From f97b83114c6f41cfaa57698147ad3ce20543a127 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 4 Aug 2023 09:55:40 +0200 Subject: [PATCH 1/2] Bump word-wrap from 1.2.3 to 1.2.4 (#702) Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 633ac9961..85c6166a0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6751,9 +6751,9 @@ } }, "node_modules/word-wrap": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", - "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.4.tgz", + "integrity": "sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA==", "dev": true, "engines": { "node": ">=0.10.0" @@ -12044,9 +12044,9 @@ } }, "word-wrap": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", - "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.4.tgz", + "integrity": "sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA==", "dev": true }, "wrap-ansi": { From 65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 Mon Sep 17 00:00:00 2001 From: Dmitry Shibanov Date: Thu, 7 Sep 2023 15:45:09 +0200 Subject: [PATCH 2/2] Add range validation for toml files (#726) --- .github/workflows/test-python.yml | 4 ++-- __tests__/utils.test.ts | 4 ++-- dist/setup/index.js | 11 ++++++++++- src/utils.ts | 16 +++++++++++++++- 4 files changed, 29 insertions(+), 6 deletions(-) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index 56f84796f..9dbdc7071 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -157,7 +157,7 @@ jobs: fail-fast: false matrix: os: [macos-latest, windows-latest, ubuntu-20.04, ubuntu-22.04] - python: [3.5.4, 3.6.7, 3.7.5, 3.8.15, 3.9.13] + python: [3.5.4, 3.6.7, 3.7.5, 3.8.15, 3.9.13, '==3.10.10'] exclude: - os: ubuntu-22.04 python: 3.5.4 @@ -190,7 +190,7 @@ jobs: - name: Validate version run: | $pythonVersion = (python --version) - if ("Python ${{ matrix.python }}" -ne "$pythonVersion"){ + if ("Python ${{ matrix.python }}".replace("==", "") -ne "$pythonVersion"){ Write-Host "The current version is $pythonVersion; expected version is ${{ matrix.python }}" exit 1 } diff --git a/__tests__/utils.test.ts b/__tests__/utils.test.ts index 85b127a49..40ef2f6c5 100644 --- a/__tests__/utils.test.ts +++ b/__tests__/utils.test.ts @@ -107,7 +107,7 @@ describe('Version from file test', () => { await io.mkdirP(tempDir); const pythonVersionFileName = 'pyproject.toml'; const pythonVersionFilePath = path.join(tempDir, pythonVersionFileName); - const pythonVersion = '>=3.7'; + const pythonVersion = '>=3.7.0'; const pythonVersionFileContent = `[project]\nrequires-python = "${pythonVersion}"`; fs.writeFileSync(pythonVersionFilePath, pythonVersionFileContent); expect(_fn(pythonVersionFilePath)).toEqual([pythonVersion]); @@ -119,7 +119,7 @@ describe('Version from file test', () => { await io.mkdirP(tempDir); const pythonVersionFileName = 'pyproject.toml'; const pythonVersionFilePath = path.join(tempDir, pythonVersionFileName); - const pythonVersion = '>=3.7'; + const pythonVersion = '>=3.7.0'; const pythonVersionFileContent = `[tool.poetry.dependencies]\npython = "${pythonVersion}"`; fs.writeFileSync(pythonVersionFilePath, pythonVersionFileContent); expect(_fn(pythonVersionFilePath)).toEqual([pythonVersion]); diff --git a/dist/setup/index.js b/dist/setup/index.js index 37b247905..ef8220c0b 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -70143,7 +70143,16 @@ function getVersionInputFromTomlFile(versionFile) { versions.push(version); } core.info(`Extracted ${versions} from ${versionFile}`); - return Array.from(versions, version => version.split(',').join(' ')); + const rawVersions = Array.from(versions, version => version.split(',').join(' ')); + const validatedVersions = rawVersions + .map(item => semver.validRange(item, true)) + .filter((versionRange, index) => { + if (!versionRange) { + core.debug(`The version ${rawVersions[index]} is not valid SemVer range`); + } + return !!versionRange; + }); + return validatedVersions; } exports.getVersionInputFromTomlFile = getVersionInputFromTomlFile; /** diff --git a/src/utils.ts b/src/utils.ts index 552f5895c..5f000c13b 100644 --- a/src/utils.ts +++ b/src/utils.ts @@ -229,7 +229,21 @@ export function getVersionInputFromTomlFile(versionFile: string): string[] { } core.info(`Extracted ${versions} from ${versionFile}`); - return Array.from(versions, version => version.split(',').join(' ')); + const rawVersions = Array.from(versions, version => + version.split(',').join(' ') + ); + const validatedVersions = rawVersions + .map(item => semver.validRange(item, true)) + .filter((versionRange, index) => { + if (!versionRange) { + core.debug( + `The version ${rawVersions[index]} is not valid SemVer range` + ); + } + + return !!versionRange; + }) as string[]; + return validatedVersions; } /** pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy