cicd/sonarqube-scan-action
1
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2026-05-18 17:30:17 +03:00
Code Issues Packages Projects Releases Wiki Activity

NO-JIRA Mask proxy URL and deduplicate test helper

Browse Source 
- Register HTTPS_PROXY as a secret via core.setSecret so embedded
  credentials (e.g. http://user:pass@proxy:8080) cannot leak to CI
  logs, and drop the URL from the info message.
- Hoist clearProxyEnv()/proxyVars to the outer describe scope in the
  GPG verification tests (Sonar S4144).

dist/ regenerated; this also drops stale chunk files that were no
longer emitted by the current rollup config.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Julien HENRY
2026-05-18 14:39:23 +02:00
parent 305fabb1f1
commit 2575ba4966
11 changed files with 24 additions and 57817 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dist/core-DpWEmnbG.js
Vendored
-30514
View File
File diff suppressed because one or more lines are too long
dist/core-DpWEmnbG.js.map
Vendored
-1
View File
File diff suppressed because one or more lines are too long
dist/exec-BTlTa8sL.js
Vendored
-27277
View File
File diff suppressed because one or more lines are too long
dist/exec-BTlTa8sL.js.map
Vendored
-1
View File
File diff suppressed because one or more lines are too long
dist/exec-zlpfwmpH.js → dist/exec-BeYcktvA.js
Vendored
+2 -2
View File
@@ -31829,5 +31829,5 @@ function requireExec () {
var execExports = requireExec();
export { HttpClient as H, info as a, isDebug as b, cp as c, debug as d, exists as e, execExports as f, warning as g, addPath as h, isRooted as i, getInput as j, getBooleanInput as k, core as l, mkdirP as m, setOutput as n, startGroup as o, endGroup as p, rmRF as r, setFailed as s, which as w };
//# sourceMappingURL=exec-zlpfwmpH.js.map
export { HttpClient as H, info as a, isDebug as b, cp as c, debug as d, exists as e, execExports as f, warning as g, addPath as h, isRooted as i, setFailed as j, getInput as k, getBooleanInput as l, mkdirP as m, core as n, setOutput as o, startGroup as p, endGroup as q, rmRF as r, setSecret as s, which as w };
//# sourceMappingURL=exec-BeYcktvA.js.map
dist/exec-zlpfwmpH.js.map → dist/exec-BeYcktvA.js.map
Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
dist/index.js
Vendored
+6 -2
View File
@@ -1,4 +1,4 @@
import { i as isRooted, w as which, e as exists, a as info, d as debug, m as mkdirP, c as cp, H as HttpClient, r as rmRF, b as isDebug, f as execExports, g as warning, h as addPath, s as setFailed, j as getInput, k as getBooleanInput, l as core } from './exec-zlpfwmpH.js';
import { i as isRooted, w as which, e as exists, a as info, d as debug, m as mkdirP, c as cp, H as HttpClient, r as rmRF, b as isDebug, f as execExports, g as warning, s as setSecret, h as addPath, j as setFailed, k as getInput, l as getBooleanInput, n as core } from './exec-BeYcktvA.js';
import * as crypto from 'crypto';
import * as fs from 'fs';
import * as os from 'os';
@@ -4003,7 +4003,11 @@ async function tryImportKey(gpgHome, keyFingerprint, keyserver) {
const proxyUrl = getProxyFromEnv();
if (proxyUrl) {
info(`Using proxy for keyserver access: ${proxyUrl}`);
// The URL may carry credentials (e.g. http://user:pass@proxy:8080).
// Register it as a secret so future logging (here or downstream) is
// automatically redacted
setSecret(proxyUrl);
info("Using HTTPS_PROXY for keyserver access");
}
await execExports.exec(
dist/index.js.map
Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
dist/install-build-wrapper.js
Vendored
+1 -1
View File
@@ -1,4 +1,4 @@
import { f as execExports, h as addPath, a as info, n as setOutput, s as setFailed, o as startGroup, p as endGroup } from './exec-zlpfwmpH.js';
import { f as execExports, h as addPath, a as info, o as setOutput, j as setFailed, p as startGroup, q as endGroup } from './exec-BeYcktvA.js';
import * as fs from 'fs';
import * as path from 'path';
import 'os';
src/main/__tests__/gpg-verification-mocked.test.js
+8 -16
View File
@@ -38,6 +38,14 @@ function createTrackedGpgHome(tempDirs) {
describe("gpg-verification with mocked exec", () => {
let tempDirs = [];
const proxyVars = ["HTTPS_PROXY", "https_proxy", "HTTP_PROXY", "http_proxy"];
function clearProxyEnv() {
for (const v of proxyVars) {
delete process.env[v];
}
}
afterEach(() => {
// Clean up temporary directories
tempDirs.forEach((dir) => {
@@ -485,14 +493,6 @@ describe("gpg-verification with mocked exec", () => {
});
describe("getProxyFromEnv", () => {
const proxyVars = ["HTTPS_PROXY", "https_proxy", "HTTP_PROXY", "http_proxy"];
function clearProxyEnv() {
for (const v of proxyVars) {
delete process.env[v];
}
}
afterEach(() => {
clearProxyEnv();
});
@@ -536,14 +536,6 @@ describe("gpg-verification with mocked exec", () => {
});
describe("tryImportKey with proxy", () => {
const proxyVars = ["HTTPS_PROXY", "https_proxy", "HTTP_PROXY", "http_proxy"];
function clearProxyEnv() {
for (const v of proxyVars) {
delete process.env[v];
}
}
afterEach(() => {
clearProxyEnv();
});
src/main/gpg-verification.js
+5 -1
View File
@@ -151,7 +151,11 @@ async function tryImportKey(gpgHome, keyFingerprint, keyserver) {
const proxyUrl = getProxyFromEnv();
if (proxyUrl) {
core.info(`Using proxy for keyserver access: ${proxyUrl}`);
// The URL may carry credentials (e.g. http://user:pass@proxy:8080).
// Register it as a secret so future logging (here or downstream) is
// automatically redacted
core.setSecret(proxyUrl);
core.info("Using HTTPS_PROXY for keyserver access");
}
await exec.exec(