request2 = options.request || request;
const auth5 = btoa(`${options.clientId}:${options.clientSecret}`);
return request2(
"DELETE /applications/{client_id}/token",
@@ -40927,8 +40920,7 @@ async function deleteToken(options) {
);
}
async function deleteAuthorization(options) {
- const request2 = options.request || /* istanbul ignore next: we always pass a custom request in tests */
- request;
+ const request2 = options.request || request;
const auth5 = btoa(`${options.clientId}:${options.clientSecret}`);
return request2(
"DELETE /applications/{client_id}/grant",
@@ -41962,7 +41954,7 @@ async function sendRequestWithRetries(state, request2, options, createdAt, retri
return sendRequestWithRetries(state, request2, options, createdAt, retries);
}
}
-var VERSION6 = "7.1.4";
+var VERSION6 = "7.1.5";
function createAppAuth(options) {
if (!options.appId) {
throw new Error("[@octokit/auth-app] appId option is required");
diff --git a/dist/post.cjs b/dist/post.cjs
index ccde786..ef80dd5 100644
--- a/dist/post.cjs
+++ b/dist/post.cjs
@@ -25317,7 +25317,7 @@ var require_body2 = __commonJS({
const crypto = require("node:crypto");
random = (max) => crypto.randomInt(0, max);
} catch {
- random = (max) => Math.floor(Math.random(max));
+ random = (max) => Math.floor(Math.random() * max);
}
var textEncoder = new TextEncoder();
function noop() {
@@ -28582,7 +28582,6 @@ var require_env_http_proxy_agent = __commonJS({
"http:": 80,
"https:": 443
};
- var experimentalWarned = false;
var EnvHttpProxyAgent = class extends DispatcherBase {
#noProxyValue = null;
#noProxyEntries = null;
@@ -28590,12 +28589,6 @@ var require_env_http_proxy_agent = __commonJS({
constructor(opts = {}) {
super();
this.#opts = opts;
- if (!experimentalWarned) {
- experimentalWarned = true;
- process.emitWarning("EnvHttpProxyAgent is experimental, expect them to change at any time.", {
- code: "UNDICI-EHPA"
- });
- }
const { httpProxy, httpsProxy, noProxy, ...agentOpts } = opts;
this[kNoProxyAgent] = new Agent(agentOpts);
const HTTP_PROXY = httpProxy ?? process.env.http_proxy ?? process.env.HTTP_PROXY;
@@ -30346,8 +30339,10 @@ var require_mock_utils2 = __commonJS({
return data;
} else if (typeof data === "object") {
return JSON.stringify(data);
- } else {
+ } else if (data) {
return data.toString();
+ } else {
+ return "";
}
}
function getMockDispatch(mockDispatches, key) {
@@ -31810,10 +31805,13 @@ var require_cache2 = __commonJS({
if (typeof key !== "string" || typeof val !== "string") {
throw new Error("opts.headers is not a valid header map");
}
- headers[key] = val;
+ headers[key.toLowerCase()] = val;
}
} else if (typeof opts.headers === "object") {
- headers = opts.headers;
+ headers = {};
+ for (const key of Object.keys(opts.headers)) {
+ headers[key.toLowerCase()] = opts.headers[key];
+ }
} else {
throw new Error("opts.headers is not an object");
}
@@ -31968,17 +31966,13 @@ var require_cache2 = __commonJS({
return headers;
}
const output = (
- /** @type {Record} */
+ /** @type {Record} */
{}
);
const varyingHeaders = typeof varyHeader === "string" ? varyHeader.split(",") : varyHeader;
for (const header of varyingHeaders) {
const trimmedHeader = header.trim().toLowerCase();
- if (headers[trimmedHeader]) {
- output[trimmedHeader] = headers[trimmedHeader];
- } else {
- return void 0;
- }
+ output[trimmedHeader] = headers[trimmedHeader] ?? null;
}
return output;
}
@@ -32560,7 +32554,12 @@ var require_memory_cache_store = __commonJS({
assertCacheKey(key);
const topLevelKey = `${key.origin}:${key.path}`;
const now = Date.now();
- const entry = this.#entries.get(topLevelKey)?.find((entry2) => entry2.deleteAt > now && entry2.method === key.method && (entry2.vary == null || Object.keys(entry2.vary).every((headerName) => entry2.vary[headerName] === key.headers?.[headerName])));
+ const entry = this.#entries.get(topLevelKey)?.find((entry2) => entry2.deleteAt > now && entry2.method === key.method && (entry2.vary == null || Object.keys(entry2.vary).every((headerName) => {
+ if (entry2.vary[headerName] === null) {
+ return key.headers[headerName] === void 0;
+ }
+ return entry2.vary[headerName] === key.headers[headerName];
+ })));
return entry == null ? void 0 : {
statusMessage: entry.statusMessage,
statusCode: entry.statusCode,
@@ -33146,7 +33145,7 @@ var require_sqlite_cache_store = __commonJS({
assertCacheKey(key);
const value = this.#findValue(key);
return value ? {
- body: value.body ? Buffer.from(value.body.buffer) : void 0,
+ body: value.body ? Buffer.from(value.body.buffer, value.body.byteOffset, value.body.byteLength) : void 0,
statusCode: value.statusCode,
statusMessage: value.statusMessage,
headers: value.headers ? JSON.parse(value.headers) : void 0,
@@ -33291,9 +33290,6 @@ var require_sqlite_cache_store = __commonJS({
}
let matches = true;
if (value.vary) {
- if (!headers) {
- return void 0;
- }
const vary = JSON.parse(value.vary);
for (const header in vary) {
if (!headerValueEquals(headers[header], vary[header])) {
@@ -33310,16 +33306,17 @@ var require_sqlite_cache_store = __commonJS({
}
};
function headerValueEquals(lhs, rhs) {
+ if (lhs == null && rhs == null) {
+ return true;
+ }
+ if (lhs == null && rhs != null || lhs != null && rhs == null) {
+ return false;
+ }
if (Array.isArray(lhs) && Array.isArray(rhs)) {
if (lhs.length !== rhs.length) {
return false;
}
- for (let i = 0; i < lhs.length; i++) {
- if (rhs.includes(lhs[i])) {
- return false;
- }
- }
- return true;
+ return lhs.every((x, i) => x === rhs[i]);
}
return lhs === rhs;
}
@@ -34285,6 +34282,12 @@ var require_request4 = __commonJS({
signal.removeEventListener("abort", abort);
});
var dependentControllerMap = /* @__PURE__ */ new WeakMap();
+ var abortSignalHasEventHandlerLeakWarning;
+ try {
+ abortSignalHasEventHandlerLeakWarning = getMaxListeners(new AbortController().signal) > 0;
+ } catch {
+ abortSignalHasEventHandlerLeakWarning = false;
+ }
function buildAbort(acRef) {
return abort;
function abort() {
@@ -34512,11 +34515,8 @@ var require_request4 = __commonJS({
this[kAbortController] = ac;
const acRef = new WeakRef(ac);
const abort = buildAbort(acRef);
- try {
- if (typeof getMaxListeners === "function" && getMaxListeners(signal) === defaultMaxListeners) {
- setMaxListeners(1500, signal);
- }
- } catch {
+ if (abortSignalHasEventHandlerLeakWarning && getMaxListeners(signal) === defaultMaxListeners) {
+ setMaxListeners(1500, signal);
}
util.addAbortListener(signal, abort);
requestFinalizer.register(ac, { signal, abort }, abort);
diff --git a/package.json b/package.json
index a20f28e..9719e64 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
"name": "create-github-app-token",
"private": true,
"type": "module",
- "version": "1.11.5",
+ "version": "1.11.6",
"description": "GitHub Action for creating a GitHub App Installation Access Token",
"scripts": {
"build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --target=node20.0.0 --packages=bundle",