From 2b732b899cbe5450a374d0a499fbdab4870fed34 Mon Sep 17 00:00:00 2001 From: Dmitry Shibanov Date: Mon, 13 Dec 2021 18:51:02 +0300 Subject: [PATCH 1/9] Removing a non-existent command from the documentation (#293) --- .github/workflows/licensed.yml | 2 +- README.md | 4 ---- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/licensed.yml b/.github/workflows/licensed.yml index 4c1dfe5fb..4f485f5f9 100644 --- a/.github/workflows/licensed.yml +++ b/.github/workflows/licensed.yml @@ -18,7 +18,7 @@ jobs: - name: Install licensed run: | cd $RUNNER_TEMP - curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/2.12.2/licensed-2.12.2-linux-x64.tar.gz + curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.3.1/licensed-3.3.1-linux-x64.tar.gz sudo tar -xzf licensed.tar.gz sudo mv licensed /usr/local/bin/licensed - run: licensed status diff --git a/README.md b/README.md index 3ab7667ee..12e71698d 100644 --- a/README.md +++ b/README.md @@ -230,7 +230,6 @@ steps: python-version: '3.9' cache: 'pip' - run: pip install -r requirements.txt -- run: pip test ``` **Caching pipenv dependencies:** @@ -244,7 +243,6 @@ steps: python-version: '3.9' cache: 'pipenv' - run: pipenv install -- run: pipenv test ``` **Using wildcard patterns to cache dependencies** @@ -257,7 +255,6 @@ steps: cache: 'pip' cache-dependency-path: '**/requirements-dev.txt' - run: pip install -r subdirectory/requirements-dev.txt -- run: pip test ``` **Using a list of file paths to cache dependencies** @@ -274,7 +271,6 @@ steps: server/app/Pipfile.lock __test__/app/Pipfile.lock - run: pipenv install -- run: pipenv test ``` # Using `setup-python` with a self hosted runner From 6277dd125501d50af1010f7d669b6e76e24010b0 Mon Sep 17 00:00:00 2001 From: Dmitry Shibanov Date: Tue, 21 Dec 2021 15:44:58 +0300 Subject: [PATCH 2/9] Fix build command (#306) --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 42ae8c69b..b2a15df0b 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,7 @@ "description": "Setup python action", "main": "dist/index.js", "scripts": { - "build": "tsc", + "build": "ncc build -o dist/setup src/setup-python.ts && ncc build -o dist/cache-save src/cache-save.ts", "format": "prettier --write \"{,!(node_modules)/**/}*.ts\"", "format-check": "prettier --check \"{,!(node_modules)/**/}*.ts\"", "release": "ncc build -o dist/setup src/setup-python.ts && ncc build -o dist/cache-save src/cache-save.ts && git add -f dist/", From fa17801fa7b21d8a60b97b134aa118b47787ccb5 Mon Sep 17 00:00:00 2001 From: killuazhu Date: Wed, 29 Dec 2021 07:30:46 -0500 Subject: [PATCH 3/9] Fix typo in README.md (#224) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 12e71698d..ef4b9c981 100644 --- a/README.md +++ b/README.md @@ -300,7 +300,7 @@ If you are experiencing problems while configuring Python on your self-hosted ru - The user starting the runner is in the owning group, and the owning group has write permission. - All users have write permission. - One quick way to grant access is to change the user and group of `/opt/hostedtoolcache` to be the same as the runners using `chown`. - - `sudo chown runner-user:runner-group opt/hostedtoolcache/`. + - `sudo chown runner-user:runner-group /opt/hostedtoolcache/`. - If your runner is configured as a service and you run into problems, make sure the user that the service is running as is correct. For more information, you can [check the status of your self-hosted runner](https://help.github.com/en/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service#checking-the-status-of-the-service). ### Mac From 3a40ba0199391ec3b741a270f08a87419eb6f46f Mon Sep 17 00:00:00 2001 From: Lenin Date: Wed, 29 Dec 2021 18:31:07 +0530 Subject: [PATCH 4/9] Fix small typo in README (comma missing) (#277) --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ef4b9c981..be1c86d45 100644 --- a/README.md +++ b/README.md @@ -146,7 +146,7 @@ Check out our detailed guide on using [Python with GitHub Actions](https://help. `setup-python` is able to configure Python from two sources: - Preinstalled versions of Python in the tools cache on GitHub-hosted runners. - - For detailed information regarding the available versions of Python that are installed see [Supported software](https://docs.github.com/en/actions/reference/specifications-for-github-hosted-runners#supported-software). + - For detailed information regarding the available versions of Python that are installed, see [Supported software](https://docs.github.com/en/actions/reference/specifications-for-github-hosted-runners#supported-software). - For every minor version of Python, expect only the latest patch to be preinstalled. - If `3.8.1` is installed for example, and `3.8.2` is released, expect `3.8.1` to be removed and replaced by `3.8.2` in the tools cache. - If the exact patch version doesn't matter to you, specifying just the major and minor version will get you the latest preinstalled patch version. In the previous example, the version spec `3.8` will use the `3.8.2` Python version found in the cache. @@ -159,7 +159,7 @@ Check out our detailed guide on using [Python with GitHub Actions](https://help. `setup-python` is able to configure PyPy from two sources: - Preinstalled versions of PyPy in the tools cache on GitHub-hosted runners - - For detailed information regarding the available versions of PyPy that are installed see [Supported software](https://docs.github.com/en/actions/reference/specifications-for-github-hosted-runners#supported-software). + - For detailed information regarding the available versions of PyPy that are installed, see [Supported software](https://docs.github.com/en/actions/reference/specifications-for-github-hosted-runners#supported-software). - For the latest PyPy release, all versions of Python are cached. - Cache is updated with a 1-2 week delay. If you specify the PyPy version as `pypy-3.6`, the cached version will be used although a newer version is available. If you need to start using the recently released version right after release, you should specify the exact PyPy version using `pypy-3.6-v7.3.3`. From 9a115684c962a94d8ecfff8c16e21656777b77ea Mon Sep 17 00:00:00 2001 From: Christian Clauss Date: Thu, 30 Dec 2021 09:55:42 +0100 Subject: [PATCH 5/9] README.md: Bring Python versions up to date (#256) --- README.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index be1c86d45..1099b3a31 100644 --- a/README.md +++ b/README.md @@ -43,7 +43,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: [ '2.x', '3.x', 'pypy-2.7', 'pypy-3.6', 'pypy-3.7' ] + python-version: [ '2.x', '3.x', 'pypy-2.7', 'pypy-3.7', 'pypy-3.8' ] name: Python ${{ matrix.python-version }} sample steps: - uses: actions/checkout@v2 @@ -63,7 +63,7 @@ jobs: strategy: matrix: os: [ubuntu-latest, macos-latest, windows-latest] - python-version: ['2.7', '3.6', '3.7', '3.8', 'pypy-2.7', 'pypy-3.6'] + python-version: ['2.7', '3.7', '3.8', '3.9', '3.10', 'pypy-2.7', 'pypy-3.8'] exclude: - os: macos-latest python-version: '3.8' @@ -76,7 +76,7 @@ jobs: with: python-version: ${{ matrix.python-version }} - name: Display Python version - run: python -c "import sys; print(sys.version)" + run: python --version ``` Download and set up a version of Python that does not come preinstalled on an image: @@ -87,7 +87,7 @@ jobs: strategy: matrix: # in this example, there is a newer version already installed, 3.7.7, so the older version will be downloaded - python-version: ['3.5', '3.6', '3.7.4', '3.8'] + python-version: ['3.7.4', '3.8', '3.9', '3.10'] steps: - uses: actions/checkout@v2 - uses: actions/setup-python@v2 @@ -102,7 +102,7 @@ steps: - uses: actions/checkout@v2 - uses: actions/setup-python@v2 with: - python-version: '3.9.0-beta.4' + python-version: '3.11.0-alpha.1' - run: python my_script.py ``` @@ -112,7 +112,7 @@ steps: - uses: actions/checkout@v2 - uses: actions/setup-python@v2 with: - python-version: '3.9.0-alpha - 3.9.0' # SemVer's version range syntax + python-version: '3.11.0-alpha - 3.11.0' # SemVer's version range syntax - run: python my_script.py ``` @@ -125,9 +125,9 @@ jobs: strategy: matrix: python-version: - - 'pypy-3.6' # the latest available version of PyPy that supports Python 3.6 - 'pypy-3.7' # the latest available version of PyPy that supports Python 3.7 - 'pypy-3.7-v7.3.3' # Python 3.7 and PyPy 7.3.3 + - 'pypy-3.8' # the latest available version of PyPy that supports Python 3.8 steps: - uses: actions/checkout@v2 - uses: actions/setup-python@v2 @@ -161,7 +161,7 @@ Check out our detailed guide on using [Python with GitHub Actions](https://help. - Preinstalled versions of PyPy in the tools cache on GitHub-hosted runners - For detailed information regarding the available versions of PyPy that are installed, see [Supported software](https://docs.github.com/en/actions/reference/specifications-for-github-hosted-runners#supported-software). - For the latest PyPy release, all versions of Python are cached. - - Cache is updated with a 1-2 week delay. If you specify the PyPy version as `pypy-3.6`, the cached version will be used although a newer version is available. If you need to start using the recently released version right after release, you should specify the exact PyPy version using `pypy-3.6-v7.3.3`. + - Cache is updated with a 1-2 week delay. If you specify the PyPy version as `pypy-3.7`, the cached version will be used although a newer version is available. If you need to start using the recently released version right after release, you should specify the exact PyPy version using `pypy-3.7-v7.3.3`. - Downloadable PyPy versions from the [official PyPy site](https://downloads.python.org/pypy/). - All available versions that we can download are listed in [versions.json](https://downloads.python.org/pypy/versions.json) file. @@ -198,8 +198,8 @@ The version of PyPy should be specified in the format `pypy-[-v< The `` parameter is optional and can be skipped. The latest version will be used in this case. ``` -pypy-3.6 # the latest available version of PyPy that supports Python 3.6 pypy-3.7 # the latest available version of PyPy that supports Python 3.7 +pypy-3.8 # the latest available version of PyPy that supports Python 3.8 pypy-2.7 # the latest available version of PyPy that supports Python 2.7 pypy-3.7-v7.3.3 # Python 3.7 and PyPy 7.3.3 pypy-3.7-v7.x # Python 3.7 and the latest available PyPy 7.x From 156361d073e2d704ec0bfe646b4500cdc0547324 Mon Sep 17 00:00:00 2001 From: Dmitry Shibanov Date: Wed, 26 Jan 2022 18:54:54 +0300 Subject: [PATCH 6/9] Fix ci for pipenv and reduce test matrix (#323) --- .github/workflows/e2e-cache.yml | 20 ++++++++++---------- .github/workflows/test-python.yml | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/e2e-cache.yml b/.github/workflows/e2e-cache.yml index d15c6f2b6..63bdc47e9 100644 --- a/.github/workflows/e2e-cache.yml +++ b/.github/workflows/e2e-cache.yml @@ -21,7 +21,7 @@ jobs: fail-fast: false matrix: os: [ubuntu-latest, windows-latest, macos-latest] - python-version: ['3.7', '3.8', '3.9', 'pypy-3.7-v7.3.5', 'pypy-3.7-v7.x'] + python-version: ['3.8', '3.9', 'pypy-3.7-v7.x'] steps: - uses: actions/checkout@v2 - name: Setup Python @@ -39,18 +39,18 @@ jobs: fail-fast: false matrix: os: [ubuntu-latest, windows-latest, macos-latest] - python-version: ['3.7', '3.8', '3.9', 'pypy-3.7-v7.3.5', 'pypy-3.7-v7.x'] + python-version: ['3.8', '3.9', 'pypy-3.7-v7.x'] steps: - uses: actions/checkout@v2 - - name: Install pipenv - run: pipx install pipenv - name: Setup Python uses: ./ with: python-version: ${{ matrix.python-version }} cache: 'pipenv' + - name: Install pipenv + run: pipx install pipenv - name: Install dependencies - run: pipenv install flake8 + run: pipenv install numpy python-pip-dependencies-caching-path: name: Test pip (Python ${{ matrix.python-version}}, ${{ matrix.os }}) @@ -59,7 +59,7 @@ jobs: fail-fast: false matrix: os: [ubuntu-latest, windows-latest, macos-latest] - python-version: ['3.7', '3.8', '3.9', 'pypy-3.7-v7.3.5', 'pypy-3.7-v7.x'] + python-version: ['3.8', '3.9', 'pypy-3.7-v7.x'] steps: - uses: actions/checkout@v2 - name: Setup Python @@ -78,16 +78,16 @@ jobs: fail-fast: false matrix: os: [ubuntu-latest, windows-latest, macos-latest] - python-version: ['3.7', '3.8', '3.9', 'pypy-3.7-v7.3.5', 'pypy-3.7-v7.x'] + python-version: ['3.8', '3.9', 'pypy-3.7-v7.x'] steps: - uses: actions/checkout@v2 - - name: Install pipenv - run: pipx install pipenv - name: Setup Python uses: ./ with: python-version: ${{ matrix.python-version }} cache: 'pipenv' cache-dependency-path: '**/requirements-linux.txt' + - name: Install pipenv + run: pipx install pipenv - name: Install dependencies - run: pipenv install flake8 \ No newline at end of file + run: pipenv install numpy \ No newline at end of file diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index 87fa8afd4..191db1411 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -97,7 +97,7 @@ jobs: strategy: fail-fast: false matrix: - os: [macos-10.15, windows-latest, ubuntu-18.04, ubuntu-20.04] + os: [macos-10.15, windows-2019, ubuntu-18.04, ubuntu-20.04] steps: - name: Checkout uses: actions/checkout@v2 From ba33a692f186dd93542417e5b83c8710ad54c255 Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade Date: Mon, 31 Jan 2022 12:42:08 +0200 Subject: [PATCH 7/9] Include Python version in pip cache key (#303) --- __tests__/cache-restore.test.ts | 6 +----- dist/setup/index.js | 9 +++++---- src/cache-distributions/cache-factory.ts | 2 +- src/cache-distributions/pip-cache.ts | 9 ++++++--- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/__tests__/cache-restore.test.ts b/__tests__/cache-restore.test.ts index f3c5b01d4..d982fd060 100644 --- a/__tests__/cache-restore.test.ts +++ b/__tests__/cache-restore.test.ts @@ -92,13 +92,9 @@ describe('restore-cache', () => { dependencyFile ); await cacheDistributor.restoreCache(); - let pythonKey = ''; - if (packageManager === 'pipenv') { - pythonKey = `python-${pythonVersion}-`; - } expect(infoSpy).toHaveBeenCalledWith( - `Cache restored from key: setup-python-${process.env['RUNNER_OS']}-${pythonKey}${packageManager}-${fileHash}` + `Cache restored from key: setup-python-${process.env['RUNNER_OS']}-python-${pythonVersion}-${packageManager}-${fileHash}` ); } ); diff --git a/dist/setup/index.js b/dist/setup/index.js index 321877d9a..ca8a37cbd 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -34467,8 +34467,9 @@ const path = __importStar(__webpack_require__(622)); const os_1 = __importDefault(__webpack_require__(87)); const cache_distributor_1 = __importDefault(__webpack_require__(435)); class PipCache extends cache_distributor_1.default { - constructor(cacheDependencyPath = '**/requirements.txt') { + constructor(pythonVersion, cacheDependencyPath = '**/requirements.txt') { super('pip', cacheDependencyPath); + this.pythonVersion = pythonVersion; } getCacheGlobalDirectories() { return __awaiter(this, void 0, void 0, function* () { @@ -34487,8 +34488,8 @@ class PipCache extends cache_distributor_1.default { computeKeys() { return __awaiter(this, void 0, void 0, function* () { const hash = yield glob.hashFiles(this.cacheDependencyPath); - const primaryKey = `${this.CACHE_KEY_PREFIX}-${process.env['RUNNER_OS']}-${this.packageManager}-${hash}`; - const restoreKey = `${this.CACHE_KEY_PREFIX}-${process.env['RUNNER_OS']}-${this.packageManager}`; + const primaryKey = `${this.CACHE_KEY_PREFIX}-${process.env['RUNNER_OS']}-python-${this.pythonVersion}-${this.packageManager}-${hash}`; + const restoreKey = `${this.CACHE_KEY_PREFIX}-${process.env['RUNNER_OS']}-python-${this.pythonVersion}-${this.packageManager}`; return { primaryKey, restoreKey: [restoreKey] @@ -43888,7 +43889,7 @@ var PackageManagers; function getCacheDistributor(packageManager, pythonVersion, cacheDependencyPath) { switch (packageManager) { case PackageManagers.Pip: - return new pip_cache_1.default(cacheDependencyPath); + return new pip_cache_1.default(pythonVersion, cacheDependencyPath); case PackageManagers.Pipenv: return new pipenv_cache_1.default(pythonVersion, cacheDependencyPath); default: diff --git a/src/cache-distributions/cache-factory.ts b/src/cache-distributions/cache-factory.ts index 1a8a055f0..3e363a0e2 100644 --- a/src/cache-distributions/cache-factory.ts +++ b/src/cache-distributions/cache-factory.ts @@ -13,7 +13,7 @@ export function getCacheDistributor( ) { switch (packageManager) { case PackageManagers.Pip: - return new PipCache(cacheDependencyPath); + return new PipCache(pythonVersion, cacheDependencyPath); case PackageManagers.Pipenv: return new PipenvCache(pythonVersion, cacheDependencyPath); default: diff --git a/src/cache-distributions/pip-cache.ts b/src/cache-distributions/pip-cache.ts index 81b875fda..f4d7c2424 100644 --- a/src/cache-distributions/pip-cache.ts +++ b/src/cache-distributions/pip-cache.ts @@ -8,7 +8,10 @@ import os from 'os'; import CacheDistributor from './cache-distributor'; class PipCache extends CacheDistributor { - constructor(cacheDependencyPath: string = '**/requirements.txt') { + constructor( + private pythonVersion: string, + cacheDependencyPath: string = '**/requirements.txt' + ) { super('pip', cacheDependencyPath); } @@ -36,8 +39,8 @@ class PipCache extends CacheDistributor { protected async computeKeys() { const hash = await glob.hashFiles(this.cacheDependencyPath); - const primaryKey = `${this.CACHE_KEY_PREFIX}-${process.env['RUNNER_OS']}-${this.packageManager}-${hash}`; - const restoreKey = `${this.CACHE_KEY_PREFIX}-${process.env['RUNNER_OS']}-${this.packageManager}`; + const primaryKey = `${this.CACHE_KEY_PREFIX}-${process.env['RUNNER_OS']}-python-${this.pythonVersion}-${this.packageManager}-${hash}`; + const restoreKey = `${this.CACHE_KEY_PREFIX}-${process.env['RUNNER_OS']}-python-${this.pythonVersion}-${this.packageManager}`; return { primaryKey, From dc9de69ff34c8c5db956ba0dfdf751694b0ac899 Mon Sep 17 00:00:00 2001 From: Dmitry Shibanov Date: Tue, 1 Feb 2022 14:17:23 +0300 Subject: [PATCH 8/9] Update node-fetch from 2.6.6 to 2.6.7 (#327) --- .github/workflows/licensed.yml | 4 ++++ .licenses/npm/node-fetch.dep.yml | 2 +- dist/cache-save/index.js | 30 ++++++++++++++++++++++++++++-- dist/setup/index.js | 30 ++++++++++++++++++++++++++++-- package-lock.json | 6 +++--- 5 files changed, 64 insertions(+), 8 deletions(-) diff --git a/.github/workflows/licensed.yml b/.github/workflows/licensed.yml index 4f485f5f9..4c5e1bc9b 100644 --- a/.github/workflows/licensed.yml +++ b/.github/workflows/licensed.yml @@ -14,6 +14,10 @@ jobs: name: Check licenses steps: - uses: actions/checkout@v2 + - name: Set Node.js 12.x + uses: actions/setup-node@v2 + with: + node-version: 12.x - run: npm ci - name: Install licensed run: | diff --git a/.licenses/npm/node-fetch.dep.yml b/.licenses/npm/node-fetch.dep.yml index 90a8db3a9..b49a78a11 100644 --- a/.licenses/npm/node-fetch.dep.yml +++ b/.licenses/npm/node-fetch.dep.yml @@ -1,6 +1,6 @@ --- name: node-fetch -version: 2.6.6 +version: 2.6.7 type: npm summary: A light-weight module that brings window.fetch to node.js homepage: https://github.com/bitinn/node-fetch diff --git a/dist/cache-save/index.js b/dist/cache-save/index.js index da1f1b6ee..eea7574cf 100644 --- a/dist/cache-save/index.js +++ b/dist/cache-save/index.js @@ -34585,9 +34585,17 @@ AbortError.prototype = Object.create(Error.prototype); AbortError.prototype.constructor = AbortError; AbortError.prototype.name = 'AbortError'; +const URL$1 = Url.URL || whatwgUrl.URL; + // fix an issue where "PassThrough", "resolve" aren't a named export for node <10 const PassThrough$1 = Stream.PassThrough; -const resolve_url = Url.resolve; + +const isDomainOrSubdomain = function isDomainOrSubdomain(destination, original) { + const orig = new URL$1(original).hostname; + const dest = new URL$1(destination).hostname; + + return orig === dest || orig[orig.length - dest.length - 1] === '.' && orig.endsWith(dest); +}; /** * Fetch function @@ -34675,7 +34683,19 @@ function fetch(url, opts) { const location = headers.get('Location'); // HTTP fetch step 5.3 - const locationURL = location === null ? null : resolve_url(request.url, location); + let locationURL = null; + try { + locationURL = location === null ? null : new URL$1(location, request.url).toString(); + } catch (err) { + // error here can only be invalid URL in Location: header + // do not throw when options.redirect == manual + // let the user extract the errorneous redirect URL + if (request.redirect !== 'manual') { + reject(new FetchError(`uri requested responds with an invalid redirect URL: ${location}`, 'invalid-redirect')); + finalize(); + return; + } + } // HTTP fetch step 5.5 switch (request.redirect) { @@ -34723,6 +34743,12 @@ function fetch(url, opts) { size: request.size }; + if (!isDomainOrSubdomain(request.url, locationURL)) { + for (const name of ['authorization', 'www-authenticate', 'cookie', 'cookie2']) { + requestOpts.headers.delete(name); + } + } + // HTTP-redirect fetch step 9 if (res.statusCode !== 303 && request.body && getTotalBytes(request) === null) { reject(new FetchError('Cannot follow redirect with body being a readable stream', 'unsupported-redirect')); diff --git a/dist/setup/index.js b/dist/setup/index.js index ca8a37cbd..c12968514 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -37137,9 +37137,17 @@ AbortError.prototype = Object.create(Error.prototype); AbortError.prototype.constructor = AbortError; AbortError.prototype.name = 'AbortError'; +const URL$1 = Url.URL || whatwgUrl.URL; + // fix an issue where "PassThrough", "resolve" aren't a named export for node <10 const PassThrough$1 = Stream.PassThrough; -const resolve_url = Url.resolve; + +const isDomainOrSubdomain = function isDomainOrSubdomain(destination, original) { + const orig = new URL$1(original).hostname; + const dest = new URL$1(destination).hostname; + + return orig === dest || orig[orig.length - dest.length - 1] === '.' && orig.endsWith(dest); +}; /** * Fetch function @@ -37227,7 +37235,19 @@ function fetch(url, opts) { const location = headers.get('Location'); // HTTP fetch step 5.3 - const locationURL = location === null ? null : resolve_url(request.url, location); + let locationURL = null; + try { + locationURL = location === null ? null : new URL$1(location, request.url).toString(); + } catch (err) { + // error here can only be invalid URL in Location: header + // do not throw when options.redirect == manual + // let the user extract the errorneous redirect URL + if (request.redirect !== 'manual') { + reject(new FetchError(`uri requested responds with an invalid redirect URL: ${location}`, 'invalid-redirect')); + finalize(); + return; + } + } // HTTP fetch step 5.5 switch (request.redirect) { @@ -37275,6 +37295,12 @@ function fetch(url, opts) { size: request.size }; + if (!isDomainOrSubdomain(request.url, locationURL)) { + for (const name of ['authorization', 'www-authenticate', 'cookie', 'cookie2']) { + requestOpts.headers.delete(name); + } + } + // HTTP-redirect fetch step 9 if (res.statusCode !== 303 && request.body && getTotalBytes(request) === null) { reject(new FetchError('Cannot follow redirect with body being a readable stream', 'unsupported-redirect')); diff --git a/package-lock.json b/package-lock.json index 1f58877b0..284fa7175 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8137,9 +8137,9 @@ "dev": true }, "node-fetch": { - "version": "2.6.6", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.6.tgz", - "integrity": "sha512-Z8/6vRlTUChSdIgMa51jxQ4lrw/Jy5SOW10ObaA47/RElsAN2c5Pn8bTgFGWn/ibwzXTE8qwr1Yzx28vsecXEA==", + "version": "2.6.7", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz", + "integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==", "requires": { "whatwg-url": "^5.0.0" }, From 7f80679172b057fc5e90d70d197929d454754a5a Mon Sep 17 00:00:00 2001 From: Dmitry Shibanov Date: Fri, 4 Feb 2022 14:00:41 +0300 Subject: [PATCH 9/9] Add fix for Windows caching of pip (#332) --- __tests__/cache-restore.test.ts | 3 ++- dist/setup/index.js | 23 ++++++++++++++++++++++- src/cache-distributions/pip-cache.ts | 26 ++++++++++++++++++++++---- 3 files changed, 46 insertions(+), 6 deletions(-) diff --git a/__tests__/cache-restore.test.ts b/__tests__/cache-restore.test.ts index d982fd060..6c3b16c5d 100644 --- a/__tests__/cache-restore.test.ts +++ b/__tests__/cache-restore.test.ts @@ -96,7 +96,8 @@ describe('restore-cache', () => { expect(infoSpy).toHaveBeenCalledWith( `Cache restored from key: setup-python-${process.env['RUNNER_OS']}-python-${pythonVersion}-${packageManager}-${fileHash}` ); - } + }, + 30000 ); it.each([ diff --git a/dist/setup/index.js b/dist/setup/index.js index c12968514..a742d5880 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -34463,9 +34463,12 @@ Object.defineProperty(exports, "__esModule", { value: true }); const glob = __importStar(__webpack_require__(281)); const core = __importStar(__webpack_require__(470)); const exec = __importStar(__webpack_require__(986)); +const child_process = __importStar(__webpack_require__(129)); +const util_1 = __importDefault(__webpack_require__(669)); const path = __importStar(__webpack_require__(622)); const os_1 = __importDefault(__webpack_require__(87)); const cache_distributor_1 = __importDefault(__webpack_require__(435)); +const utils_1 = __webpack_require__(163); class PipCache extends cache_distributor_1.default { constructor(pythonVersion, cacheDependencyPath = '**/requirements.txt') { super('pip', cacheDependencyPath); @@ -34473,7 +34476,25 @@ class PipCache extends cache_distributor_1.default { } getCacheGlobalDirectories() { return __awaiter(this, void 0, void 0, function* () { - const { stdout, stderr, exitCode } = yield exec.getExecOutput('pip cache dir'); + let exitCode = 1; + let stdout = ''; + let stderr = ''; + // Add temporary fix for Windows + // On windows it is necessary to execute through an exec + // because the getExecOutput gives a non zero code or writes to stderr for pip 22.0.2, + // or spawn must be started with the shell option enabled for getExecOutput + // Related issue: https://github.com/actions/setup-python/issues/328 + if (utils_1.IS_WINDOWS) { + const execPromisify = util_1.default.promisify(child_process.exec); + ({ stdout: stdout, stderr: stderr } = yield execPromisify('pip cache dir')); + } + else { + ({ + stdout: stdout, + stderr: stderr, + exitCode: exitCode + } = yield exec.getExecOutput('pip cache dir')); + } if (exitCode && stderr) { throw new Error(`Could not get cache folder path for pip package manager`); } diff --git a/src/cache-distributions/pip-cache.ts b/src/cache-distributions/pip-cache.ts index f4d7c2424..17055ea5a 100644 --- a/src/cache-distributions/pip-cache.ts +++ b/src/cache-distributions/pip-cache.ts @@ -1,11 +1,13 @@ import * as glob from '@actions/glob'; import * as core from '@actions/core'; import * as exec from '@actions/exec'; - +import * as child_process from 'child_process'; +import utils from 'util'; import * as path from 'path'; import os from 'os'; import CacheDistributor from './cache-distributor'; +import {IS_WINDOWS} from '../utils'; class PipCache extends CacheDistributor { constructor( @@ -16,9 +18,25 @@ class PipCache extends CacheDistributor { } protected async getCacheGlobalDirectories() { - const {stdout, stderr, exitCode} = await exec.getExecOutput( - 'pip cache dir' - ); + let exitCode = 1; + let stdout = ''; + let stderr = ''; + + // Add temporary fix for Windows + // On windows it is necessary to execute through an exec + // because the getExecOutput gives a non zero code or writes to stderr for pip 22.0.2, + // or spawn must be started with the shell option enabled for getExecOutput + // Related issue: https://github.com/actions/setup-python/issues/328 + if (IS_WINDOWS) { + const execPromisify = utils.promisify(child_process.exec); + ({stdout: stdout, stderr: stderr} = await execPromisify('pip cache dir')); + } else { + ({ + stdout: stdout, + stderr: stderr, + exitCode: exitCode + } = await exec.getExecOutput('pip cache dir')); + } if (exitCode && stderr) { throw new Error(