diff --git a/dist/index.js b/dist/index.js index eec4ac4de..2973c65f5 100644 --- a/dist/index.js +++ b/dist/index.js @@ -43,6 +43,56 @@ module.exports = /************************************************************************/ /******/ ({ +/***/ 0: +/***/ (function(module, __unusedexports, __webpack_require__) { + +const { requestLog } = __webpack_require__(916); +const { + restEndpointMethods +} = __webpack_require__(842); + +const Core = __webpack_require__(529); + +const CORE_PLUGINS = [ + __webpack_require__(190), + __webpack_require__(19), // deprecated: remove in v17 + requestLog, + __webpack_require__(148), + restEndpointMethods, + __webpack_require__(430), + + __webpack_require__(850) // deprecated: remove in v17 +]; + +const OctokitRest = Core.plugin(CORE_PLUGINS); + +function DeprecatedOctokit(options) { + const warn = + options && options.log && options.log.warn + ? options.log.warn + : console.warn; + warn( + '[@octokit/rest] `const Octokit = require("@octokit/rest")` is deprecated. Use `const { Octokit } = require("@octokit/rest")` instead' + ); + return new OctokitRest(options); +} + +const Octokit = Object.assign(DeprecatedOctokit, { + Octokit: OctokitRest +}); + +Object.keys(OctokitRest).forEach(key => { + /* istanbul ignore else */ + if (OctokitRest.hasOwnProperty(key)) { + Octokit[key] = OctokitRest[key]; + } +}); + +module.exports = Octokit; + + +/***/ }), + /***/ 2: /***/ (function(module, __unusedexports, __webpack_require__) { @@ -251,6 +301,44 @@ module.exports = require("tls"); eval("require")("encoding"); +/***/ }), + +/***/ 19: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = authenticationPlugin; + +const { Deprecation } = __webpack_require__(692); +const once = __webpack_require__(969); + +const deprecateAuthenticate = once((log, deprecation) => log.warn(deprecation)); + +const authenticate = __webpack_require__(674); +const beforeRequest = __webpack_require__(471); +const requestError = __webpack_require__(349); + +function authenticationPlugin(octokit, options) { + if (options.auth) { + octokit.authenticate = () => { + deprecateAuthenticate( + octokit.log, + new Deprecation( + '[@octokit/rest] octokit.authenticate() is deprecated and has no effect when "auth" option is set on Octokit constructor' + ) + ); + }; + return; + } + const state = { + octokit, + auth: false + }; + octokit.authenticate = authenticate.bind(null, state); + octokit.hook.before("request", beforeRequest.bind(null, state)); + octokit.hook.error("request", requestError.bind(null, state)); +} + + /***/ }), /***/ 20: @@ -305,112 +393,6 @@ module.exports._enoent = enoent; module.exports = require("https"); -/***/ }), - -/***/ 36: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = parseOptions; - -const { Deprecation } = __webpack_require__(692); -const { getUserAgent } = __webpack_require__(796); -const once = __webpack_require__(969); - -const pkg = __webpack_require__(919); - -const deprecateOptionsTimeout = once((log, deprecation) => - log.warn(deprecation) -); -const deprecateOptionsAgent = once((log, deprecation) => log.warn(deprecation)); -const deprecateOptionsHeaders = once((log, deprecation) => - log.warn(deprecation) -); - -function parseOptions(options, log, hook) { - if (options.headers) { - options.headers = Object.keys(options.headers).reduce((newObj, key) => { - newObj[key.toLowerCase()] = options.headers[key]; - return newObj; - }, {}); - } - - const clientDefaults = { - headers: options.headers || {}, - request: options.request || {}, - mediaType: { - previews: [], - format: "" - } - }; - - if (options.baseUrl) { - clientDefaults.baseUrl = options.baseUrl; - } - - if (options.userAgent) { - clientDefaults.headers["user-agent"] = options.userAgent; - } - - if (options.previews) { - clientDefaults.mediaType.previews = options.previews; - } - - if (options.timeZone) { - clientDefaults.headers["time-zone"] = options.timeZone; - } - - if (options.timeout) { - deprecateOptionsTimeout( - log, - new Deprecation( - "[@octokit/rest] new Octokit({timeout}) is deprecated. Use {request: {timeout}} instead. See https://github.com/octokit/request.js#request" - ) - ); - clientDefaults.request.timeout = options.timeout; - } - - if (options.agent) { - deprecateOptionsAgent( - log, - new Deprecation( - "[@octokit/rest] new Octokit({agent}) is deprecated. Use {request: {agent}} instead. See https://github.com/octokit/request.js#request" - ) - ); - clientDefaults.request.agent = options.agent; - } - - if (options.headers) { - deprecateOptionsHeaders( - log, - new Deprecation( - "[@octokit/rest] new Octokit({headers}) is deprecated. Use {userAgent, previews} instead. See https://github.com/octokit/request.js#request" - ) - ); - } - - const userAgentOption = clientDefaults.headers["user-agent"]; - const defaultUserAgent = `octokit.js/${pkg.version} ${getUserAgent()}`; - - clientDefaults.headers["user-agent"] = [userAgentOption, defaultUserAgent] - .filter(Boolean) - .join(" "); - - clientDefaults.request.hook = hook.bind(null, "request"); - - return clientDefaults; -} - - -/***/ }), - -/***/ 37: -/***/ (function(module, __unusedexports, __webpack_require__) { - -const factory = __webpack_require__(513); - -module.exports = factory(); - - /***/ }), /***/ 39: @@ -432,6 +414,23 @@ module.exports = opts => { }; +/***/ }), + +/***/ 47: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = factory; + +const Octokit = __webpack_require__(402); +const registerPlugin = __webpack_require__(855); + +function factory(plugins) { + const Api = Octokit.bind(null, plugins || []); + Api.plugin = registerPlugin.bind(null, plugins || []); + return Api; +} + + /***/ }), /***/ 48: @@ -1984,304 +1983,52 @@ module.exports = windowsRelease; /***/ }), -/***/ 63: +/***/ 87: +/***/ (function(module) { + +module.exports = require("os"); + +/***/ }), + +/***/ 118: /***/ (function(module, __unusedexports, __webpack_require__) { "use strict"; +const os = __webpack_require__(87); -module.exports = validate; +const nameMap = new Map([ + [19, 'Catalina'], + [18, 'Mojave'], + [17, 'High Sierra'], + [16, 'Sierra'], + [15, 'El Capitan'], + [14, 'Yosemite'], + [13, 'Mavericks'], + [12, 'Mountain Lion'], + [11, 'Lion'], + [10, 'Snow Leopard'], + [9, 'Leopard'], + [8, 'Tiger'], + [7, 'Panther'], + [6, 'Jaguar'], + [5, 'Puma'] +]); -const { RequestError } = __webpack_require__(102); -const get = __webpack_require__(854); -const set = __webpack_require__(883); +const macosRelease = release => { + release = Number((release || os.release()).split('.')[0]); + return { + name: nameMap.get(release), + version: '10.' + (release - 4) + }; +}; -function validate(octokit, options) { - if (!options.request.validate) { - return; - } - const { validate: params } = options.request; +module.exports = macosRelease; +// TODO: remove this in the next major version +module.exports.default = macosRelease; - Object.keys(params).forEach(parameterName => { - const parameter = get(params, parameterName); - const expectedType = parameter.type; - let parentParameterName; - let parentValue; - let parentParamIsPresent = true; - let parentParameterIsArray = false; - - if (/\./.test(parameterName)) { - parentParameterName = parameterName.replace(/\.[^.]+$/, ""); - parentParameterIsArray = parentParameterName.slice(-2) === "[]"; - if (parentParameterIsArray) { - parentParameterName = parentParameterName.slice(0, -2); - } - parentValue = get(options, parentParameterName); - parentParamIsPresent = - parentParameterName === "headers" || - (typeof parentValue === "object" && parentValue !== null); - } - - const values = parentParameterIsArray - ? (get(options, parentParameterName) || []).map( - value => value[parameterName.split(/\./).pop()] - ) - : [get(options, parameterName)]; - - values.forEach((value, i) => { - const valueIsPresent = typeof value !== "undefined"; - const valueIsNull = value === null; - const currentParameterName = parentParameterIsArray - ? parameterName.replace(/\[\]/, `[${i}]`) - : parameterName; - - if (!parameter.required && !valueIsPresent) { - return; - } - - // if the parent parameter is of type object but allows null - // then the child parameters can be ignored - if (!parentParamIsPresent) { - return; - } - - if (parameter.allowNull && valueIsNull) { - return; - } - - if (!parameter.allowNull && valueIsNull) { - throw new RequestError( - `'${currentParameterName}' cannot be null`, - 400, - { - request: options - } - ); - } - - if (parameter.required && !valueIsPresent) { - throw new RequestError( - `Empty value for parameter '${currentParameterName}': ${JSON.stringify( - value - )}`, - 400, - { - request: options - } - ); - } - - // parse to integer before checking for enum - // so that string "1" will match enum with number 1 - if (expectedType === "integer") { - const unparsedValue = value; - value = parseInt(value, 10); - if (isNaN(value)) { - throw new RequestError( - `Invalid value for parameter '${currentParameterName}': ${JSON.stringify( - unparsedValue - )} is NaN`, - 400, - { - request: options - } - ); - } - } - - if (parameter.enum && parameter.enum.indexOf(String(value)) === -1) { - throw new RequestError( - `Invalid value for parameter '${currentParameterName}': ${JSON.stringify( - value - )}`, - 400, - { - request: options - } - ); - } - - if (parameter.validation) { - const regex = new RegExp(parameter.validation); - if (!regex.test(value)) { - throw new RequestError( - `Invalid value for parameter '${currentParameterName}': ${JSON.stringify( - value - )}`, - 400, - { - request: options - } - ); - } - } - - if (expectedType === "object" && typeof value === "string") { - try { - value = JSON.parse(value); - } catch (exception) { - throw new RequestError( - `JSON parse error of value for parameter '${currentParameterName}': ${JSON.stringify( - value - )}`, - 400, - { - request: options - } - ); - } - } - - set(options, parameter.mapTo || currentParameterName, value); - }); - }); - - return options; -} - - -/***/ }), - -/***/ 85: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = withAuthorizationPrefix; - -const atob = __webpack_require__(368); - -const REGEX_IS_BASIC_AUTH = /^[\w-]+:/; - -function withAuthorizationPrefix(authorization) { - if (/^(basic|bearer|token) /i.test(authorization)) { - return authorization; - } - - try { - if (REGEX_IS_BASIC_AUTH.test(atob(authorization))) { - return `basic ${authorization}`; - } - } catch (error) {} - - if (authorization.split(/\./).length === 3) { - return `bearer ${authorization}`; - } - - return `token ${authorization}`; -} - - -/***/ }), - -/***/ 87: -/***/ (function(module) { - -module.exports = require("os"); - -/***/ }), - -/***/ 102: -/***/ (function(__unusedmodule, exports, __webpack_require__) { - -"use strict"; - - -Object.defineProperty(exports, '__esModule', { value: true }); - -function _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; } - -var deprecation = __webpack_require__(692); -var once = _interopDefault(__webpack_require__(969)); - -const logOnce = once(deprecation => console.warn(deprecation)); -/** - * Error with extra properties to help with debugging - */ - -class RequestError extends Error { - constructor(message, statusCode, options) { - super(message); // Maintains proper stack trace (only available on V8) - - /* istanbul ignore next */ - - if (Error.captureStackTrace) { - Error.captureStackTrace(this, this.constructor); - } - - this.name = "HttpError"; - this.status = statusCode; - Object.defineProperty(this, "code", { - get() { - logOnce(new deprecation.Deprecation("[@octokit/request-error] `error.code` is deprecated, use `error.status`.")); - return statusCode; - } - - }); - this.headers = options.headers || {}; // redact request credentials without mutating original request options - - const requestCopy = Object.assign({}, options.request); - - if (options.request.headers.authorization) { - requestCopy.headers = Object.assign({}, options.request.headers, { - authorization: options.request.headers.authorization.replace(/ .*$/, " [REDACTED]") - }); - } - - requestCopy.url = requestCopy.url // client_id & client_secret can be passed as URL query parameters to increase rate limit - // see https://developer.github.com/v3/#increasing-the-unauthenticated-rate-limit-for-oauth-applications - .replace(/\bclient_secret=\w+/g, "client_secret=[REDACTED]") // OAuth tokens can be passed as URL query parameters, although it is not recommended - // see https://developer.github.com/v3/#oauth2-token-sent-in-a-header - .replace(/\baccess_token=\w+/g, "access_token=[REDACTED]"); - this.request = requestCopy; - } - -} - -exports.RequestError = RequestError; -//# sourceMappingURL=index.js.map - - -/***/ }), - -/***/ 118: -/***/ (function(module, __unusedexports, __webpack_require__) { - -"use strict"; - -const os = __webpack_require__(87); - -const nameMap = new Map([ - [19, 'Catalina'], - [18, 'Mojave'], - [17, 'High Sierra'], - [16, 'Sierra'], - [15, 'El Capitan'], - [14, 'Yosemite'], - [13, 'Mavericks'], - [12, 'Mountain Lion'], - [11, 'Lion'], - [10, 'Snow Leopard'], - [9, 'Leopard'], - [8, 'Tiger'], - [7, 'Panther'], - [6, 'Jaguar'], - [5, 'Puma'] -]); - -const macosRelease = release => { - release = Number((release || os.release()).split('.')[0]); - return { - name: nameMap.get(release), - version: '10.' + (release - 4) - }; -}; - -module.exports = macosRelease; -// TODO: remove this in the next major version -module.exports.default = macosRelease; - - -/***/ }), +/***/ }), /***/ 126: /***/ (function(module) { @@ -3191,92 +2938,6 @@ module.exports = uniq; module.exports = require("child_process"); -/***/ }), - -/***/ 135: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = Octokit; - -const { request } = __webpack_require__(753); -const Hook = __webpack_require__(523); - -const parseClientOptions = __webpack_require__(36); - -function Octokit(plugins, options) { - options = options || {}; - const hook = new Hook.Collection(); - const log = Object.assign( - { - debug: () => {}, - info: () => {}, - warn: console.warn, - error: console.error - }, - options && options.log - ); - const api = { - hook, - log, - request: request.defaults(parseClientOptions(options, log, hook)) - }; - - plugins.forEach(pluginFunction => pluginFunction(api, options)); - - return api; -} - - -/***/ }), - -/***/ 140: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = authenticationBeforeRequest; - -const btoa = __webpack_require__(675); -const uniq = __webpack_require__(126); - -function authenticationBeforeRequest(state, options) { - if (!state.auth.type) { - return; - } - - if (state.auth.type === "basic") { - const hash = btoa(`${state.auth.username}:${state.auth.password}`); - options.headers.authorization = `Basic ${hash}`; - return; - } - - if (state.auth.type === "token") { - options.headers.authorization = `token ${state.auth.token}`; - return; - } - - if (state.auth.type === "app") { - options.headers.authorization = `Bearer ${state.auth.token}`; - const acceptHeaders = options.headers.accept - .split(",") - .concat("application/vnd.github.machine-man-preview+json"); - options.headers.accept = uniq(acceptHeaders) - .filter(Boolean) - .join(","); - return; - } - - options.url += options.url.indexOf("?") === -1 ? "?" : "&"; - - if (state.auth.token) { - options.url += `access_token=${encodeURIComponent(state.auth.token)}`; - return; - } - - const key = encodeURIComponent(state.auth.key); - const secret = encodeURIComponent(state.auth.secret); - options.url += `client_id=${key}&client_secret=${secret}`; -} - - /***/ }), /***/ 141: @@ -3549,6 +3210,36 @@ if (process.env.NODE_DEBUG && /\btunnel\b/.test(process.env.NODE_DEBUG)) { exports.debug = debug; // for test +/***/ }), + +/***/ 143: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = withAuthorizationPrefix; + +const atob = __webpack_require__(368); + +const REGEX_IS_BASIC_AUTH = /^[\w-]+:/; + +function withAuthorizationPrefix(authorization) { + if (/^(basic|bearer|token) /i.test(authorization)) { + return authorization; + } + + try { + if (REGEX_IS_BASIC_AUTH.test(atob(authorization))) { + return `basic ${authorization}`; + } + } catch (error) {} + + if (authorization.split(/\./).length === 3) { + return `bearer ${authorization}`; + } + + return `token ${authorization}`; +} + + /***/ }), /***/ 145: @@ -3607,6 +3298,20 @@ module.exports.array = (stream, options) => getStream(stream, Object.assign({}, module.exports.MaxBufferError = MaxBufferError; +/***/ }), + +/***/ 148: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = paginatePlugin; + +const { paginateRest } = __webpack_require__(299); + +function paginatePlugin(octokit) { + Object.assign(octokit, paginateRest(octokit)); +} + + /***/ }), /***/ 168: @@ -3637,23 +3342,106 @@ module.exports = opts => { throw new TypeError(`Expected \`stdio\` to be of type \`string\` or \`Array\`, got \`${typeof stdio}\``); } - const result = []; - const len = Math.max(stdio.length, alias.length); + const result = []; + const len = Math.max(stdio.length, alias.length); + + for (let i = 0; i < len; i++) { + let value = null; + + if (stdio[i] !== undefined) { + value = stdio[i]; + } else if (opts[alias[i]] !== undefined) { + value = opts[alias[i]]; + } + + result[i] = value; + } + + return result; +}; + + +/***/ }), + +/***/ 190: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = authenticationPlugin; + +const { createTokenAuth } = __webpack_require__(813); +const { Deprecation } = __webpack_require__(692); +const once = __webpack_require__(969); + +const beforeRequest = __webpack_require__(863); +const requestError = __webpack_require__(293); +const validate = __webpack_require__(954); +const withAuthorizationPrefix = __webpack_require__(143); + +const deprecateAuthBasic = once((log, deprecation) => log.warn(deprecation)); +const deprecateAuthObject = once((log, deprecation) => log.warn(deprecation)); + +function authenticationPlugin(octokit, options) { + // If `options.authStrategy` is set then use it and pass in `options.auth` + if (options.authStrategy) { + const auth = options.authStrategy(options.auth); + octokit.hook.wrap("request", auth.hook); + octokit.auth = auth; + return; + } + + // If neither `options.authStrategy` nor `options.auth` are set, the `octokit` instance + // is unauthenticated. The `octokit.auth()` method is a no-op and no request hook is registred. + if (!options.auth) { + octokit.auth = () => + Promise.resolve({ + type: "unauthenticated" + }); + return; + } + + const isBasicAuthString = + typeof options.auth === "string" && + /^basic/.test(withAuthorizationPrefix(options.auth)); + + // If only `options.auth` is set to a string, use the default token authentication strategy. + if (typeof options.auth === "string" && !isBasicAuthString) { + const auth = createTokenAuth(options.auth); + octokit.hook.wrap("request", auth.hook); + octokit.auth = auth; + return; + } - for (let i = 0; i < len; i++) { - let value = null; + // Otherwise log a deprecation message + const [deprecationMethod, deprecationMessapge] = isBasicAuthString + ? [ + deprecateAuthBasic, + 'Setting the "new Octokit({ auth })" option to a Basic Auth string is deprecated. Use https://github.com/octokit/auth-basic.js instead. See (https://octokit.github.io/rest.js/#authentication)' + ] + : [ + deprecateAuthObject, + 'Setting the "new Octokit({ auth })" option to an object without also setting the "authStrategy" option is deprecated and will be removed in v17. See (https://octokit.github.io/rest.js/#authentication)' + ]; + deprecationMethod( + octokit.log, + new Deprecation("[@octokit/rest] " + deprecationMessapge) + ); - if (stdio[i] !== undefined) { - value = stdio[i]; - } else if (opts[alias[i]] !== undefined) { - value = opts[alias[i]]; - } + octokit.auth = () => + Promise.resolve({ + type: "deprecated", + message: deprecationMessapge + }); - result[i] = value; - } + validate(options.auth); - return result; -}; + const state = { + octokit, + auth: options.auth + }; + + octokit.hook.before("request", beforeRequest.bind(null, state)); + octokit.hook.error("request", requestError.bind(null, state)); +} /***/ }), @@ -3804,65 +3592,10 @@ exports.getUserAgent = getUserAgent; /***/ }), -/***/ 240: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = authenticationRequestError; - -const { RequestError } = __webpack_require__(102); - -function authenticationRequestError(state, error, options) { - /* istanbul ignore next */ - if (!error.headers) throw error; - - const otpRequired = /required/.test(error.headers["x-github-otp"] || ""); - // handle "2FA required" error only - if (error.status !== 401 || !otpRequired) { - throw error; - } - - if ( - error.status === 401 && - otpRequired && - error.request && - error.request.headers["x-github-otp"] - ) { - throw new RequestError( - "Invalid one-time password for two-factor authentication", - 401, - { - headers: error.headers, - request: options - } - ); - } - - if (typeof state.auth.on2fa !== "function") { - throw new RequestError( - "2FA required, but options.on2fa is not a function. See https://github.com/octokit/rest.js#authentication", - 401, - { - headers: error.headers, - request: options - } - ); - } - - return Promise.resolve() - .then(() => { - return state.auth.on2fa(); - }) - .then(oneTimePassword => { - const newOptions = Object.assign(options, { - headers: Object.assign( - { "x-github-otp": oneTimePassword }, - options.headers - ) - }); - return state.octokit.request(newOptions); - }); -} +/***/ 215: +/***/ (function(module) { +module.exports = {"_args":[["@octokit/rest@16.43.1","/Users/pjquirk/Source/GitHub/actions/stale"]],"_from":"@octokit/rest@16.43.1","_id":"@octokit/rest@16.43.1","_inBundle":false,"_integrity":"sha512-gfFKwRT/wFxq5qlNjnW2dh+qh74XgTQ2B179UX5K1HYCluioWj8Ndbgqw2PVqa1NnVJkGHp2ovMpVn/DImlmkw==","_location":"/@octokit/rest","_phantomChildren":{"@octokit/types":"2.8.2","deprecation":"2.3.1","once":"1.4.0"},"_requested":{"type":"version","registry":true,"raw":"@octokit/rest@16.43.1","name":"@octokit/rest","escapedName":"@octokit%2frest","scope":"@octokit","rawSpec":"16.43.1","saveSpec":null,"fetchSpec":"16.43.1"},"_requiredBy":["/","/@actions/github"],"_resolved":"https://registry.npmjs.org/@octokit/rest/-/rest-16.43.1.tgz","_spec":"16.43.1","_where":"/Users/pjquirk/Source/GitHub/actions/stale","author":{"name":"Gregor Martynus","url":"https://github.com/gr2m"},"bugs":{"url":"https://github.com/octokit/rest.js/issues"},"bundlesize":[{"path":"./dist/octokit-rest.min.js.gz","maxSize":"33 kB"}],"contributors":[{"name":"Mike de Boer","email":"info@mikedeboer.nl"},{"name":"Fabian Jakobs","email":"fabian@c9.io"},{"name":"Joe Gallo","email":"joe@brassafrax.com"},{"name":"Gregor Martynus","url":"https://github.com/gr2m"}],"dependencies":{"@octokit/auth-token":"^2.4.0","@octokit/plugin-paginate-rest":"^1.1.1","@octokit/plugin-request-log":"^1.0.0","@octokit/plugin-rest-endpoint-methods":"2.4.0","@octokit/request":"^5.2.0","@octokit/request-error":"^1.0.2","atob-lite":"^2.0.0","before-after-hook":"^2.0.0","btoa-lite":"^1.0.0","deprecation":"^2.0.0","lodash.get":"^4.4.2","lodash.set":"^4.3.2","lodash.uniq":"^4.5.0","octokit-pagination-methods":"^1.1.0","once":"^1.4.0","universal-user-agent":"^4.0.0"},"description":"GitHub REST API client for Node.js","devDependencies":{"@gimenete/type-writer":"^0.1.3","@octokit/auth":"^1.1.1","@octokit/fixtures-server":"^5.0.6","@octokit/graphql":"^4.2.0","@types/node":"^13.1.0","bundlesize":"^0.18.0","chai":"^4.1.2","compression-webpack-plugin":"^3.1.0","cypress":"^3.0.0","glob":"^7.1.2","http-proxy-agent":"^4.0.0","lodash.camelcase":"^4.3.0","lodash.merge":"^4.6.1","lodash.upperfirst":"^4.3.1","lolex":"^5.1.2","mkdirp":"^1.0.0","mocha":"^7.0.1","mustache":"^4.0.0","nock":"^11.3.3","npm-run-all":"^4.1.2","nyc":"^15.0.0","prettier":"^1.14.2","proxy":"^1.0.0","semantic-release":"^17.0.0","sinon":"^8.0.0","sinon-chai":"^3.0.0","sort-keys":"^4.0.0","string-to-arraybuffer":"^1.0.0","string-to-jsdoc-comment":"^1.0.0","typescript":"^3.3.1","webpack":"^4.0.0","webpack-bundle-analyzer":"^3.0.0","webpack-cli":"^3.0.0"},"files":["index.js","index.d.ts","lib","plugins"],"homepage":"https://github.com/octokit/rest.js#readme","keywords":["octokit","github","rest","api-client"],"license":"MIT","name":"@octokit/rest","nyc":{"ignore":["test"]},"publishConfig":{"access":"public"},"release":{"publish":["@semantic-release/npm",{"path":"@semantic-release/github","assets":["dist/*","!dist/*.map.gz"]}]},"repository":{"type":"git","url":"git+https://github.com/octokit/rest.js.git"},"scripts":{"build":"npm-run-all build:*","build:browser":"npm-run-all build:browser:*","build:browser:development":"webpack --mode development --entry . --output-library=Octokit --output=./dist/octokit-rest.js --profile --json > dist/bundle-stats.json","build:browser:production":"webpack --mode production --entry . --plugin=compression-webpack-plugin --output-library=Octokit --output-path=./dist --output-filename=octokit-rest.min.js --devtool source-map","build:ts":"npm run -s update-endpoints:typescript","coverage":"nyc report --reporter=html && open coverage/index.html","generate-bundle-report":"webpack-bundle-analyzer dist/bundle-stats.json --mode=static --no-open --report dist/bundle-report.html","lint":"prettier --check '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js README.md package.json","lint:fix":"prettier --write '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js README.md package.json","postvalidate:ts":"tsc --noEmit --target es6 test/typescript-validate.ts","prebuild:browser":"mkdirp dist/","pretest":"npm run -s lint","prevalidate:ts":"npm run -s build:ts","start-fixtures-server":"octokit-fixtures-server","test":"nyc mocha test/mocha-node-setup.js \"test/*/**/*-test.js\"","test:browser":"cypress run --browser chrome","update-endpoints":"npm-run-all update-endpoints:*","update-endpoints:fetch-json":"node scripts/update-endpoints/fetch-json","update-endpoints:typescript":"node scripts/update-endpoints/typescript","validate:ts":"tsc --target es6 --noImplicitAny index.d.ts"},"types":"index.d.ts","version":"16.43.1"}; /***/ }), @@ -4144,26 +3877,190 @@ function register (state, name, method, options) { throw new Error('method for before hook must be a function') } - if (!options) { - options = {} + if (!options) { + options = {} + } + + if (Array.isArray(name)) { + return name.reverse().reduce(function (callback, name) { + return register.bind(null, state, name, callback, options) + }, method)() + } + + return Promise.resolve() + .then(function () { + if (!state.registry[name]) { + return method(options) + } + + return (state.registry[name]).reduce(function (method, registered) { + return registered.hook.bind(null, method, options) + }, method)() + }) +} + + +/***/ }), + +/***/ 293: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = authenticationRequestError; + +const { RequestError } = __webpack_require__(497); + +function authenticationRequestError(state, error, options) { + if (!error.headers) throw error; + + const otpRequired = /required/.test(error.headers["x-github-otp"] || ""); + // handle "2FA required" error only + if (error.status !== 401 || !otpRequired) { + throw error; + } + + if ( + error.status === 401 && + otpRequired && + error.request && + error.request.headers["x-github-otp"] + ) { + if (state.otp) { + delete state.otp; // no longer valid, request again + } else { + throw new RequestError( + "Invalid one-time password for two-factor authentication", + 401, + { + headers: error.headers, + request: options + } + ); + } + } + + if (typeof state.auth.on2fa !== "function") { + throw new RequestError( + "2FA required, but options.on2fa is not a function. See https://github.com/octokit/rest.js#authentication", + 401, + { + headers: error.headers, + request: options + } + ); + } + + return Promise.resolve() + .then(() => { + return state.auth.on2fa(); + }) + .then(oneTimePassword => { + const newOptions = Object.assign(options, { + headers: Object.assign(options.headers, { + "x-github-otp": oneTimePassword + }) + }); + return state.octokit.request(newOptions).then(response => { + // If OTP still valid, then persist it for following requests + state.otp = oneTimePassword; + return response; + }); + }); +} + + +/***/ }), + +/***/ 294: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = parseOptions; + +const { Deprecation } = __webpack_require__(692); +const { getUserAgent } = __webpack_require__(796); +const once = __webpack_require__(969); + +const pkg = __webpack_require__(215); + +const deprecateOptionsTimeout = once((log, deprecation) => + log.warn(deprecation) +); +const deprecateOptionsAgent = once((log, deprecation) => log.warn(deprecation)); +const deprecateOptionsHeaders = once((log, deprecation) => + log.warn(deprecation) +); + +function parseOptions(options, log, hook) { + if (options.headers) { + options.headers = Object.keys(options.headers).reduce((newObj, key) => { + newObj[key.toLowerCase()] = options.headers[key]; + return newObj; + }, {}); + } + + const clientDefaults = { + headers: options.headers || {}, + request: options.request || {}, + mediaType: { + previews: [], + format: "" + } + }; + + if (options.baseUrl) { + clientDefaults.baseUrl = options.baseUrl; + } + + if (options.userAgent) { + clientDefaults.headers["user-agent"] = options.userAgent; + } + + if (options.previews) { + clientDefaults.mediaType.previews = options.previews; + } + + if (options.timeZone) { + clientDefaults.headers["time-zone"] = options.timeZone; + } + + if (options.timeout) { + deprecateOptionsTimeout( + log, + new Deprecation( + "[@octokit/rest] new Octokit({timeout}) is deprecated. Use {request: {timeout}} instead. See https://github.com/octokit/request.js#request" + ) + ); + clientDefaults.request.timeout = options.timeout; + } + + if (options.agent) { + deprecateOptionsAgent( + log, + new Deprecation( + "[@octokit/rest] new Octokit({agent}) is deprecated. Use {request: {agent}} instead. See https://github.com/octokit/request.js#request" + ) + ); + clientDefaults.request.agent = options.agent; } - if (Array.isArray(name)) { - return name.reverse().reduce(function (callback, name) { - return register.bind(null, state, name, callback, options) - }, method)() + if (options.headers) { + deprecateOptionsHeaders( + log, + new Deprecation( + "[@octokit/rest] new Octokit({headers}) is deprecated. Use {userAgent, previews} instead. See https://github.com/octokit/request.js#request" + ) + ); } - return Promise.resolve() - .then(function () { - if (!state.registry[name]) { - return method(options) - } + const userAgentOption = clientDefaults.headers["user-agent"]; + const defaultUserAgent = `octokit.js/${pkg.version} ${getUserAgent()}`; - return (state.registry[name]).reduce(function (method, registered) { - return registered.hook.bind(null, method, options) - }, method)() - }) + clientDefaults.headers["user-agent"] = [userAgentOption, defaultUserAgent] + .filter(Boolean) + .join(" "); + + clientDefaults.request.hook = hook.bind(null, "request"); + + return clientDefaults; } @@ -4386,15 +4283,222 @@ function hasLastPage (link) { /***/ }), -/***/ 341: +/***/ 348: /***/ (function(module, __unusedexports, __webpack_require__) { -module.exports = octokitValidate; +"use strict"; -const validate = __webpack_require__(63); -function octokitValidate(octokit) { - octokit.hook.before("request", validate.bind(null, octokit)); +module.exports = validate; + +const { RequestError } = __webpack_require__(497); +const get = __webpack_require__(854); +const set = __webpack_require__(883); + +function validate(octokit, options) { + if (!options.request.validate) { + return; + } + const { validate: params } = options.request; + + Object.keys(params).forEach(parameterName => { + const parameter = get(params, parameterName); + + const expectedType = parameter.type; + let parentParameterName; + let parentValue; + let parentParamIsPresent = true; + let parentParameterIsArray = false; + + if (/\./.test(parameterName)) { + parentParameterName = parameterName.replace(/\.[^.]+$/, ""); + parentParameterIsArray = parentParameterName.slice(-2) === "[]"; + if (parentParameterIsArray) { + parentParameterName = parentParameterName.slice(0, -2); + } + parentValue = get(options, parentParameterName); + parentParamIsPresent = + parentParameterName === "headers" || + (typeof parentValue === "object" && parentValue !== null); + } + + const values = parentParameterIsArray + ? (get(options, parentParameterName) || []).map( + value => value[parameterName.split(/\./).pop()] + ) + : [get(options, parameterName)]; + + values.forEach((value, i) => { + const valueIsPresent = typeof value !== "undefined"; + const valueIsNull = value === null; + const currentParameterName = parentParameterIsArray + ? parameterName.replace(/\[\]/, `[${i}]`) + : parameterName; + + if (!parameter.required && !valueIsPresent) { + return; + } + + // if the parent parameter is of type object but allows null + // then the child parameters can be ignored + if (!parentParamIsPresent) { + return; + } + + if (parameter.allowNull && valueIsNull) { + return; + } + + if (!parameter.allowNull && valueIsNull) { + throw new RequestError( + `'${currentParameterName}' cannot be null`, + 400, + { + request: options + } + ); + } + + if (parameter.required && !valueIsPresent) { + throw new RequestError( + `Empty value for parameter '${currentParameterName}': ${JSON.stringify( + value + )}`, + 400, + { + request: options + } + ); + } + + // parse to integer before checking for enum + // so that string "1" will match enum with number 1 + if (expectedType === "integer") { + const unparsedValue = value; + value = parseInt(value, 10); + if (isNaN(value)) { + throw new RequestError( + `Invalid value for parameter '${currentParameterName}': ${JSON.stringify( + unparsedValue + )} is NaN`, + 400, + { + request: options + } + ); + } + } + + if (parameter.enum && parameter.enum.indexOf(String(value)) === -1) { + throw new RequestError( + `Invalid value for parameter '${currentParameterName}': ${JSON.stringify( + value + )}`, + 400, + { + request: options + } + ); + } + + if (parameter.validation) { + const regex = new RegExp(parameter.validation); + if (!regex.test(value)) { + throw new RequestError( + `Invalid value for parameter '${currentParameterName}': ${JSON.stringify( + value + )}`, + 400, + { + request: options + } + ); + } + } + + if (expectedType === "object" && typeof value === "string") { + try { + value = JSON.parse(value); + } catch (exception) { + throw new RequestError( + `JSON parse error of value for parameter '${currentParameterName}': ${JSON.stringify( + value + )}`, + 400, + { + request: options + } + ); + } + } + + set(options, parameter.mapTo || currentParameterName, value); + }); + }); + + return options; +} + + +/***/ }), + +/***/ 349: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = authenticationRequestError; + +const { RequestError } = __webpack_require__(497); + +function authenticationRequestError(state, error, options) { + /* istanbul ignore next */ + if (!error.headers) throw error; + + const otpRequired = /required/.test(error.headers["x-github-otp"] || ""); + // handle "2FA required" error only + if (error.status !== 401 || !otpRequired) { + throw error; + } + + if ( + error.status === 401 && + otpRequired && + error.request && + error.request.headers["x-github-otp"] + ) { + throw new RequestError( + "Invalid one-time password for two-factor authentication", + 401, + { + headers: error.headers, + request: options + } + ); + } + + if (typeof state.auth.on2fa !== "function") { + throw new RequestError( + "2FA required, but options.on2fa is not a function. See https://github.com/octokit/rest.js#authentication", + 401, + { + headers: error.headers, + request: options + } + ); + } + + return Promise.resolve() + .then(() => { + return state.auth.on2fa(); + }) + .then(oneTimePassword => { + const newOptions = Object.assign(options, { + headers: Object.assign( + { "x-github-otp": oneTimePassword }, + options.headers + ) + }); + return state.octokit.request(newOptions); + }); } @@ -4858,75 +4962,51 @@ function readShebang(command) { return shebangCommand(buffer.toString()); } -module.exports = readShebang; - - -/***/ }), - -/***/ 413: -/***/ (function(module) { +module.exports = readShebang; -module.exports = require("stream"); /***/ }), -/***/ 414: +/***/ 402: /***/ (function(module, __unusedexports, __webpack_require__) { -module.exports = authenticationBeforeRequest; - -const btoa = __webpack_require__(675); +module.exports = Octokit; -const withAuthorizationPrefix = __webpack_require__(85); +const { request } = __webpack_require__(753); +const Hook = __webpack_require__(523); -function authenticationBeforeRequest(state, options) { - if (typeof state.auth === "string") { - options.headers.authorization = withAuthorizationPrefix(state.auth); - return; - } +const parseClientOptions = __webpack_require__(294); - if (state.auth.username) { - const hash = btoa(`${state.auth.username}:${state.auth.password}`); - options.headers.authorization = `Basic ${hash}`; - if (state.otp) { - options.headers["x-github-otp"] = state.otp; - } - return; - } +function Octokit(plugins, options) { + options = options || {}; + const hook = new Hook.Collection(); + const log = Object.assign( + { + debug: () => {}, + info: () => {}, + warn: console.warn, + error: console.error + }, + options && options.log + ); + const api = { + hook, + log, + request: request.defaults(parseClientOptions(options, log, hook)) + }; - if (state.auth.clientId) { - // There is a special case for OAuth applications, when `clientId` and `clientSecret` is passed as - // Basic Authorization instead of query parameters. The only routes where that applies share the same - // URL though: `/applications/:client_id/tokens/:access_token`. - // - // 1. [Check an authorization](https://developer.github.com/v3/oauth_authorizations/#check-an-authorization) - // 2. [Reset an authorization](https://developer.github.com/v3/oauth_authorizations/#reset-an-authorization) - // 3. [Revoke an authorization for an application](https://developer.github.com/v3/oauth_authorizations/#revoke-an-authorization-for-an-application) - // - // We identify by checking the URL. It must merge both "/applications/:client_id/tokens/:access_token" - // as well as "/applications/123/tokens/token456" - if (/\/applications\/:?[\w_]+\/tokens\/:?[\w_]+($|\?)/.test(options.url)) { - const hash = btoa(`${state.auth.clientId}:${state.auth.clientSecret}`); - options.headers.authorization = `Basic ${hash}`; - return; - } + plugins.forEach(pluginFunction => pluginFunction(api, options)); - options.url += options.url.indexOf("?") === -1 ? "?" : "&"; - options.url += `client_id=${state.auth.clientId}&client_secret=${state.auth.clientSecret}`; - return; - } + return api; +} - return Promise.resolve() - .then(() => { - return state.auth(); - }) +/***/ }), - .then(authorization => { - options.headers.authorization = withAuthorizationPrefix(authorization); - }); -} +/***/ 413: +/***/ (function(module) { +module.exports = require("stream"); /***/ }), @@ -4975,6 +5055,20 @@ function errname(uv, code) { +/***/ }), + +/***/ 430: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = octokitValidate; + +const validate = __webpack_require__(348); + +function octokitValidate(octokit) { + octokit.hook.before("request", validate.bind(null, octokit)); +} + + /***/ }), /***/ 431: @@ -5060,74 +5154,6 @@ function escapeProperty(s) { } //# sourceMappingURL=command.js.map -/***/ }), - -/***/ 446: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = authenticationRequestError; - -const { RequestError } = __webpack_require__(102); - -function authenticationRequestError(state, error, options) { - if (!error.headers) throw error; - - const otpRequired = /required/.test(error.headers["x-github-otp"] || ""); - // handle "2FA required" error only - if (error.status !== 401 || !otpRequired) { - throw error; - } - - if ( - error.status === 401 && - otpRequired && - error.request && - error.request.headers["x-github-otp"] - ) { - if (state.otp) { - delete state.otp; // no longer valid, request again - } else { - throw new RequestError( - "Invalid one-time password for two-factor authentication", - 401, - { - headers: error.headers, - request: options - } - ); - } - } - - if (typeof state.auth.on2fa !== "function") { - throw new RequestError( - "2FA required, but options.on2fa is not a function. See https://github.com/octokit/rest.js#authentication", - 401, - { - headers: error.headers, - request: options - } - ); - } - - return Promise.resolve() - .then(() => { - return state.auth.on2fa(); - }) - .then(oneTimePassword => { - const newOptions = Object.assign(options, { - headers: Object.assign(options.headers, { - "x-github-otp": oneTimePassword - }) - }); - return state.octokit.request(newOptions).then(response => { - // If OTP still valid, then persist it for following requests - state.otp = oneTimePassword; - return response; - }); - }); -} - - /***/ }), /***/ 453: @@ -7000,7 +7026,7 @@ var __importStar = (this && this.__importStar) || function (mod) { Object.defineProperty(exports, "__esModule", { value: true }); // Originally pulled from https://github.com/JasonEtco/actions-toolkit/blob/master/src/github.ts const graphql_1 = __webpack_require__(898); -const rest_1 = __webpack_require__(741); +const rest_1 = __webpack_require__(0); const Context = __importStar(__webpack_require__(262)); const httpClient = __importStar(__webpack_require__(539)); // We need this in order to extend Octokit @@ -7023,13 +7049,15 @@ class GitHub extends rest_1.Octokit { static getOctokitOptions(args) { const token = args[0]; const options = Object.assign({}, args[1]); // Shallow clone - don't mutate the object provided by the caller + // Base URL - GHES or Dotcom + options.baseUrl = options.baseUrl || this.getApiBaseUrl(); // Auth const auth = GitHub.getAuthString(token, options); if (auth) { options.auth = auth; } // Proxy - const agent = GitHub.getProxyAgent(options); + const agent = GitHub.getProxyAgent(options.baseUrl, options); if (agent) { // Shallow clone - don't mutate the object provided by the caller options.request = options.request ? Object.assign({}, options.request) : {}; @@ -7040,6 +7068,7 @@ class GitHub extends rest_1.Octokit { } static getGraphQL(args) { const defaults = {}; + defaults.baseUrl = this.getGraphQLBaseUrl(); const token = args[0]; const options = args[1]; // Authorization @@ -7050,7 +7079,7 @@ class GitHub extends rest_1.Octokit { }; } // Proxy - const agent = GitHub.getProxyAgent(options); + const agent = GitHub.getProxyAgent(defaults.baseUrl, options); if (agent) { defaults.request = { agent }; } @@ -7066,17 +7095,31 @@ class GitHub extends rest_1.Octokit { } return typeof options.auth === 'string' ? options.auth : `token ${token}`; } - static getProxyAgent(options) { + static getProxyAgent(destinationUrl, options) { var _a; if (!((_a = options.request) === null || _a === void 0 ? void 0 : _a.agent)) { - const serverUrl = 'https://api.github.com'; - if (httpClient.getProxyUrl(serverUrl)) { + if (httpClient.getProxyUrl(destinationUrl)) { const hc = new httpClient.HttpClient(); - return hc.getAgent(serverUrl); + return hc.getAgent(destinationUrl); } } return undefined; } + static getApiBaseUrl() { + return process.env['GITHUB_API_URL'] || 'https://api.github.com'; + } + static getGraphQLBaseUrl() { + let url = process.env['GITHUB_GRAPHQL_URL'] || 'https://api.github.com/graphql'; + // Shouldn't be a trailing slash, but remove if so + if (url.endsWith('/')) { + url = url.substr(0, url.length - 1); + } + // Remove trailing "/graphql" + if (url.toUpperCase().endsWith('/GRAPHQL')) { + url = url.substr(0, url.length - '/graphql'.length); + } + return url; + } } exports.GitHub = GitHub; //# sourceMappingURL=github.js.map @@ -7297,6 +7340,56 @@ function getState(name) { exports.getState = getState; //# sourceMappingURL=core.js.map +/***/ }), + +/***/ 471: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = authenticationBeforeRequest; + +const btoa = __webpack_require__(675); +const uniq = __webpack_require__(126); + +function authenticationBeforeRequest(state, options) { + if (!state.auth.type) { + return; + } + + if (state.auth.type === "basic") { + const hash = btoa(`${state.auth.username}:${state.auth.password}`); + options.headers.authorization = `Basic ${hash}`; + return; + } + + if (state.auth.type === "token") { + options.headers.authorization = `token ${state.auth.token}`; + return; + } + + if (state.auth.type === "app") { + options.headers.authorization = `Bearer ${state.auth.token}`; + const acceptHeaders = options.headers.accept + .split(",") + .concat("application/vnd.github.machine-man-preview+json"); + options.headers.accept = uniq(acceptHeaders) + .filter(Boolean) + .join(","); + return; + } + + options.url += options.url.indexOf("?") === -1 ? "?" : "&"; + + if (state.auth.token) { + options.url += `access_token=${encodeURIComponent(state.auth.token)}`; + return; + } + + const key = encodeURIComponent(state.auth.key); + const secret = encodeURIComponent(state.auth.secret); + options.url += `client_id=${key}&client_secret=${secret}`; +} + + /***/ }), /***/ 489: @@ -7323,33 +7416,96 @@ function resolveCommandAttempt(parsed, withoutPathExt) { } } - let resolved; + let resolved; + + try { + resolved = which.sync(parsed.command, { + path: (parsed.options.env || process.env)[pathKey], + pathExt: withoutPathExt ? path.delimiter : undefined, + }); + } catch (e) { + /* Empty */ + } finally { + process.chdir(cwd); + } + + // If we successfully resolved, ensure that an absolute path is returned + // Note that when a custom `cwd` was used, we need to resolve to an absolute path based on it + if (resolved) { + resolved = path.resolve(hasCustomCwd ? parsed.options.cwd : '', resolved); + } + + return resolved; +} + +function resolveCommand(parsed) { + return resolveCommandAttempt(parsed) || resolveCommandAttempt(parsed, true); +} + +module.exports = resolveCommand; + + +/***/ }), + +/***/ 497: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, '__esModule', { value: true }); + +function _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; } + +var deprecation = __webpack_require__(692); +var once = _interopDefault(__webpack_require__(969)); + +const logOnce = once(deprecation => console.warn(deprecation)); +/** + * Error with extra properties to help with debugging + */ + +class RequestError extends Error { + constructor(message, statusCode, options) { + super(message); // Maintains proper stack trace (only available on V8) + + /* istanbul ignore next */ - try { - resolved = which.sync(parsed.command, { - path: (parsed.options.env || process.env)[pathKey], - pathExt: withoutPathExt ? path.delimiter : undefined, - }); - } catch (e) { - /* Empty */ - } finally { - process.chdir(cwd); + if (Error.captureStackTrace) { + Error.captureStackTrace(this, this.constructor); } - // If we successfully resolved, ensure that an absolute path is returned - // Note that when a custom `cwd` was used, we need to resolve to an absolute path based on it - if (resolved) { - resolved = path.resolve(hasCustomCwd ? parsed.options.cwd : '', resolved); + this.name = "HttpError"; + this.status = statusCode; + Object.defineProperty(this, "code", { + get() { + logOnce(new deprecation.Deprecation("[@octokit/request-error] `error.code` is deprecated, use `error.status`.")); + return statusCode; + } + + }); + this.headers = options.headers || {}; // redact request credentials without mutating original request options + + const requestCopy = Object.assign({}, options.request); + + if (options.request.headers.authorization) { + requestCopy.headers = Object.assign({}, options.request.headers, { + authorization: options.request.headers.authorization.replace(/ .*$/, " [REDACTED]") + }); } - return resolved; -} + requestCopy.url = requestCopy.url // client_id & client_secret can be passed as URL query parameters to increase rate limit + // see https://developer.github.com/v3/#increasing-the-unauthenticated-rate-limit-for-oauth-applications + .replace(/\bclient_secret=\w+/g, "client_secret=[REDACTED]") // OAuth tokens can be passed as URL query parameters, although it is not recommended + // see https://developer.github.com/v3/#oauth2-token-sent-in-a-header + .replace(/\baccess_token=\w+/g, "access_token=[REDACTED]"); + this.request = requestCopy; + } -function resolveCommand(parsed) { - return resolveCommandAttempt(parsed) || resolveCommandAttempt(parsed, true); } -module.exports = resolveCommand; +exports.RequestError = RequestError; +//# sourceMappingURL=index.js.map /***/ }), @@ -7405,23 +7561,6 @@ function addHook (state, kind, name, hook) { } -/***/ }), - -/***/ 513: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = factory; - -const Octokit = __webpack_require__(135); -const registerPlugin = __webpack_require__(861); - -function factory(plugins) { - const Api = Octokit.bind(null, plugins || []); - Api.plugin = registerPlugin.bind(null, plugins || []); - return Api; -} - - /***/ }), /***/ 523: @@ -7486,6 +7625,16 @@ module.exports.Singular = Hook.Singular module.exports.Collection = Hook.Collection +/***/ }), + +/***/ 529: +/***/ (function(module, __unusedexports, __webpack_require__) { + +const factory = __webpack_require__(47); + +module.exports = factory(); + + /***/ }), /***/ 536: @@ -7502,34 +7651,6 @@ function hasFirstPage (link) { } -/***/ }), - -/***/ 538: -/***/ (function(module) { - -module.exports = validateAuth; - -function validateAuth(auth) { - if (typeof auth === "string") { - return; - } - - if (typeof auth === "function") { - return; - } - - if (auth.username && auth.password) { - return; - } - - if (auth.clientId && auth.clientSecret) { - return; - } - - throw new Error(`Invalid "auth" option: ${JSON.stringify(auth)}`); -} - - /***/ }), /***/ 539: @@ -7591,8 +7712,18 @@ function getProxyUrl(serverUrl) { return proxyUrl ? proxyUrl.href : ''; } exports.getProxyUrl = getProxyUrl; -const HttpRedirectCodes = [HttpCodes.MovedPermanently, HttpCodes.ResourceMoved, HttpCodes.SeeOther, HttpCodes.TemporaryRedirect, HttpCodes.PermanentRedirect]; -const HttpResponseRetryCodes = [HttpCodes.BadGateway, HttpCodes.ServiceUnavailable, HttpCodes.GatewayTimeout]; +const HttpRedirectCodes = [ + HttpCodes.MovedPermanently, + HttpCodes.ResourceMoved, + HttpCodes.SeeOther, + HttpCodes.TemporaryRedirect, + HttpCodes.PermanentRedirect +]; +const HttpResponseRetryCodes = [ + HttpCodes.BadGateway, + HttpCodes.ServiceUnavailable, + HttpCodes.GatewayTimeout +]; const RetryableHttpVerbs = ['OPTIONS', 'GET', 'DELETE', 'HEAD']; const ExponentialBackoffCeiling = 10; const ExponentialBackoffTimeSlice = 5; @@ -7717,18 +7848,22 @@ class HttpClient { */ async request(verb, requestUrl, data, headers) { if (this._disposed) { - throw new Error("Client has already been disposed."); + throw new Error('Client has already been disposed.'); } let parsedUrl = url.parse(requestUrl); let info = this._prepareRequest(verb, parsedUrl, headers); // Only perform retries on reads since writes may not be idempotent. - let maxTries = (this._allowRetries && RetryableHttpVerbs.indexOf(verb) != -1) ? this._maxRetries + 1 : 1; + let maxTries = this._allowRetries && RetryableHttpVerbs.indexOf(verb) != -1 + ? this._maxRetries + 1 + : 1; let numTries = 0; let response; while (numTries < maxTries) { response = await this.requestRaw(info, data); // Check if it's an authentication challenge - if (response && response.message && response.message.statusCode === HttpCodes.Unauthorized) { + if (response && + response.message && + response.message.statusCode === HttpCodes.Unauthorized) { let authenticationHandler; for (let i = 0; i < this.handlers.length; i++) { if (this.handlers[i].canHandleAuthentication(response)) { @@ -7746,21 +7881,32 @@ class HttpClient { } } let redirectsRemaining = this._maxRedirects; - while (HttpRedirectCodes.indexOf(response.message.statusCode) != -1 - && this._allowRedirects - && redirectsRemaining > 0) { - const redirectUrl = response.message.headers["location"]; + while (HttpRedirectCodes.indexOf(response.message.statusCode) != -1 && + this._allowRedirects && + redirectsRemaining > 0) { + const redirectUrl = response.message.headers['location']; if (!redirectUrl) { // if there's no location to redirect to, we won't break; } let parsedRedirectUrl = url.parse(redirectUrl); - if (parsedUrl.protocol == 'https:' && parsedUrl.protocol != parsedRedirectUrl.protocol && !this._allowRedirectDowngrade) { - throw new Error("Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true."); + if (parsedUrl.protocol == 'https:' && + parsedUrl.protocol != parsedRedirectUrl.protocol && + !this._allowRedirectDowngrade) { + throw new Error('Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.'); } // we need to finish reading the response before reassigning response // which will leak the open socket. await response.readBody(); + // strip authorization header if redirected to a different hostname + if (parsedRedirectUrl.hostname !== parsedUrl.hostname) { + for (let header in headers) { + // header names are case insensitive + if (header.toLowerCase() === 'authorization') { + delete headers[header]; + } + } + } // let's make the request with the new redirectUrl info = this._prepareRequest(verb, parsedRedirectUrl, headers); response = await this.requestRaw(info, data); @@ -7811,8 +7957,8 @@ class HttpClient { */ requestRawWithCallback(info, data, onResult) { let socket; - if (typeof (data) === 'string') { - info.options.headers["Content-Length"] = Buffer.byteLength(data, 'utf8'); + if (typeof data === 'string') { + info.options.headers['Content-Length'] = Buffer.byteLength(data, 'utf8'); } let callbackCalled = false; let handleResult = (err, res) => { @@ -7825,7 +7971,7 @@ class HttpClient { let res = new HttpClientResponse(msg); handleResult(null, res); }); - req.on('socket', (sock) => { + req.on('socket', sock => { socket = sock; }); // If we ever get disconnected, we want the socket to timeout eventually @@ -7840,10 +7986,10 @@ class HttpClient { // res should have headers handleResult(err, null); }); - if (data && typeof (data) === 'string') { + if (data && typeof data === 'string') { req.write(data, 'utf8'); } - if (data && typeof (data) !== 'string') { + if (data && typeof data !== 'string') { data.on('close', function () { req.end(); }); @@ -7870,31 +8016,34 @@ class HttpClient { const defaultPort = usingSsl ? 443 : 80; info.options = {}; info.options.host = info.parsedUrl.hostname; - info.options.port = info.parsedUrl.port ? parseInt(info.parsedUrl.port) : defaultPort; - info.options.path = (info.parsedUrl.pathname || '') + (info.parsedUrl.search || ''); + info.options.port = info.parsedUrl.port + ? parseInt(info.parsedUrl.port) + : defaultPort; + info.options.path = + (info.parsedUrl.pathname || '') + (info.parsedUrl.search || ''); info.options.method = method; info.options.headers = this._mergeHeaders(headers); if (this.userAgent != null) { - info.options.headers["user-agent"] = this.userAgent; + info.options.headers['user-agent'] = this.userAgent; } info.options.agent = this._getAgent(info.parsedUrl); // gives handlers an opportunity to participate if (this.handlers) { - this.handlers.forEach((handler) => { + this.handlers.forEach(handler => { handler.prepareRequest(info.options); }); } return info; } _mergeHeaders(headers) { - const lowercaseKeys = obj => Object.keys(obj).reduce((c, k) => (c[k.toLowerCase()] = obj[k], c), {}); + const lowercaseKeys = obj => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {}); if (this.requestOptions && this.requestOptions.headers) { return Object.assign({}, lowercaseKeys(this.requestOptions.headers), lowercaseKeys(headers)); } return lowercaseKeys(headers || {}); } _getExistingOrDefaultHeader(additionalHeaders, header, _default) { - const lowercaseKeys = obj => Object.keys(obj).reduce((c, k) => (c[k.toLowerCase()] = obj[k], c), {}); + const lowercaseKeys = obj => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {}); let clientHeader; if (this.requestOptions && this.requestOptions.headers) { clientHeader = lowercaseKeys(this.requestOptions.headers)[header]; @@ -7932,7 +8081,7 @@ class HttpClient { proxyAuth: proxyUrl.auth, host: proxyUrl.hostname, port: proxyUrl.port - }, + } }; let tunnelAgent; const overHttps = proxyUrl.protocol === 'https:'; @@ -7959,7 +8108,9 @@ class HttpClient { // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options // we have to cast it to any and change it directly - agent.options = Object.assign(agent.options || {}, { rejectUnauthorized: false }); + agent.options = Object.assign(agent.options || {}, { + rejectUnauthorized: false + }); } return agent; } @@ -8020,7 +8171,7 @@ class HttpClient { msg = contents; } else { - msg = "Failed request: (" + statusCode + ")"; + msg = 'Failed request: (' + statusCode + ')'; } let err = new Error(msg); // attach statusCode and body obj (if available) to the error object @@ -8595,6 +8746,65 @@ exports.IssueProcessor = IssueProcessor; module.exports = require("util"); +/***/ }), + +/***/ 674: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = authenticate; + +const { Deprecation } = __webpack_require__(692); +const once = __webpack_require__(969); + +const deprecateAuthenticate = once((log, deprecation) => log.warn(deprecation)); + +function authenticate(state, options) { + deprecateAuthenticate( + state.octokit.log, + new Deprecation( + '[@octokit/rest] octokit.authenticate() is deprecated. Use "auth" constructor option instead.' + ) + ); + + if (!options) { + state.auth = false; + return; + } + + switch (options.type) { + case "basic": + if (!options.username || !options.password) { + throw new Error( + "Basic authentication requires both a username and password to be set" + ); + } + break; + + case "oauth": + if (!options.token && !(options.key && options.secret)) { + throw new Error( + "OAuth2 authentication requires a token or key & secret to be set" + ); + } + break; + + case "token": + case "app": + if (!options.token) { + throw new Error("Token authentication requires a token to be set"); + } + break; + + default: + throw new Error( + "Invalid authentication type, must be 'basic', 'oauth', 'token' or 'app'" + ); + } + + state.auth = options; +} + + /***/ }), /***/ 675: @@ -8712,56 +8922,6 @@ module.exports = (promise, onFinally) => { }; -/***/ }), - -/***/ 741: -/***/ (function(module, __unusedexports, __webpack_require__) { - -const { requestLog } = __webpack_require__(916); -const { - restEndpointMethods -} = __webpack_require__(842); - -const Core = __webpack_require__(37); - -const CORE_PLUGINS = [ - __webpack_require__(890), - __webpack_require__(953), // deprecated: remove in v17 - requestLog, - __webpack_require__(786), - restEndpointMethods, - __webpack_require__(341), - - __webpack_require__(850) // deprecated: remove in v17 -]; - -const OctokitRest = Core.plugin(CORE_PLUGINS); - -function DeprecatedOctokit(options) { - const warn = - options && options.log && options.log.warn - ? options.log.warn - : console.warn; - warn( - '[@octokit/rest] `const Octokit = require("@octokit/rest")` is deprecated. Use `const { Octokit } = require("@octokit/rest")` instead' - ); - return new OctokitRest(options); -} - -const Octokit = Object.assign(DeprecatedOctokit, { - Octokit: OctokitRest -}); - -Object.keys(OctokitRest).forEach(key => { - /* istanbul ignore else */ - if (OctokitRest.hasOwnProperty(key)) { - Octokit[key] = OctokitRest[key]; - } -}); - -module.exports = Octokit; - - /***/ }), /***/ 742: @@ -9040,93 +9200,20 @@ module.exports = function (x) { } return x; -}; - - -/***/ }), - -/***/ 777: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = getFirstPage - -const getPage = __webpack_require__(265) - -function getFirstPage (octokit, link, headers) { - return getPage(octokit, link, 'first', headers) -} - - -/***/ }), - -/***/ 786: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = paginatePlugin; - -const { paginateRest } = __webpack_require__(299); - -function paginatePlugin(octokit) { - Object.assign(octokit, paginateRest(octokit)); -} - - -/***/ }), - -/***/ 790: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = authenticate; - -const { Deprecation } = __webpack_require__(692); -const once = __webpack_require__(969); - -const deprecateAuthenticate = once((log, deprecation) => log.warn(deprecation)); - -function authenticate(state, options) { - deprecateAuthenticate( - state.octokit.log, - new Deprecation( - '[@octokit/rest] octokit.authenticate() is deprecated. Use "auth" constructor option instead.' - ) - ); +}; - if (!options) { - state.auth = false; - return; - } - switch (options.type) { - case "basic": - if (!options.username || !options.password) { - throw new Error( - "Basic authentication requires both a username and password to be set" - ); - } - break; +/***/ }), - case "oauth": - if (!options.token && !(options.key && options.secret)) { - throw new Error( - "OAuth2 authentication requires a token or key & secret to be set" - ); - } - break; +/***/ 777: +/***/ (function(module, __unusedexports, __webpack_require__) { - case "token": - case "app": - if (!options.token) { - throw new Error("Token authentication requires a token to be set"); - } - break; +module.exports = getFirstPage - default: - throw new Error( - "Invalid authentication type, must be 'basic', 'oauth', 'token' or 'app'" - ); - } +const getPage = __webpack_require__(265) - state.auth = options; +function getFirstPage (octokit, link, headers) { + return getPage(octokit, link, 'first', headers) } @@ -23586,6 +23673,22 @@ function get(object, path, defaultValue) { module.exports = get; +/***/ }), + +/***/ 855: +/***/ (function(module, __unusedexports, __webpack_require__) { + +module.exports = registerPlugin; + +const factory = __webpack_require__(47); + +function registerPlugin(plugins, pluginFunction) { + return factory( + plugins.includes(pluginFunction) ? plugins : plugins.concat(pluginFunction) + ); +} + + /***/ }), /***/ 856: @@ -23596,17 +23699,91 @@ module.exports = __webpack_require__(141); /***/ }), -/***/ 861: +/***/ 862: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + + +Object.defineProperty(exports, '__esModule', { value: true }); + +function _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; } + +var osName = _interopDefault(__webpack_require__(2)); + +function getUserAgent() { + try { + return `Node.js/${process.version.substr(1)} (${osName()}; ${process.arch})`; + } catch (error) { + if (/wmic os get Caption/.test(error.message)) { + return "Windows "; + } + + return ""; + } +} + +exports.getUserAgent = getUserAgent; +//# sourceMappingURL=index.js.map + + +/***/ }), + +/***/ 863: /***/ (function(module, __unusedexports, __webpack_require__) { -module.exports = registerPlugin; +module.exports = authenticationBeforeRequest; -const factory = __webpack_require__(513); +const btoa = __webpack_require__(675); -function registerPlugin(plugins, pluginFunction) { - return factory( - plugins.includes(pluginFunction) ? plugins : plugins.concat(pluginFunction) - ); +const withAuthorizationPrefix = __webpack_require__(143); + +function authenticationBeforeRequest(state, options) { + if (typeof state.auth === "string") { + options.headers.authorization = withAuthorizationPrefix(state.auth); + return; + } + + if (state.auth.username) { + const hash = btoa(`${state.auth.username}:${state.auth.password}`); + options.headers.authorization = `Basic ${hash}`; + if (state.otp) { + options.headers["x-github-otp"] = state.otp; + } + return; + } + + if (state.auth.clientId) { + // There is a special case for OAuth applications, when `clientId` and `clientSecret` is passed as + // Basic Authorization instead of query parameters. The only routes where that applies share the same + // URL though: `/applications/:client_id/tokens/:access_token`. + // + // 1. [Check an authorization](https://developer.github.com/v3/oauth_authorizations/#check-an-authorization) + // 2. [Reset an authorization](https://developer.github.com/v3/oauth_authorizations/#reset-an-authorization) + // 3. [Revoke an authorization for an application](https://developer.github.com/v3/oauth_authorizations/#revoke-an-authorization-for-an-application) + // + // We identify by checking the URL. It must merge both "/applications/:client_id/tokens/:access_token" + // as well as "/applications/123/tokens/token456" + if (/\/applications\/:?[\w_]+\/tokens\/:?[\w_]+($|\?)/.test(options.url)) { + const hash = btoa(`${state.auth.clientId}:${state.auth.clientSecret}`); + options.headers.authorization = `Basic ${hash}`; + return; + } + + options.url += options.url.indexOf("?") === -1 ? "?" : "&"; + options.url += `client_id=${state.auth.clientId}&client_secret=${state.auth.clientSecret}`; + return; + } + + return Promise.resolve() + + .then(() => { + return state.auth(); + }) + + .then(authorization => { + options.headers.authorization = withAuthorizationPrefix(authorization); + }); } @@ -24701,89 +24878,6 @@ function set(object, path, value) { module.exports = set; -/***/ }), - -/***/ 890: -/***/ (function(module, __unusedexports, __webpack_require__) { - -module.exports = authenticationPlugin; - -const { createTokenAuth } = __webpack_require__(813); -const { Deprecation } = __webpack_require__(692); -const once = __webpack_require__(969); - -const beforeRequest = __webpack_require__(414); -const requestError = __webpack_require__(446); -const validate = __webpack_require__(538); -const withAuthorizationPrefix = __webpack_require__(85); - -const deprecateAuthBasic = once((log, deprecation) => log.warn(deprecation)); -const deprecateAuthObject = once((log, deprecation) => log.warn(deprecation)); - -function authenticationPlugin(octokit, options) { - // If `options.authStrategy` is set then use it and pass in `options.auth` - if (options.authStrategy) { - const auth = options.authStrategy(options.auth); - octokit.hook.wrap("request", auth.hook); - octokit.auth = auth; - return; - } - - // If neither `options.authStrategy` nor `options.auth` are set, the `octokit` instance - // is unauthenticated. The `octokit.auth()` method is a no-op and no request hook is registred. - if (!options.auth) { - octokit.auth = () => - Promise.resolve({ - type: "unauthenticated" - }); - return; - } - - const isBasicAuthString = - typeof options.auth === "string" && - /^basic/.test(withAuthorizationPrefix(options.auth)); - - // If only `options.auth` is set to a string, use the default token authentication strategy. - if (typeof options.auth === "string" && !isBasicAuthString) { - const auth = createTokenAuth(options.auth); - octokit.hook.wrap("request", auth.hook); - octokit.auth = auth; - return; - } - - // Otherwise log a deprecation message - const [deprecationMethod, deprecationMessapge] = isBasicAuthString - ? [ - deprecateAuthBasic, - 'Setting the "new Octokit({ auth })" option to a Basic Auth string is deprecated. Use https://github.com/octokit/auth-basic.js instead. See (https://octokit.github.io/rest.js/#authentication)' - ] - : [ - deprecateAuthObject, - 'Setting the "new Octokit({ auth })" option to an object without also setting the "authStrategy" option is deprecated and will be removed in v17. See (https://octokit.github.io/rest.js/#authentication)' - ]; - deprecationMethod( - octokit.log, - new Deprecation("[@octokit/rest] " + deprecationMessapge) - ); - - octokit.auth = () => - Promise.resolve({ - type: "deprecated", - message: deprecationMessapge - }); - - validate(options.auth); - - const state = { - octokit, - auth: options.auth - }; - - octokit.hook.before("request", beforeRequest.bind(null, state)); - octokit.hook.error("request", requestError.bind(null, state)); -} - - /***/ }), /***/ 898: @@ -24795,9 +24889,9 @@ function authenticationPlugin(octokit, options) { Object.defineProperty(exports, '__esModule', { value: true }); var request = __webpack_require__(753); -var universalUserAgent = __webpack_require__(796); +var universalUserAgent = __webpack_require__(862); -const VERSION = "4.3.1"; +const VERSION = "4.4.0"; class GraphqlError extends Error { constructor(request, response) { @@ -24816,7 +24910,7 @@ class GraphqlError extends Error { } -const NON_VARIABLE_OPTIONS = ["method", "baseUrl", "url", "headers", "request", "query"]; +const NON_VARIABLE_OPTIONS = ["method", "baseUrl", "url", "headers", "request", "query", "mediaType"]; function graphql(request, query, options) { options = typeof query === "string" ? options = Object.assign({ query @@ -24915,13 +25009,6 @@ exports.requestLog = requestLog; //# sourceMappingURL=index.js.map -/***/ }), - -/***/ 919: -/***/ (function(module) { - -module.exports = {"_from":"@octokit/rest@^16.43.1","_id":"@octokit/rest@16.43.1","_inBundle":false,"_integrity":"sha512-gfFKwRT/wFxq5qlNjnW2dh+qh74XgTQ2B179UX5K1HYCluioWj8Ndbgqw2PVqa1NnVJkGHp2ovMpVn/DImlmkw==","_location":"/@actions/github/@octokit/rest","_phantomChildren":{},"_requested":{"type":"range","registry":true,"raw":"@octokit/rest@^16.43.1","name":"@octokit/rest","escapedName":"@octokit%2frest","scope":"@octokit","rawSpec":"^16.43.1","saveSpec":null,"fetchSpec":"^16.43.1"},"_requiredBy":["/@actions/github"],"_resolved":"https://registry.npmjs.org/@octokit/rest/-/rest-16.43.1.tgz","_shasum":"3b11e7d1b1ac2bbeeb23b08a17df0b20947eda6b","_spec":"@octokit/rest@^16.43.1","_where":"/Users/hross/Code/stale/node_modules/@actions/github","author":{"name":"Gregor Martynus","url":"https://github.com/gr2m"},"bugs":{"url":"https://github.com/octokit/rest.js/issues"},"bundleDependencies":false,"bundlesize":[{"path":"./dist/octokit-rest.min.js.gz","maxSize":"33 kB"}],"contributors":[{"name":"Mike de Boer","email":"info@mikedeboer.nl"},{"name":"Fabian Jakobs","email":"fabian@c9.io"},{"name":"Joe Gallo","email":"joe@brassafrax.com"},{"name":"Gregor Martynus","url":"https://github.com/gr2m"}],"dependencies":{"@octokit/auth-token":"^2.4.0","@octokit/plugin-paginate-rest":"^1.1.1","@octokit/plugin-request-log":"^1.0.0","@octokit/plugin-rest-endpoint-methods":"2.4.0","@octokit/request":"^5.2.0","@octokit/request-error":"^1.0.2","atob-lite":"^2.0.0","before-after-hook":"^2.0.0","btoa-lite":"^1.0.0","deprecation":"^2.0.0","lodash.get":"^4.4.2","lodash.set":"^4.3.2","lodash.uniq":"^4.5.0","octokit-pagination-methods":"^1.1.0","once":"^1.4.0","universal-user-agent":"^4.0.0"},"deprecated":false,"description":"GitHub REST API client for Node.js","devDependencies":{"@gimenete/type-writer":"^0.1.3","@octokit/auth":"^1.1.1","@octokit/fixtures-server":"^5.0.6","@octokit/graphql":"^4.2.0","@types/node":"^13.1.0","bundlesize":"^0.18.0","chai":"^4.1.2","compression-webpack-plugin":"^3.1.0","cypress":"^3.0.0","glob":"^7.1.2","http-proxy-agent":"^4.0.0","lodash.camelcase":"^4.3.0","lodash.merge":"^4.6.1","lodash.upperfirst":"^4.3.1","lolex":"^5.1.2","mkdirp":"^1.0.0","mocha":"^7.0.1","mustache":"^4.0.0","nock":"^11.3.3","npm-run-all":"^4.1.2","nyc":"^15.0.0","prettier":"^1.14.2","proxy":"^1.0.0","semantic-release":"^17.0.0","sinon":"^8.0.0","sinon-chai":"^3.0.0","sort-keys":"^4.0.0","string-to-arraybuffer":"^1.0.0","string-to-jsdoc-comment":"^1.0.0","typescript":"^3.3.1","webpack":"^4.0.0","webpack-bundle-analyzer":"^3.0.0","webpack-cli":"^3.0.0"},"files":["index.js","index.d.ts","lib","plugins"],"homepage":"https://github.com/octokit/rest.js#readme","keywords":["octokit","github","rest","api-client"],"license":"MIT","name":"@octokit/rest","nyc":{"ignore":["test"]},"publishConfig":{"access":"public"},"release":{"publish":["@semantic-release/npm",{"path":"@semantic-release/github","assets":["dist/*","!dist/*.map.gz"]}]},"repository":{"type":"git","url":"git+https://github.com/octokit/rest.js.git"},"scripts":{"build":"npm-run-all build:*","build:browser":"npm-run-all build:browser:*","build:browser:development":"webpack --mode development --entry . --output-library=Octokit --output=./dist/octokit-rest.js --profile --json > dist/bundle-stats.json","build:browser:production":"webpack --mode production --entry . --plugin=compression-webpack-plugin --output-library=Octokit --output-path=./dist --output-filename=octokit-rest.min.js --devtool source-map","build:ts":"npm run -s update-endpoints:typescript","coverage":"nyc report --reporter=html && open coverage/index.html","generate-bundle-report":"webpack-bundle-analyzer dist/bundle-stats.json --mode=static --no-open --report dist/bundle-report.html","lint":"prettier --check '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js README.md package.json","lint:fix":"prettier --write '{lib,plugins,scripts,test}/**/*.{js,json,ts}' 'docs/*.{js,json}' 'docs/src/**/*' index.js README.md package.json","postvalidate:ts":"tsc --noEmit --target es6 test/typescript-validate.ts","prebuild:browser":"mkdirp dist/","pretest":"npm run -s lint","prevalidate:ts":"npm run -s build:ts","start-fixtures-server":"octokit-fixtures-server","test":"nyc mocha test/mocha-node-setup.js \"test/*/**/*-test.js\"","test:browser":"cypress run --browser chrome","update-endpoints":"npm-run-all update-endpoints:*","update-endpoints:fetch-json":"node scripts/update-endpoints/fetch-json","update-endpoints:typescript":"node scripts/update-endpoints/typescript","validate:ts":"tsc --target es6 --noImplicitAny index.d.ts"},"types":"index.d.ts","version":"16.43.1"}; - /***/ }), /***/ 929: @@ -24974,12 +25061,10 @@ function getProxyUrl(reqUrl) { } let proxyVar; if (usingSsl) { - proxyVar = process.env["https_proxy"] || - process.env["HTTPS_PROXY"]; + proxyVar = process.env['https_proxy'] || process.env['HTTPS_PROXY']; } else { - proxyVar = process.env["http_proxy"] || - process.env["HTTP_PROXY"]; + proxyVar = process.env['http_proxy'] || process.env['HTTP_PROXY']; } if (proxyVar) { proxyUrl = url.parse(proxyVar); @@ -24991,7 +25076,7 @@ function checkBypass(reqUrl) { if (!reqUrl.hostname) { return false; } - let noProxy = process.env["no_proxy"] || process.env["NO_PROXY"] || ''; + let noProxy = process.env['no_proxy'] || process.env['NO_PROXY'] || ''; if (!noProxy) { return false; } @@ -25012,7 +25097,10 @@ function checkBypass(reqUrl) { upperReqHosts.push(`${upperReqHosts[0]}:${reqPort}`); } // Compare request host against noproxy - for (let upperNoProxyItem of noProxy.split(',').map(x => x.trim().toUpperCase()).filter(x => x)) { + for (let upperNoProxyItem of noProxy + .split(',') + .map(x => x.trim().toUpperCase()) + .filter(x => x)) { if (upperReqHosts.some(x => x === upperNoProxyItem)) { return true; } @@ -25024,39 +25112,29 @@ exports.checkBypass = checkBypass; /***/ }), -/***/ 953: -/***/ (function(module, __unusedexports, __webpack_require__) { +/***/ 954: +/***/ (function(module) { -module.exports = authenticationPlugin; +module.exports = validateAuth; -const { Deprecation } = __webpack_require__(692); -const once = __webpack_require__(969); +function validateAuth(auth) { + if (typeof auth === "string") { + return; + } -const deprecateAuthenticate = once((log, deprecation) => log.warn(deprecation)); + if (typeof auth === "function") { + return; + } -const authenticate = __webpack_require__(790); -const beforeRequest = __webpack_require__(140); -const requestError = __webpack_require__(240); + if (auth.username && auth.password) { + return; + } -function authenticationPlugin(octokit, options) { - if (options.auth) { - octokit.authenticate = () => { - deprecateAuthenticate( - octokit.log, - new Deprecation( - '[@octokit/rest] octokit.authenticate() is deprecated and has no effect when "auth" option is set on Octokit constructor' - ) - ); - }; + if (auth.clientId && auth.clientSecret) { return; } - const state = { - octokit, - auth: false - }; - octokit.authenticate = authenticate.bind(null, state); - octokit.hook.before("request", beforeRequest.bind(null, state)); - octokit.hook.error("request", requestError.bind(null, state)); + + throw new Error(`Invalid "auth" option: ${JSON.stringify(auth)}`); } diff --git a/package-lock.json b/package-lock.json index 2947783f8..a46f8a680 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10,54 +10,19 @@ "integrity": "sha512-Wp4xnyokakM45Uuj4WLUxdsa8fJjKVl1fDTsPbTEcTcuu0Nb26IPQbOtjmnfaCPGcaoPOOqId8H9NapZ8gii4w==" }, "@actions/github": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/@actions/github/-/github-2.1.1.tgz", - "integrity": "sha512-kAgTGUx7yf5KQCndVeHSwCNZuDBvPyxm5xKTswW2lofugeuC1AZX73nUUVDNaysnM9aKFMHv9YCdVJbg7syEyA==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@actions/github/-/github-2.2.0.tgz", + "integrity": "sha512-9UAZqn8ywdR70n3GwVle4N8ALosQs4z50N7XMXrSTUVOmVpaBC5kE3TRTT7qQdi3OaQV24mjGuJZsHUmhD+ZXw==", "requires": { "@actions/http-client": "^1.0.3", "@octokit/graphql": "^4.3.1", "@octokit/rest": "^16.43.1" - }, - "dependencies": { - "@octokit/request-error": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-1.2.1.tgz", - "integrity": "sha512-+6yDyk1EES6WK+l3viRDElw96MvwfJxCt45GvmjDUKWjYIb3PJZQkq3i46TwGwoPD4h8NmTrENmtyA1FwbmhRA==", - "requires": { - "@octokit/types": "^2.0.0", - "deprecation": "^2.0.0", - "once": "^1.4.0" - } - }, - "@octokit/rest": { - "version": "16.43.1", - "resolved": "https://registry.npmjs.org/@octokit/rest/-/rest-16.43.1.tgz", - "integrity": "sha512-gfFKwRT/wFxq5qlNjnW2dh+qh74XgTQ2B179UX5K1HYCluioWj8Ndbgqw2PVqa1NnVJkGHp2ovMpVn/DImlmkw==", - "requires": { - "@octokit/auth-token": "^2.4.0", - "@octokit/plugin-paginate-rest": "^1.1.1", - "@octokit/plugin-request-log": "^1.0.0", - "@octokit/plugin-rest-endpoint-methods": "2.4.0", - "@octokit/request": "^5.2.0", - "@octokit/request-error": "^1.0.2", - "atob-lite": "^2.0.0", - "before-after-hook": "^2.0.0", - "btoa-lite": "^1.0.0", - "deprecation": "^2.0.0", - "lodash.get": "^4.4.2", - "lodash.set": "^4.3.2", - "lodash.uniq": "^4.5.0", - "octokit-pagination-methods": "^1.1.0", - "once": "^1.4.0", - "universal-user-agent": "^4.0.0" - } - } } }, "@actions/http-client": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-1.0.7.tgz", - "integrity": "sha512-PY3ys/XH5WMekkHyZhYSa/scYvlE5T/TV/T++vABHuY5ZRgtiBZkn2L2tV5Pv/xDCl59lSZb9WwRuWExDyAsSg==", + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-1.0.8.tgz", + "integrity": "sha512-G4JjJ6f9Hb3Zvejj+ewLLKLf99ZC+9v+yCxoYf9vSyH+WkzPLB2LuUtRMGNkooMqdugGBFStIKXOuvH1W+EctA==", "requires": { "tunnel": "0.0.6" } @@ -557,13 +522,23 @@ } }, "@octokit/graphql": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/@octokit/graphql/-/graphql-4.3.1.tgz", - "integrity": "sha512-hCdTjfvrK+ilU2keAdqNBWOk+gm1kai1ZcdjRfB30oA3/T6n53UVJb7w0L5cR3/rhU91xT3HSqCd+qbvH06yxA==", + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/@octokit/graphql/-/graphql-4.4.0.tgz", + "integrity": "sha512-Du3hAaSROQ8EatmYoSAJjzAz3t79t9Opj/WY1zUgxVUGfIKn0AEjg+hlOLscF6fv6i/4y/CeUvsWgIfwMkTccw==", "requires": { "@octokit/request": "^5.3.0", "@octokit/types": "^2.0.0", - "universal-user-agent": "^4.0.0" + "universal-user-agent": "^5.0.0" + }, + "dependencies": { + "universal-user-agent": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-5.0.0.tgz", + "integrity": "sha512-B5TPtzZleXyPrUMKCpEHFmVhMN6EhmJYjG5PQna9s7mXeSqGTLap4OpqLl5FCEFUI3UBmllkETwKf/db66Y54Q==", + "requires": { + "os-name": "^3.1.0" + } + } } }, "@octokit/plugin-paginate-rest": { diff --git a/package.json b/package.json index 81aaa420f..244e55dad 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,7 @@ "license": "MIT", "dependencies": { "@actions/core": "^1.2.3", - "@actions/github": "^2.1.1", + "@actions/github": "^2.2.0", "@octokit/rest": "^16.43.1", "semver": "^6.1.1" },