diff --git a/dist/merge/index.js b/dist/merge/index.js
index dd65428..3739493 100644
--- a/dist/merge/index.js
+++ b/dist/merge/index.js
@@ -5568,7 +5568,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
});
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.internalArtifactTwirpClient = exports.ArtifactHttpClient = void 0;
+exports.internalArtifactTwirpClient = void 0;
const http_client_1 = __nccwpck_require__(52179);
const auth_1 = __nccwpck_require__(91669);
const core_1 = __nccwpck_require__(57818);
@@ -5705,7 +5705,6 @@ class ArtifactHttpClient {
return Math.trunc(Math.random() * (maxTime - minTime) + minTime);
}
}
-exports.ArtifactHttpClient = ArtifactHttpClient;
function internalArtifactTwirpClient(options) {
const client = new ArtifactHttpClient((0, user_agent_1.getUserAgentString)(), options === null || options === void 0 ? void 0 : options.maxAttempts, options === null || options === void 0 ? void 0 : options.retryIntervalMs, options === null || options === void 0 ? void 0 : options.retryMultiplier);
return new generated_1.ArtifactServiceClientJSON(client);
@@ -6010,126 +6009,36 @@ function maskSigUrl(url) {
if (!url)
return url;
try {
- const rawSigRegex = /[?&](sig)=([^&=#]+)/gi;
- let match;
- while ((match = rawSigRegex.exec(url)) !== null) {
- const rawSignature = match[2];
- if (rawSignature) {
- (0, core_1.setSecret)(rawSignature);
- }
- }
- let parsedUrl;
- try {
- parsedUrl = new URL(url);
- }
- catch (_a) {
- try {
- parsedUrl = new URL(url, 'https://example.com');
- }
- catch (error) {
- (0, core_1.debug)(`Failed to parse URL: ${url}`);
- return maskSigWithRegex(url);
- }
- }
- let masked = false;
- const paramNames = Array.from(parsedUrl.searchParams.keys());
- for (const paramName of paramNames) {
- if (paramName.toLowerCase() === 'sig') {
- const signature = parsedUrl.searchParams.get(paramName);
- if (signature) {
- (0, core_1.setSecret)(signature);
- (0, core_1.setSecret)(encodeURIComponent(signature));
- parsedUrl.searchParams.set(paramName, '***');
- masked = true;
- }
- }
- }
- if (masked) {
+ const parsedUrl = new URL(url);
+ const signature = parsedUrl.searchParams.get('sig');
+ if (signature) {
+ (0, core_1.setSecret)(signature);
+ (0, core_1.setSecret)(encodeURIComponent(signature));
+ parsedUrl.searchParams.set('sig', '***');
return parsedUrl.toString();
}
- if (/([:?&]|^)(sig)=([^&=#]+)/i.test(url)) {
- return maskSigWithRegex(url);
- }
}
catch (error) {
- (0, core_1.debug)(`Error masking URL: ${error instanceof Error ? error.message : String(error)}`);
- return maskSigWithRegex(url);
+ (0, core_1.debug)(`Failed to parse URL: ${url} ${error instanceof Error ? error.message : String(error)}`);
}
return url;
}
exports.maskSigUrl = maskSigUrl;
-/**
- * Fallback method to mask signatures using regex when URL parsing fails
- */
-function maskSigWithRegex(url) {
- try {
- const regex = /([:?&]|^)(sig)=([^&=#]+)/gi;
- return url.replace(regex, (fullMatch, prefix, paramName, value) => {
- if (value) {
- (0, core_1.setSecret)(value);
- try {
- (0, core_1.setSecret)(decodeURIComponent(value));
- }
- catch (_a) {
- // Ignore decoding errors
- }
- return `${prefix}${paramName}=***`;
- }
- return fullMatch;
- });
- }
- catch (error) {
- (0, core_1.debug)(`Error in maskSigWithRegex: ${error instanceof Error ? error.message : String(error)}`);
- return url;
- }
-}
/**
* Masks any URLs containing signature parameters in the provided object
- * Recursively searches through nested objects and arrays
*/
function maskSecretUrls(body) {
if (typeof body !== 'object' || body === null) {
(0, core_1.debug)('body is not an object or is null');
return;
}
- const processUrl = (url) => {
- maskSigUrl(url);
- };
- const processObject = (obj) => {
- if (typeof obj !== 'object' || obj === null) {
- return;
- }
- if (Array.isArray(obj)) {
- for (const item of obj) {
- if (typeof item === 'string') {
- processUrl(item);
- }
- else if (typeof item === 'object' && item !== null) {
- processObject(item);
- }
- }
- return;
- }
- if ('signed_upload_url' in obj &&
- typeof obj.signed_upload_url === 'string') {
- maskSigUrl(obj.signed_upload_url);
- }
- if ('signed_url' in obj && typeof obj.signed_url === 'string') {
- maskSigUrl(obj.signed_url);
- }
- for (const key in obj) {
- const value = obj[key];
- if (typeof value === 'string') {
- if (/([:?&]|^)(sig)=/i.test(value)) {
- maskSigUrl(value);
- }
- }
- else if (typeof value === 'object' && value !== null) {
- processObject(value);
- }
- }
- };
- processObject(body);
+ if ('signed_upload_url' in body &&
+ typeof body.signed_upload_url === 'string') {
+ maskSigUrl(body.signed_upload_url);
+ }
+ if ('signed_url' in body && typeof body.signed_url === 'string') {
+ maskSigUrl(body.signed_url);
+ }
}
exports.maskSecretUrls = maskSecretUrls;
//# sourceMappingURL=util.js.map
diff --git a/dist/upload/index.js b/dist/upload/index.js
index b2db52d..700c764 100644
--- a/dist/upload/index.js
+++ b/dist/upload/index.js
@@ -5568,7 +5568,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
});
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.internalArtifactTwirpClient = exports.ArtifactHttpClient = void 0;
+exports.internalArtifactTwirpClient = void 0;
const http_client_1 = __nccwpck_require__(52179);
const auth_1 = __nccwpck_require__(91669);
const core_1 = __nccwpck_require__(57818);
@@ -5705,7 +5705,6 @@ class ArtifactHttpClient {
return Math.trunc(Math.random() * (maxTime - minTime) + minTime);
}
}
-exports.ArtifactHttpClient = ArtifactHttpClient;
function internalArtifactTwirpClient(options) {
const client = new ArtifactHttpClient((0, user_agent_1.getUserAgentString)(), options === null || options === void 0 ? void 0 : options.maxAttempts, options === null || options === void 0 ? void 0 : options.retryIntervalMs, options === null || options === void 0 ? void 0 : options.retryMultiplier);
return new generated_1.ArtifactServiceClientJSON(client);
@@ -6010,126 +6009,36 @@ function maskSigUrl(url) {
if (!url)
return url;
try {
- const rawSigRegex = /[?&](sig)=([^&=#]+)/gi;
- let match;
- while ((match = rawSigRegex.exec(url)) !== null) {
- const rawSignature = match[2];
- if (rawSignature) {
- (0, core_1.setSecret)(rawSignature);
- }
- }
- let parsedUrl;
- try {
- parsedUrl = new URL(url);
- }
- catch (_a) {
- try {
- parsedUrl = new URL(url, 'https://example.com');
- }
- catch (error) {
- (0, core_1.debug)(`Failed to parse URL: ${url}`);
- return maskSigWithRegex(url);
- }
- }
- let masked = false;
- const paramNames = Array.from(parsedUrl.searchParams.keys());
- for (const paramName of paramNames) {
- if (paramName.toLowerCase() === 'sig') {
- const signature = parsedUrl.searchParams.get(paramName);
- if (signature) {
- (0, core_1.setSecret)(signature);
- (0, core_1.setSecret)(encodeURIComponent(signature));
- parsedUrl.searchParams.set(paramName, '***');
- masked = true;
- }
- }
- }
- if (masked) {
+ const parsedUrl = new URL(url);
+ const signature = parsedUrl.searchParams.get('sig');
+ if (signature) {
+ (0, core_1.setSecret)(signature);
+ (0, core_1.setSecret)(encodeURIComponent(signature));
+ parsedUrl.searchParams.set('sig', '***');
return parsedUrl.toString();
}
- if (/([:?&]|^)(sig)=([^&=#]+)/i.test(url)) {
- return maskSigWithRegex(url);
- }
}
catch (error) {
- (0, core_1.debug)(`Error masking URL: ${error instanceof Error ? error.message : String(error)}`);
- return maskSigWithRegex(url);
+ (0, core_1.debug)(`Failed to parse URL: ${url} ${error instanceof Error ? error.message : String(error)}`);
}
return url;
}
exports.maskSigUrl = maskSigUrl;
-/**
- * Fallback method to mask signatures using regex when URL parsing fails
- */
-function maskSigWithRegex(url) {
- try {
- const regex = /([:?&]|^)(sig)=([^&=#]+)/gi;
- return url.replace(regex, (fullMatch, prefix, paramName, value) => {
- if (value) {
- (0, core_1.setSecret)(value);
- try {
- (0, core_1.setSecret)(decodeURIComponent(value));
- }
- catch (_a) {
- // Ignore decoding errors
- }
- return `${prefix}${paramName}=***`;
- }
- return fullMatch;
- });
- }
- catch (error) {
- (0, core_1.debug)(`Error in maskSigWithRegex: ${error instanceof Error ? error.message : String(error)}`);
- return url;
- }
-}
/**
* Masks any URLs containing signature parameters in the provided object
- * Recursively searches through nested objects and arrays
*/
function maskSecretUrls(body) {
if (typeof body !== 'object' || body === null) {
(0, core_1.debug)('body is not an object or is null');
return;
}
- const processUrl = (url) => {
- maskSigUrl(url);
- };
- const processObject = (obj) => {
- if (typeof obj !== 'object' || obj === null) {
- return;
- }
- if (Array.isArray(obj)) {
- for (const item of obj) {
- if (typeof item === 'string') {
- processUrl(item);
- }
- else if (typeof item === 'object' && item !== null) {
- processObject(item);
- }
- }
- return;
- }
- if ('signed_upload_url' in obj &&
- typeof obj.signed_upload_url === 'string') {
- maskSigUrl(obj.signed_upload_url);
- }
- if ('signed_url' in obj && typeof obj.signed_url === 'string') {
- maskSigUrl(obj.signed_url);
- }
- for (const key in obj) {
- const value = obj[key];
- if (typeof value === 'string') {
- if (/([:?&]|^)(sig)=/i.test(value)) {
- maskSigUrl(value);
- }
- }
- else if (typeof value === 'object' && value !== null) {
- processObject(value);
- }
- }
- };
- processObject(body);
+ if ('signed_upload_url' in body &&
+ typeof body.signed_upload_url === 'string') {
+ maskSigUrl(body.signed_upload_url);
+ }
+ if ('signed_url' in body && typeof body.signed_url === 'string') {
+ maskSigUrl(body.signed_url);
+ }
}
exports.maskSecretUrls = maskSecretUrls;
//# sourceMappingURL=util.js.map