mirror of https://github.com/actions/setup-python
Update node-fetch from 2.6.6 to 2.6.7 (#327)
This commit is contained in:
parent
ba33a692f1
commit
dc9de69ff3
|
@ -14,6 +14,10 @@ jobs:
|
|||
name: Check licenses
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Set Node.js 12.x
|
||||
uses: actions/setup-node@v2
|
||||
with:
|
||||
node-version: 12.x
|
||||
- run: npm ci
|
||||
- name: Install licensed
|
||||
run: |
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
name: node-fetch
|
||||
version: 2.6.6
|
||||
version: 2.6.7
|
||||
type: npm
|
||||
summary: A light-weight module that brings window.fetch to node.js
|
||||
homepage: https://github.com/bitinn/node-fetch
|
||||
|
|
|
@ -34585,9 +34585,17 @@ AbortError.prototype = Object.create(Error.prototype);
|
|||
AbortError.prototype.constructor = AbortError;
|
||||
AbortError.prototype.name = 'AbortError';
|
||||
|
||||
const URL$1 = Url.URL || whatwgUrl.URL;
|
||||
|
||||
// fix an issue where "PassThrough", "resolve" aren't a named export for node <10
|
||||
const PassThrough$1 = Stream.PassThrough;
|
||||
const resolve_url = Url.resolve;
|
||||
|
||||
const isDomainOrSubdomain = function isDomainOrSubdomain(destination, original) {
|
||||
const orig = new URL$1(original).hostname;
|
||||
const dest = new URL$1(destination).hostname;
|
||||
|
||||
return orig === dest || orig[orig.length - dest.length - 1] === '.' && orig.endsWith(dest);
|
||||
};
|
||||
|
||||
/**
|
||||
* Fetch function
|
||||
|
@ -34675,7 +34683,19 @@ function fetch(url, opts) {
|
|||
const location = headers.get('Location');
|
||||
|
||||
// HTTP fetch step 5.3
|
||||
const locationURL = location === null ? null : resolve_url(request.url, location);
|
||||
let locationURL = null;
|
||||
try {
|
||||
locationURL = location === null ? null : new URL$1(location, request.url).toString();
|
||||
} catch (err) {
|
||||
// error here can only be invalid URL in Location: header
|
||||
// do not throw when options.redirect == manual
|
||||
// let the user extract the errorneous redirect URL
|
||||
if (request.redirect !== 'manual') {
|
||||
reject(new FetchError(`uri requested responds with an invalid redirect URL: ${location}`, 'invalid-redirect'));
|
||||
finalize();
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
// HTTP fetch step 5.5
|
||||
switch (request.redirect) {
|
||||
|
@ -34723,6 +34743,12 @@ function fetch(url, opts) {
|
|||
size: request.size
|
||||
};
|
||||
|
||||
if (!isDomainOrSubdomain(request.url, locationURL)) {
|
||||
for (const name of ['authorization', 'www-authenticate', 'cookie', 'cookie2']) {
|
||||
requestOpts.headers.delete(name);
|
||||
}
|
||||
}
|
||||
|
||||
// HTTP-redirect fetch step 9
|
||||
if (res.statusCode !== 303 && request.body && getTotalBytes(request) === null) {
|
||||
reject(new FetchError('Cannot follow redirect with body being a readable stream', 'unsupported-redirect'));
|
||||
|
|
|
@ -37137,9 +37137,17 @@ AbortError.prototype = Object.create(Error.prototype);
|
|||
AbortError.prototype.constructor = AbortError;
|
||||
AbortError.prototype.name = 'AbortError';
|
||||
|
||||
const URL$1 = Url.URL || whatwgUrl.URL;
|
||||
|
||||
// fix an issue where "PassThrough", "resolve" aren't a named export for node <10
|
||||
const PassThrough$1 = Stream.PassThrough;
|
||||
const resolve_url = Url.resolve;
|
||||
|
||||
const isDomainOrSubdomain = function isDomainOrSubdomain(destination, original) {
|
||||
const orig = new URL$1(original).hostname;
|
||||
const dest = new URL$1(destination).hostname;
|
||||
|
||||
return orig === dest || orig[orig.length - dest.length - 1] === '.' && orig.endsWith(dest);
|
||||
};
|
||||
|
||||
/**
|
||||
* Fetch function
|
||||
|
@ -37227,7 +37235,19 @@ function fetch(url, opts) {
|
|||
const location = headers.get('Location');
|
||||
|
||||
// HTTP fetch step 5.3
|
||||
const locationURL = location === null ? null : resolve_url(request.url, location);
|
||||
let locationURL = null;
|
||||
try {
|
||||
locationURL = location === null ? null : new URL$1(location, request.url).toString();
|
||||
} catch (err) {
|
||||
// error here can only be invalid URL in Location: header
|
||||
// do not throw when options.redirect == manual
|
||||
// let the user extract the errorneous redirect URL
|
||||
if (request.redirect !== 'manual') {
|
||||
reject(new FetchError(`uri requested responds with an invalid redirect URL: ${location}`, 'invalid-redirect'));
|
||||
finalize();
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
// HTTP fetch step 5.5
|
||||
switch (request.redirect) {
|
||||
|
@ -37275,6 +37295,12 @@ function fetch(url, opts) {
|
|||
size: request.size
|
||||
};
|
||||
|
||||
if (!isDomainOrSubdomain(request.url, locationURL)) {
|
||||
for (const name of ['authorization', 'www-authenticate', 'cookie', 'cookie2']) {
|
||||
requestOpts.headers.delete(name);
|
||||
}
|
||||
}
|
||||
|
||||
// HTTP-redirect fetch step 9
|
||||
if (res.statusCode !== 303 && request.body && getTotalBytes(request) === null) {
|
||||
reject(new FetchError('Cannot follow redirect with body being a readable stream', 'unsupported-redirect'));
|
||||
|
|
|
@ -8137,9 +8137,9 @@
|
|||
"dev": true
|
||||
},
|
||||
"node-fetch": {
|
||||
"version": "2.6.6",
|
||||
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.6.tgz",
|
||||
"integrity": "sha512-Z8/6vRlTUChSdIgMa51jxQ4lrw/Jy5SOW10ObaA47/RElsAN2c5Pn8bTgFGWn/ibwzXTE8qwr1Yzx28vsecXEA==",
|
||||
"version": "2.6.7",
|
||||
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz",
|
||||
"integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==",
|
||||
"requires": {
|
||||
"whatwg-url": "^5.0.0"
|
||||
},
|
||||
|
|
Loading…
Reference in New Issue