From a1c6c9c8677803c9f4bd31e0f15ac0844258f955 Mon Sep 17 00:00:00 2001 From: mahabaleshwars <147705296+mahabaleshwars@users.noreply.github.com> Date: Fri, 3 May 2024 18:59:31 +0530 Subject: [PATCH 1/4] Updated advanced-usage.md (#622) * Update advanced-usage.md * Update advanced-usage.md * Update advanced-usage.md * Update README.md * Update advanced-usage.md --- README.md | 4 ++-- docs/advanced-usage.md | 18 +++++++++--------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index a3ac3974e..7702e6f1c 100644 --- a/README.md +++ b/README.md @@ -91,8 +91,8 @@ steps: #### Supported version syntax The `java-version` input supports an exact version or a version range using [SemVer](https://semver.org/) notation: - major versions: `8`, `11`, `16`, `17`, `21` -- more specific versions: `17.0`, `11.0`, `11.0.4`, `8.0.232`, `8.0.282+8` -- early access (EA) versions: `15-ea`, `15.0.0-ea`, `15.0.0-ea.2`, `15.0.0+2-ea` +- more specific versions: `8.0.282+8`, `8.0.232`, `11.0`, `11.0.4`, `17.0` +- early access (EA) versions: `15-ea`, `15.0.0-ea` #### Supported distributions Currently, the following distributions are supported: diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md index c3cf42d01..3503748af 100644 --- a/docs/advanced-usage.md +++ b/docs/advanced-usage.md @@ -526,19 +526,19 @@ steps: ``` ## Java version file -If the `java-version-file` input is specified, the action will extract the version from the file and install it. - -Supported files are .java-version and .tool-versions. -In .java-version file, only the version should be specified, e.g., 17.0.7. -In .tool-versions file, java version should be preceded by the java keyword, e.g., java 17.0.7. -.java-version recognizes all variants of the version description according to [jenv](https://github.com/jenv/jenv) and .tool-version recognizes all variants of the version description according to [asdf](https://github.com/asdf-vm/asdf). - -If both java-version and java-version-file inputs are provided, the java-version input will be used. + If the `java-version-file` input is specified, the action will extract the version from the file and install it. + + Supported files are .java-version and .tool-versions. + In .java-version file, only the version should be specified (e.g., 17.0.7). + In .tool-versions file, java version should be preceded by the java keyword (e.g., java 17.0.7). + The `.java-version` file recognizes all variants of the version description according to [jenv](https://github.com/jenv/jenv). Similarly, the `.tool-versions` file supports version specifications in accordance with [asdf](https://github.com/asdf-vm/asdf) standards, adhering to Semantic Versioning (semver). + + If both java-version and java-version-file inputs are provided, the java-version input will be used. Valid entry options: ``` major versions: 8, 11, 16, 17, 21 -more specific versions: 1.8.0.2, 17.0, 11.0, 11.0.4, 8.0.232, 8.0.282+8 +more specific versions: 8.0.282+8, 8.0.232, 11.0, 11.0.4, 17.0 early access (EA) versions: 15-ea, 15.0.0-ea versions with specified distribution: openjdk64-11.0.2 ``` From 2e74cbce18569d23ca8b812590dbb83f13ac7c5a Mon Sep 17 00:00:00 2001 From: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com> Date: Wed, 22 May 2024 10:26:50 -0500 Subject: [PATCH 2/4] Fix versions check failures (#634) * fix macos latest failures * fix failures --- .github/workflows/e2e-cache.yml | 26 ++++++++++---------- .github/workflows/e2e-versions.yml | 38 +++++++++++++++--------------- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/.github/workflows/e2e-cache.yml b/.github/workflows/e2e-cache.yml index b56be8e66..95031dbb1 100644 --- a/.github/workflows/e2e-cache.yml +++ b/.github/workflows/e2e-cache.yml @@ -21,7 +21,7 @@ jobs: strategy: fail-fast: false matrix: - os: [macos-latest, windows-latest, ubuntu-latest] + os: [macos-13, windows-latest, ubuntu-latest] steps: - name: Checkout uses: actions/checkout@v4 @@ -46,7 +46,7 @@ jobs: strategy: fail-fast: false matrix: - os: [macos-latest, windows-latest, ubuntu-latest] + os: [macos-13, windows-latest, ubuntu-latest] needs: gradle-save steps: - name: Checkout @@ -70,7 +70,7 @@ jobs: strategy: fail-fast: false matrix: - os: [macos-latest, windows-latest, ubuntu-latest] + os: [macos-13, windows-latest, ubuntu-latest] steps: - name: Checkout uses: actions/checkout@v4 @@ -93,7 +93,7 @@ jobs: strategy: fail-fast: false matrix: - os: [macos-latest, windows-latest, ubuntu-latest] + os: [macos-13, windows-latest, ubuntu-latest] needs: maven-save steps: - name: Checkout @@ -121,7 +121,7 @@ jobs: strategy: fail-fast: false matrix: - os: [macos-latest, windows-latest, ubuntu-latest] + os: [macos-13, windows-latest, ubuntu-latest] steps: - name: Checkout uses: actions/checkout@v4 @@ -132,17 +132,21 @@ jobs: distribution: 'adopt' java-version: '11' cache: sbt + - name: Setup SBT + if: matrix.os == 'macos-13' + run: | + echo ""Installing SBT..."" + brew install sbt - name: Create files to cache run: sbt update - name: Check files to cache on macos-latest - if: matrix.os == 'macos-latest' + if: matrix.os == 'macos-13' run: | if [ ! -d ~/Library/Caches/Coursier ]; then echo "::error::The ~/Library/Caches/Coursier directory does not exist unexpectedly" exit 1 fi - - name: Check files to cache on windows-latest if: matrix.os == 'windows-latest' run: | @@ -150,7 +154,6 @@ jobs: echo "::error::The ~/AppData/Local/Coursier/Cache directory does not exist unexpectedly" exit 1 fi - - name: Check files to cache on ubuntu-latest if: matrix.os == 'ubuntu-latest' run: | @@ -158,7 +161,6 @@ jobs: echo "::error::The ~/.cache/coursier directory does not exist unexpectedly" exit 1 fi - sbt-restore: runs-on: ${{ matrix.os }} defaults: @@ -168,7 +170,7 @@ jobs: strategy: fail-fast: false matrix: - os: [macos-latest, windows-latest, ubuntu-latest] + os: [macos-13, windows-latest, ubuntu-latest] needs: sbt-save steps: - name: Checkout @@ -182,14 +184,13 @@ jobs: cache: sbt - name: Confirm that ~/Library/Caches/Coursier directory has been made - if: matrix.os == 'macos-latest' + if: matrix.os == 'macos-13' run: | if [ ! -d ~/Library/Caches/Coursier ]; then echo "::error::The ~/Library/Caches/Coursier directory does not exist unexpectedly" exit 1 fi ls ~/Library/Caches/Coursier - - name: Confirm that ~/AppData/Local/Coursier/Cache directory has been made if: matrix.os == 'windows-latest' run: | @@ -198,7 +199,6 @@ jobs: exit 1 fi ls ~/AppData/Local/Coursier/Cache - - name: Confirm that ~/.cache/coursier directory has been made if: matrix.os == 'ubuntu-latest' run: | diff --git a/.github/workflows/e2e-versions.yml b/.github/workflows/e2e-versions.yml index 8b9e11193..0553d91a8 100644 --- a/.github/workflows/e2e-versions.yml +++ b/.github/workflows/e2e-versions.yml @@ -20,7 +20,7 @@ jobs: strategy: fail-fast: false matrix: - os: [macos-latest, windows-latest, ubuntu-latest] + os: [macos-13, windows-latest, ubuntu-latest] distribution: [ 'temurin', 'adopt', @@ -32,15 +32,15 @@ jobs: 'corretto', 'dragonwell' ] # internally 'adopt-hotspot' is the same as 'adopt' - version: ['8', '11', '17'] + version: ['21', '11', '17'] exclude: - distribution: microsoft version: 8 - distribution: dragonwell - os: macos-latest + os: macos-13 include: - distribution: oracle - os: macos-latest + os: macos-13 version: 17 - distribution: oracle os: windows-latest @@ -73,7 +73,7 @@ jobs: distribution: ['temurin', 'zulu', 'liberica'] version: - '11.0' - - '8.0.302' + - '21.0' - '17.0.7+7' include: - distribution: oracle @@ -171,7 +171,7 @@ jobs: strategy: fail-fast: false matrix: - os: [macos-latest, windows-latest, ubuntu-latest] + os: [macos-13, windows-latest, ubuntu-latest] version: ['17-ea', '15.0.0-ea.14'] steps: - name: Checkout @@ -215,22 +215,22 @@ jobs: strategy: fail-fast: false matrix: - os: [macos-latest, windows-latest, ubuntu-latest] + os: [macos-13, windows-latest, ubuntu-latest] distribution: ['temurin', 'zulu', 'liberica', 'semeru'] java-package: ['jre'] version: ['17.0'] include: - distribution: 'zulu' java-package: jre+fx - version: '8' + version: '21' os: ubuntu-latest - distribution: 'zulu' java-package: jdk+fx - version: '8.0.242' + version: '21.0' os: ubuntu-latest - distribution: 'liberica' java-package: jdk+fx - version: '8' + version: '21' os: ubuntu-latest - distribution: 'liberica' java-package: jre+fx @@ -294,10 +294,10 @@ jobs: uses: actions/checkout@v4 - name: Create .java-version file shell: bash - run: echo "8" > .java-version + run: echo "17" > .java-version - name: Create .tool-versions file shell: bash - run: echo "java 8" > .tool-versions + run: echo "java 17" > .tool-versions - name: setup-java uses: ./ id: setup-java @@ -351,10 +351,10 @@ jobs: uses: actions/checkout@v4 - name: Create .java-version file shell: bash - run: echo "11.0.2" > .java-version + run: echo "17.0.10" > .java-version - name: Create .tool-versions file shell: bash - run: echo "java 11.0.2" > .tool-versions + run: echo "java 17.0.10" > .tool-versions - name: setup-java uses: ./ id: setup-java @@ -362,11 +362,11 @@ jobs: distribution: ${{ matrix.distribution }} java-version-file: ${{matrix.java-version-file }} - name: Verify Java - run: bash __tests__/verify-java.sh "11.0.2" "${{ steps.setup-java.outputs.path }}" + run: bash __tests__/verify-java.sh "17.0.10" "${{ steps.setup-java.outputs.path }}" shell: bash setup-java-version-from-file-major-minor-patch-with-dist: - name: ${{ matrix.distribution }} version from file 'openjdk64-11.0.2' - ${{ matrix.os }} + name: ${{ matrix.distribution }} version from file 'openjdk64-17.0.10' - ${{ matrix.os }} runs-on: ${{ matrix.os }} strategy: fail-fast: false @@ -379,10 +379,10 @@ jobs: uses: actions/checkout@v4 - name: Create .java-version file shell: bash - run: echo "openjdk64-11.0.2" > .java-version + run: echo "openjdk64-17.0.10" > .java-version - name: Create .tool-versions file shell: bash - run: echo "java openjdk64-11.0.2" > .tool-versions + run: echo "java openjdk64-17.0.10" > .tool-versions - name: setup-java uses: ./ id: setup-java @@ -390,5 +390,5 @@ jobs: distribution: ${{ matrix.distribution }} java-version-file: ${{matrix.java-version-file }} - name: Verify Java - run: bash __tests__/verify-java.sh "11.0.2" "${{ steps.setup-java.outputs.path }}" + run: bash __tests__/verify-java.sh "17.0.10" "${{ steps.setup-java.outputs.path }}" shell: bash From fd08b9c8dc6f530393a204a04e1f05101a5d00fd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 27 Jun 2024 18:34:36 -0500 Subject: [PATCH 3/4] Bump undici from 5.28.3 to 5.28.4 (#616) * Bump undici from 5.28.3 to 5.28.4 Bumps [undici](https://github.com/nodejs/undici) from 5.28.3 to 5.28.4. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] * Bump undici from 5.28.3 to 5.28.4 Bumps [undici](https://github.com/nodejs/undici) from 5.28.3 to 5.28.4. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] * bump braces from 3.0.2 to 3.0.3 * Added Semver link --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com> --- .licenses/npm/undici.dep.yml | 2 +- .../distributors/oracle-installer.test.ts | 3 +- dist/cleanup/index.js | 297 +++++++++++++++--- dist/setup/index.js | 297 +++++++++++++++--- docs/advanced-usage.md | 2 +- package-lock.json | 20 +- 6 files changed, 526 insertions(+), 95 deletions(-) diff --git a/.licenses/npm/undici.dep.yml b/.licenses/npm/undici.dep.yml index 58844ed3d..cc74a6d2d 100644 --- a/.licenses/npm/undici.dep.yml +++ b/.licenses/npm/undici.dep.yml @@ -1,6 +1,6 @@ --- name: undici -version: 5.28.3 +version: 5.28.4 type: npm summary: An HTTP/1.1 client, written from scratch for Node.js homepage: https://undici.nodejs.org diff --git a/__tests__/distributors/oracle-installer.test.ts b/__tests__/distributors/oracle-installer.test.ts index 356c0c682..de391a542 100644 --- a/__tests__/distributors/oracle-installer.test.ts +++ b/__tests__/distributors/oracle-installer.test.ts @@ -115,7 +115,8 @@ describe('findPackageForDownload', () => { const expectedUrl = `https://download.oracle.com/java/18/archive/jdk-18_${osType}-${distroArch}_bin.${archiveType}`; expect(result.url).toBe(expectedUrl); - } + }, + 10000 ); it('should throw an error', async () => { diff --git a/dist/cleanup/index.js b/dist/cleanup/index.js index c90128bb6..9cdae34ad 100644 --- a/dist/cleanup/index.js +++ b/dist/cleanup/index.js @@ -66943,6 +66943,132 @@ function onConnectTimeout (socket) { module.exports = buildConnector +/***/ }), + +/***/ 4462: +/***/ ((module) => { + +"use strict"; + + +/** @type {Record} */ +const headerNameLowerCasedRecord = {} + +// https://developer.mozilla.org/docs/Web/HTTP/Headers +const wellknownHeaderNames = [ + 'Accept', + 'Accept-Encoding', + 'Accept-Language', + 'Accept-Ranges', + 'Access-Control-Allow-Credentials', + 'Access-Control-Allow-Headers', + 'Access-Control-Allow-Methods', + 'Access-Control-Allow-Origin', + 'Access-Control-Expose-Headers', + 'Access-Control-Max-Age', + 'Access-Control-Request-Headers', + 'Access-Control-Request-Method', + 'Age', + 'Allow', + 'Alt-Svc', + 'Alt-Used', + 'Authorization', + 'Cache-Control', + 'Clear-Site-Data', + 'Connection', + 'Content-Disposition', + 'Content-Encoding', + 'Content-Language', + 'Content-Length', + 'Content-Location', + 'Content-Range', + 'Content-Security-Policy', + 'Content-Security-Policy-Report-Only', + 'Content-Type', + 'Cookie', + 'Cross-Origin-Embedder-Policy', + 'Cross-Origin-Opener-Policy', + 'Cross-Origin-Resource-Policy', + 'Date', + 'Device-Memory', + 'Downlink', + 'ECT', + 'ETag', + 'Expect', + 'Expect-CT', + 'Expires', + 'Forwarded', + 'From', + 'Host', + 'If-Match', + 'If-Modified-Since', + 'If-None-Match', + 'If-Range', + 'If-Unmodified-Since', + 'Keep-Alive', + 'Last-Modified', + 'Link', + 'Location', + 'Max-Forwards', + 'Origin', + 'Permissions-Policy', + 'Pragma', + 'Proxy-Authenticate', + 'Proxy-Authorization', + 'RTT', + 'Range', + 'Referer', + 'Referrer-Policy', + 'Refresh', + 'Retry-After', + 'Sec-WebSocket-Accept', + 'Sec-WebSocket-Extensions', + 'Sec-WebSocket-Key', + 'Sec-WebSocket-Protocol', + 'Sec-WebSocket-Version', + 'Server', + 'Server-Timing', + 'Service-Worker-Allowed', + 'Service-Worker-Navigation-Preload', + 'Set-Cookie', + 'SourceMap', + 'Strict-Transport-Security', + 'Supports-Loading-Mode', + 'TE', + 'Timing-Allow-Origin', + 'Trailer', + 'Transfer-Encoding', + 'Upgrade', + 'Upgrade-Insecure-Requests', + 'User-Agent', + 'Vary', + 'Via', + 'WWW-Authenticate', + 'X-Content-Type-Options', + 'X-DNS-Prefetch-Control', + 'X-Frame-Options', + 'X-Permitted-Cross-Domain-Policies', + 'X-Powered-By', + 'X-Requested-With', + 'X-XSS-Protection' +] + +for (let i = 0; i < wellknownHeaderNames.length; ++i) { + const key = wellknownHeaderNames[i] + const lowerCasedKey = key.toLowerCase() + headerNameLowerCasedRecord[key] = headerNameLowerCasedRecord[lowerCasedKey] = + lowerCasedKey +} + +// Note: object prototypes should not be able to be referenced. e.g. `Object#hasOwnProperty`. +Object.setPrototypeOf(headerNameLowerCasedRecord, null) + +module.exports = { + wellknownHeaderNames, + headerNameLowerCasedRecord +} + + /***/ }), /***/ 8045: @@ -67775,6 +67901,7 @@ const { InvalidArgumentError } = __nccwpck_require__(8045) const { Blob } = __nccwpck_require__(4300) const nodeUtil = __nccwpck_require__(3837) const { stringify } = __nccwpck_require__(3477) +const { headerNameLowerCasedRecord } = __nccwpck_require__(4462) const [nodeMajor, nodeMinor] = process.versions.node.split('.').map(v => Number(v)) @@ -67984,6 +68111,15 @@ function parseKeepAliveTimeout (val) { return m ? parseInt(m[1], 10) * 1000 : null } +/** + * Retrieves a header name and returns its lowercase value. + * @param {string | Buffer} value Header name + * @returns {string} + */ +function headerNameToString (value) { + return headerNameLowerCasedRecord[value] || value.toLowerCase() +} + function parseHeaders (headers, obj = {}) { // For H2 support if (!Array.isArray(headers)) return headers @@ -68255,6 +68391,7 @@ module.exports = { isIterable, isAsyncIterable, isDestroyed, + headerNameToString, parseRawHeaders, parseHeaders, parseKeepAliveTimeout, @@ -74902,14 +75039,18 @@ const { isBlobLike, toUSVString, ReadableStreamFrom } = __nccwpck_require__(3983 const assert = __nccwpck_require__(9491) const { isUint8Array } = __nccwpck_require__(9830) +let supportedHashes = [] + // https://nodejs.org/api/crypto.html#determining-if-crypto-support-is-unavailable /** @type {import('crypto')|undefined} */ let crypto try { crypto = __nccwpck_require__(6113) + const possibleRelevantHashes = ['sha256', 'sha384', 'sha512'] + supportedHashes = crypto.getHashes().filter((hash) => possibleRelevantHashes.includes(hash)) +/* c8 ignore next 3 */ } catch { - } function responseURL (response) { @@ -75437,66 +75578,56 @@ function bytesMatch (bytes, metadataList) { return true } - // 3. If parsedMetadata is the empty set, return true. + // 3. If response is not eligible for integrity validation, return false. + // TODO + + // 4. If parsedMetadata is the empty set, return true. if (parsedMetadata.length === 0) { return true } - // 4. Let metadata be the result of getting the strongest + // 5. Let metadata be the result of getting the strongest // metadata from parsedMetadata. - const list = parsedMetadata.sort((c, d) => d.algo.localeCompare(c.algo)) - // get the strongest algorithm - const strongest = list[0].algo - // get all entries that use the strongest algorithm; ignore weaker - const metadata = list.filter((item) => item.algo === strongest) + const strongest = getStrongestMetadata(parsedMetadata) + const metadata = filterMetadataListByAlgorithm(parsedMetadata, strongest) - // 5. For each item in metadata: + // 6. For each item in metadata: for (const item of metadata) { // 1. Let algorithm be the alg component of item. const algorithm = item.algo // 2. Let expectedValue be the val component of item. - let expectedValue = item.hash + const expectedValue = item.hash // See https://github.com/web-platform-tests/wpt/commit/e4c5cc7a5e48093220528dfdd1c4012dc3837a0e // "be liberal with padding". This is annoying, and it's not even in the spec. - if (expectedValue.endsWith('==')) { - expectedValue = expectedValue.slice(0, -2) - } - // 3. Let actualValue be the result of applying algorithm to bytes. let actualValue = crypto.createHash(algorithm).update(bytes).digest('base64') - if (actualValue.endsWith('==')) { - actualValue = actualValue.slice(0, -2) + if (actualValue[actualValue.length - 1] === '=') { + if (actualValue[actualValue.length - 2] === '=') { + actualValue = actualValue.slice(0, -2) + } else { + actualValue = actualValue.slice(0, -1) + } } // 4. If actualValue is a case-sensitive match for expectedValue, // return true. - if (actualValue === expectedValue) { - return true - } - - let actualBase64URL = crypto.createHash(algorithm).update(bytes).digest('base64url') - - if (actualBase64URL.endsWith('==')) { - actualBase64URL = actualBase64URL.slice(0, -2) - } - - if (actualBase64URL === expectedValue) { + if (compareBase64Mixed(actualValue, expectedValue)) { return true } } - // 6. Return false. + // 7. Return false. return false } // https://w3c.github.io/webappsec-subresource-integrity/#grammardef-hash-with-options // https://www.w3.org/TR/CSP2/#source-list-syntax // https://www.rfc-editor.org/rfc/rfc5234#appendix-B.1 -const parseHashWithOptions = /((?sha256|sha384|sha512)-(?[A-z0-9+/]{1}.*={0,2}))( +[\x21-\x7e]?)?/i +const parseHashWithOptions = /(?sha256|sha384|sha512)-((?[A-Za-z0-9+/]+|[A-Za-z0-9_-]+)={0,2}(?:\s|$)( +[!-~]*)?)?/i /** * @see https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata @@ -75510,8 +75641,6 @@ function parseMetadata (metadata) { // 2. Let empty be equal to true. let empty = true - const supportedHashes = crypto.getHashes() - // 3. For each token returned by splitting metadata on spaces: for (const token of metadata.split(' ')) { // 1. Set empty to false. @@ -75521,7 +75650,11 @@ function parseMetadata (metadata) { const parsedToken = parseHashWithOptions.exec(token) // 3. If token does not parse, continue to the next token. - if (parsedToken === null || parsedToken.groups === undefined) { + if ( + parsedToken === null || + parsedToken.groups === undefined || + parsedToken.groups.algo === undefined + ) { // Note: Chromium blocks the request at this point, but Firefox // gives a warning that an invalid integrity was given. The // correct behavior is to ignore these, and subsequently not @@ -75530,11 +75663,11 @@ function parseMetadata (metadata) { } // 4. Let algorithm be the hash-algo component of token. - const algorithm = parsedToken.groups.algo + const algorithm = parsedToken.groups.algo.toLowerCase() // 5. If algorithm is a hash function recognized by the user // agent, add the parsed token to result. - if (supportedHashes.includes(algorithm.toLowerCase())) { + if (supportedHashes.includes(algorithm)) { result.push(parsedToken.groups) } } @@ -75547,6 +75680,82 @@ function parseMetadata (metadata) { return result } +/** + * @param {{ algo: 'sha256' | 'sha384' | 'sha512' }[]} metadataList + */ +function getStrongestMetadata (metadataList) { + // Let algorithm be the algo component of the first item in metadataList. + // Can be sha256 + let algorithm = metadataList[0].algo + // If the algorithm is sha512, then it is the strongest + // and we can return immediately + if (algorithm[3] === '5') { + return algorithm + } + + for (let i = 1; i < metadataList.length; ++i) { + const metadata = metadataList[i] + // If the algorithm is sha512, then it is the strongest + // and we can break the loop immediately + if (metadata.algo[3] === '5') { + algorithm = 'sha512' + break + // If the algorithm is sha384, then a potential sha256 or sha384 is ignored + } else if (algorithm[3] === '3') { + continue + // algorithm is sha256, check if algorithm is sha384 and if so, set it as + // the strongest + } else if (metadata.algo[3] === '3') { + algorithm = 'sha384' + } + } + return algorithm +} + +function filterMetadataListByAlgorithm (metadataList, algorithm) { + if (metadataList.length === 1) { + return metadataList + } + + let pos = 0 + for (let i = 0; i < metadataList.length; ++i) { + if (metadataList[i].algo === algorithm) { + metadataList[pos++] = metadataList[i] + } + } + + metadataList.length = pos + + return metadataList +} + +/** + * Compares two base64 strings, allowing for base64url + * in the second string. + * +* @param {string} actualValue always base64 + * @param {string} expectedValue base64 or base64url + * @returns {boolean} + */ +function compareBase64Mixed (actualValue, expectedValue) { + if (actualValue.length !== expectedValue.length) { + return false + } + for (let i = 0; i < actualValue.length; ++i) { + if (actualValue[i] !== expectedValue[i]) { + if ( + (actualValue[i] === '+' && expectedValue[i] === '-') || + (actualValue[i] === '/' && expectedValue[i] === '_') + ) { + continue + } + return false + } + } + + return true +} + // https://w3c.github.io/webappsec-upgrade-insecure-requests/#upgrade-request function tryUpgradeRequestToAPotentiallyTrustworthyURL (request) { // TODO @@ -75962,7 +76171,8 @@ module.exports = { urlHasHttpsScheme, urlIsHttpHttpsScheme, readAllBytes, - normalizeMethodRecord + normalizeMethodRecord, + parseMetadata } @@ -78049,12 +78259,17 @@ function parseLocation (statusCode, headers) { // https://tools.ietf.org/html/rfc7231#section-6.4.4 function shouldRemoveHeader (header, removeContent, unknownOrigin) { - return ( - (header.length === 4 && header.toString().toLowerCase() === 'host') || - (removeContent && header.toString().toLowerCase().indexOf('content-') === 0) || - (unknownOrigin && header.length === 13 && header.toString().toLowerCase() === 'authorization') || - (unknownOrigin && header.length === 6 && header.toString().toLowerCase() === 'cookie') - ) + if (header.length === 4) { + return util.headerNameToString(header) === 'host' + } + if (removeContent && util.headerNameToString(header).startsWith('content-')) { + return true + } + if (unknownOrigin && (header.length === 13 || header.length === 6 || header.length === 19)) { + const name = util.headerNameToString(header) + return name === 'authorization' || name === 'cookie' || name === 'proxy-authorization' + } + return false } // https://tools.ietf.org/html/rfc7231#section-6.4 diff --git a/dist/setup/index.js b/dist/setup/index.js index 13023489c..01d5f6741 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -91797,6 +91797,132 @@ function onConnectTimeout (socket) { module.exports = buildConnector +/***/ }), + +/***/ 14462: +/***/ ((module) => { + +"use strict"; + + +/** @type {Record} */ +const headerNameLowerCasedRecord = {} + +// https://developer.mozilla.org/docs/Web/HTTP/Headers +const wellknownHeaderNames = [ + 'Accept', + 'Accept-Encoding', + 'Accept-Language', + 'Accept-Ranges', + 'Access-Control-Allow-Credentials', + 'Access-Control-Allow-Headers', + 'Access-Control-Allow-Methods', + 'Access-Control-Allow-Origin', + 'Access-Control-Expose-Headers', + 'Access-Control-Max-Age', + 'Access-Control-Request-Headers', + 'Access-Control-Request-Method', + 'Age', + 'Allow', + 'Alt-Svc', + 'Alt-Used', + 'Authorization', + 'Cache-Control', + 'Clear-Site-Data', + 'Connection', + 'Content-Disposition', + 'Content-Encoding', + 'Content-Language', + 'Content-Length', + 'Content-Location', + 'Content-Range', + 'Content-Security-Policy', + 'Content-Security-Policy-Report-Only', + 'Content-Type', + 'Cookie', + 'Cross-Origin-Embedder-Policy', + 'Cross-Origin-Opener-Policy', + 'Cross-Origin-Resource-Policy', + 'Date', + 'Device-Memory', + 'Downlink', + 'ECT', + 'ETag', + 'Expect', + 'Expect-CT', + 'Expires', + 'Forwarded', + 'From', + 'Host', + 'If-Match', + 'If-Modified-Since', + 'If-None-Match', + 'If-Range', + 'If-Unmodified-Since', + 'Keep-Alive', + 'Last-Modified', + 'Link', + 'Location', + 'Max-Forwards', + 'Origin', + 'Permissions-Policy', + 'Pragma', + 'Proxy-Authenticate', + 'Proxy-Authorization', + 'RTT', + 'Range', + 'Referer', + 'Referrer-Policy', + 'Refresh', + 'Retry-After', + 'Sec-WebSocket-Accept', + 'Sec-WebSocket-Extensions', + 'Sec-WebSocket-Key', + 'Sec-WebSocket-Protocol', + 'Sec-WebSocket-Version', + 'Server', + 'Server-Timing', + 'Service-Worker-Allowed', + 'Service-Worker-Navigation-Preload', + 'Set-Cookie', + 'SourceMap', + 'Strict-Transport-Security', + 'Supports-Loading-Mode', + 'TE', + 'Timing-Allow-Origin', + 'Trailer', + 'Transfer-Encoding', + 'Upgrade', + 'Upgrade-Insecure-Requests', + 'User-Agent', + 'Vary', + 'Via', + 'WWW-Authenticate', + 'X-Content-Type-Options', + 'X-DNS-Prefetch-Control', + 'X-Frame-Options', + 'X-Permitted-Cross-Domain-Policies', + 'X-Powered-By', + 'X-Requested-With', + 'X-XSS-Protection' +] + +for (let i = 0; i < wellknownHeaderNames.length; ++i) { + const key = wellknownHeaderNames[i] + const lowerCasedKey = key.toLowerCase() + headerNameLowerCasedRecord[key] = headerNameLowerCasedRecord[lowerCasedKey] = + lowerCasedKey +} + +// Note: object prototypes should not be able to be referenced. e.g. `Object#hasOwnProperty`. +Object.setPrototypeOf(headerNameLowerCasedRecord, null) + +module.exports = { + wellknownHeaderNames, + headerNameLowerCasedRecord +} + + /***/ }), /***/ 48045: @@ -92629,6 +92755,7 @@ const { InvalidArgumentError } = __nccwpck_require__(48045) const { Blob } = __nccwpck_require__(14300) const nodeUtil = __nccwpck_require__(73837) const { stringify } = __nccwpck_require__(63477) +const { headerNameLowerCasedRecord } = __nccwpck_require__(14462) const [nodeMajor, nodeMinor] = process.versions.node.split('.').map(v => Number(v)) @@ -92838,6 +92965,15 @@ function parseKeepAliveTimeout (val) { return m ? parseInt(m[1], 10) * 1000 : null } +/** + * Retrieves a header name and returns its lowercase value. + * @param {string | Buffer} value Header name + * @returns {string} + */ +function headerNameToString (value) { + return headerNameLowerCasedRecord[value] || value.toLowerCase() +} + function parseHeaders (headers, obj = {}) { // For H2 support if (!Array.isArray(headers)) return headers @@ -93109,6 +93245,7 @@ module.exports = { isIterable, isAsyncIterable, isDestroyed, + headerNameToString, parseRawHeaders, parseHeaders, parseKeepAliveTimeout, @@ -99756,14 +99893,18 @@ const { isBlobLike, toUSVString, ReadableStreamFrom } = __nccwpck_require__(8398 const assert = __nccwpck_require__(39491) const { isUint8Array } = __nccwpck_require__(29830) +let supportedHashes = [] + // https://nodejs.org/api/crypto.html#determining-if-crypto-support-is-unavailable /** @type {import('crypto')|undefined} */ let crypto try { crypto = __nccwpck_require__(6113) + const possibleRelevantHashes = ['sha256', 'sha384', 'sha512'] + supportedHashes = crypto.getHashes().filter((hash) => possibleRelevantHashes.includes(hash)) +/* c8 ignore next 3 */ } catch { - } function responseURL (response) { @@ -100291,66 +100432,56 @@ function bytesMatch (bytes, metadataList) { return true } - // 3. If parsedMetadata is the empty set, return true. + // 3. If response is not eligible for integrity validation, return false. + // TODO + + // 4. If parsedMetadata is the empty set, return true. if (parsedMetadata.length === 0) { return true } - // 4. Let metadata be the result of getting the strongest + // 5. Let metadata be the result of getting the strongest // metadata from parsedMetadata. - const list = parsedMetadata.sort((c, d) => d.algo.localeCompare(c.algo)) - // get the strongest algorithm - const strongest = list[0].algo - // get all entries that use the strongest algorithm; ignore weaker - const metadata = list.filter((item) => item.algo === strongest) + const strongest = getStrongestMetadata(parsedMetadata) + const metadata = filterMetadataListByAlgorithm(parsedMetadata, strongest) - // 5. For each item in metadata: + // 6. For each item in metadata: for (const item of metadata) { // 1. Let algorithm be the alg component of item. const algorithm = item.algo // 2. Let expectedValue be the val component of item. - let expectedValue = item.hash + const expectedValue = item.hash // See https://github.com/web-platform-tests/wpt/commit/e4c5cc7a5e48093220528dfdd1c4012dc3837a0e // "be liberal with padding". This is annoying, and it's not even in the spec. - if (expectedValue.endsWith('==')) { - expectedValue = expectedValue.slice(0, -2) - } - // 3. Let actualValue be the result of applying algorithm to bytes. let actualValue = crypto.createHash(algorithm).update(bytes).digest('base64') - if (actualValue.endsWith('==')) { - actualValue = actualValue.slice(0, -2) + if (actualValue[actualValue.length - 1] === '=') { + if (actualValue[actualValue.length - 2] === '=') { + actualValue = actualValue.slice(0, -2) + } else { + actualValue = actualValue.slice(0, -1) + } } // 4. If actualValue is a case-sensitive match for expectedValue, // return true. - if (actualValue === expectedValue) { - return true - } - - let actualBase64URL = crypto.createHash(algorithm).update(bytes).digest('base64url') - - if (actualBase64URL.endsWith('==')) { - actualBase64URL = actualBase64URL.slice(0, -2) - } - - if (actualBase64URL === expectedValue) { + if (compareBase64Mixed(actualValue, expectedValue)) { return true } } - // 6. Return false. + // 7. Return false. return false } // https://w3c.github.io/webappsec-subresource-integrity/#grammardef-hash-with-options // https://www.w3.org/TR/CSP2/#source-list-syntax // https://www.rfc-editor.org/rfc/rfc5234#appendix-B.1 -const parseHashWithOptions = /((?sha256|sha384|sha512)-(?[A-z0-9+/]{1}.*={0,2}))( +[\x21-\x7e]?)?/i +const parseHashWithOptions = /(?sha256|sha384|sha512)-((?[A-Za-z0-9+/]+|[A-Za-z0-9_-]+)={0,2}(?:\s|$)( +[!-~]*)?)?/i /** * @see https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata @@ -100364,8 +100495,6 @@ function parseMetadata (metadata) { // 2. Let empty be equal to true. let empty = true - const supportedHashes = crypto.getHashes() - // 3. For each token returned by splitting metadata on spaces: for (const token of metadata.split(' ')) { // 1. Set empty to false. @@ -100375,7 +100504,11 @@ function parseMetadata (metadata) { const parsedToken = parseHashWithOptions.exec(token) // 3. If token does not parse, continue to the next token. - if (parsedToken === null || parsedToken.groups === undefined) { + if ( + parsedToken === null || + parsedToken.groups === undefined || + parsedToken.groups.algo === undefined + ) { // Note: Chromium blocks the request at this point, but Firefox // gives a warning that an invalid integrity was given. The // correct behavior is to ignore these, and subsequently not @@ -100384,11 +100517,11 @@ function parseMetadata (metadata) { } // 4. Let algorithm be the hash-algo component of token. - const algorithm = parsedToken.groups.algo + const algorithm = parsedToken.groups.algo.toLowerCase() // 5. If algorithm is a hash function recognized by the user // agent, add the parsed token to result. - if (supportedHashes.includes(algorithm.toLowerCase())) { + if (supportedHashes.includes(algorithm)) { result.push(parsedToken.groups) } } @@ -100401,6 +100534,82 @@ function parseMetadata (metadata) { return result } +/** + * @param {{ algo: 'sha256' | 'sha384' | 'sha512' }[]} metadataList + */ +function getStrongestMetadata (metadataList) { + // Let algorithm be the algo component of the first item in metadataList. + // Can be sha256 + let algorithm = metadataList[0].algo + // If the algorithm is sha512, then it is the strongest + // and we can return immediately + if (algorithm[3] === '5') { + return algorithm + } + + for (let i = 1; i < metadataList.length; ++i) { + const metadata = metadataList[i] + // If the algorithm is sha512, then it is the strongest + // and we can break the loop immediately + if (metadata.algo[3] === '5') { + algorithm = 'sha512' + break + // If the algorithm is sha384, then a potential sha256 or sha384 is ignored + } else if (algorithm[3] === '3') { + continue + // algorithm is sha256, check if algorithm is sha384 and if so, set it as + // the strongest + } else if (metadata.algo[3] === '3') { + algorithm = 'sha384' + } + } + return algorithm +} + +function filterMetadataListByAlgorithm (metadataList, algorithm) { + if (metadataList.length === 1) { + return metadataList + } + + let pos = 0 + for (let i = 0; i < metadataList.length; ++i) { + if (metadataList[i].algo === algorithm) { + metadataList[pos++] = metadataList[i] + } + } + + metadataList.length = pos + + return metadataList +} + +/** + * Compares two base64 strings, allowing for base64url + * in the second string. + * +* @param {string} actualValue always base64 + * @param {string} expectedValue base64 or base64url + * @returns {boolean} + */ +function compareBase64Mixed (actualValue, expectedValue) { + if (actualValue.length !== expectedValue.length) { + return false + } + for (let i = 0; i < actualValue.length; ++i) { + if (actualValue[i] !== expectedValue[i]) { + if ( + (actualValue[i] === '+' && expectedValue[i] === '-') || + (actualValue[i] === '/' && expectedValue[i] === '_') + ) { + continue + } + return false + } + } + + return true +} + // https://w3c.github.io/webappsec-upgrade-insecure-requests/#upgrade-request function tryUpgradeRequestToAPotentiallyTrustworthyURL (request) { // TODO @@ -100816,7 +101025,8 @@ module.exports = { urlHasHttpsScheme, urlIsHttpHttpsScheme, readAllBytes, - normalizeMethodRecord + normalizeMethodRecord, + parseMetadata } @@ -102903,12 +103113,17 @@ function parseLocation (statusCode, headers) { // https://tools.ietf.org/html/rfc7231#section-6.4.4 function shouldRemoveHeader (header, removeContent, unknownOrigin) { - return ( - (header.length === 4 && header.toString().toLowerCase() === 'host') || - (removeContent && header.toString().toLowerCase().indexOf('content-') === 0) || - (unknownOrigin && header.length === 13 && header.toString().toLowerCase() === 'authorization') || - (unknownOrigin && header.length === 6 && header.toString().toLowerCase() === 'cookie') - ) + if (header.length === 4) { + return util.headerNameToString(header) === 'host' + } + if (removeContent && util.headerNameToString(header).startsWith('content-')) { + return true + } + if (unknownOrigin && (header.length === 13 || header.length === 6 || header.length === 19)) { + const name = util.headerNameToString(header) + return name === 'authorization' || name === 'cookie' || name === 'proxy-authorization' + } + return false } // https://tools.ietf.org/html/rfc7231#section-6.4 diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md index 3503748af..cfbda09fc 100644 --- a/docs/advanced-usage.md +++ b/docs/advanced-usage.md @@ -531,7 +531,7 @@ steps: Supported files are .java-version and .tool-versions. In .java-version file, only the version should be specified (e.g., 17.0.7). In .tool-versions file, java version should be preceded by the java keyword (e.g., java 17.0.7). - The `.java-version` file recognizes all variants of the version description according to [jenv](https://github.com/jenv/jenv). Similarly, the `.tool-versions` file supports version specifications in accordance with [asdf](https://github.com/asdf-vm/asdf) standards, adhering to Semantic Versioning (semver). + The `.java-version` file recognizes all variants of the version description according to [jenv](https://github.com/jenv/jenv). Similarly, the `.tool-versions` file supports version specifications in accordance with [asdf](https://github.com/asdf-vm/asdf) standards, adhering to Semantic Versioning ([semver](https://semver.org/)). If both java-version and java-version-file inputs are provided, the java-version input will be used. diff --git a/package-lock.json b/package-lock.json index 8274a1c89..cb1af4427 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2249,12 +2249,12 @@ } }, "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "dependencies": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" }, "engines": { "node": ">=8" @@ -3102,9 +3102,9 @@ } }, "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "dependencies": { "to-regex-range": "^5.0.1" @@ -5338,9 +5338,9 @@ } }, "node_modules/undici": { - "version": "5.28.3", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.3.tgz", - "integrity": "sha512-3ItfzbrhDlINjaP0duwnNsKpDQk3acHI3gVJ1z4fmwMK31k5G9OVIAMLSIaP6w4FaGkaAkN6zaQO9LUvZ1t7VA==", + "version": "5.28.4", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz", + "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==", "dependencies": { "@fastify/busboy": "^2.0.0" }, From 6a0805fcefea3d4657a47ac4c165951e33482018 Mon Sep 17 00:00:00 2001 From: Accelerator1996 Date: Fri, 2 Aug 2024 03:14:38 +0800 Subject: [PATCH 4/4] Fix the bug about parsing dragonwell version (#642) (#643) --- __tests__/data/dragonwell.json | 186 ++++++++++++++++++ .../distributors/dragonwell-installer.test.ts | 51 ++++- dist/setup/index.js | 7 +- src/distributions/dragonwell/installer.ts | 11 +- 4 files changed, 239 insertions(+), 16 deletions(-) diff --git a/__tests__/data/dragonwell.json b/__tests__/data/dragonwell.json index 58025e901..290c5989c 100644 --- a/__tests__/data/dragonwell.json +++ b/__tests__/data/dragonwell.json @@ -481,6 +481,54 @@ } } } + }, + "11.0.23.20.9" : { + "alpine-linux" : { + "x64" : { + "Extended" : { + "sha256" : "9d61fefb4f1a8368f8e7eec17893934b438b67f360cb8b7ef727ab459695d14e", + "name" : "Alibaba_Dragonwell_Extended_11.0.23.20.9_x64_alpine-linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell11/releases/download/dragonwell-extended-11.0.23.20_jdk-11.0.23-ga/Alibaba_Dragonwell_Extended_11.0.23.20.9_x64_alpine-linux.tar.gz" + } + } + }, + "linux" : { + "aarch64" : { + "Extended" : { + "sha256" : "2f399231644fe1e3f1b4b5298e85f21f4863017767e9e5afb00ee46e2d7780d9", + "name" : "Alibaba_Dragonwell_Extended_11.0.23.20.9_aarch64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell11/releases/download/dragonwell-extended-11.0.23.20_jdk-11.0.23-ga/Alibaba_Dragonwell_Extended_11.0.23.20.9_aarch64_linux.tar.gz" + } + }, + "x64" : { + "Extended" : { + "sha256" : "662dfdc584e21bcfb7ed87942b5bb4e71a7b7467d4c82211a3615d0834d1c833", + "name" : "Alibaba_Dragonwell_Extended_11.0.23.20.9_x64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell11/releases/download/dragonwell-extended-11.0.23.20_jdk-11.0.23-ga/Alibaba_Dragonwell_Extended_11.0.23.20.9_x64_linux.tar.gz" + } + }, + "riscv" : { + "Extended" : { + "sha256" : "f3488461cbfd95e6c08ad2dc01c51950b9c629c46eea6305002311b263ce2ad9", + "name" : "Alibaba_Dragonwell_Extended_11.0.23.20.9_riscv64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell11/releases/download/dragonwell-extended-11.0.23.20_jdk-11.0.23-ga/Alibaba_Dragonwell_Extended_11.0.23.20.9_riscv64_linux.tar.gz" + } + } + }, + "windows" : { + "x64" : { + "Extended" : { + "sha256" : "ba8dba2b7f2279f87220f396afcce49cb26482705deb5144c6e22a90ba443f9d", + "name" : "Alibaba_Dragonwell_Extended_11.0.23.20.9_x64_windows.zip", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell11/releases/download/dragonwell-extended-11.0.23.20_jdk-11.0.23-ga/Alibaba_Dragonwell_Extended_11.0.23.20.9_x64_windows.zip" + } + } + } } }, "17":{ @@ -1134,5 +1182,143 @@ } } } + }, + "21" : { + "21.0.3.0.3.9" : { + "alpine-linux" : { + "x64" : { + "Standard" : { + "sha256" : "c3c5d193a0a6aee8757fd3036dc13b7921a4306b089bf8759ba6b822d1e8416e", + "name" : "Alibaba_Dragonwell_Standard_21.0.3.0.3.9_x64_alpine-linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.3.0.3%2B9_jdk-21.0.3-ga/Alibaba_Dragonwell_Standard_21.0.3.0.3.9_x64_alpine-linux.tar.gz" + } + } + }, + "linux" : { + "aarch64" : { + "Standard" : { + "sha256" : "3cc309627ad2a9515ca50cdeff9eff118f14326b37eaa536b758570082aeb242", + "name" : "Alibaba_Dragonwell_Standard_21.0.3.0.3.9_aarch64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.3.0.3%2B9_jdk-21.0.3-ga/Alibaba_Dragonwell_Standard_21.0.3.0.3.9_aarch64_linux.tar.gz" + } + }, + "x64" : { + "Standard" : { + "sha256" : "1c0508db048c0b50e2d61b2cc5a5390d3b9bcafec6e185d2cb53dde1fc530203", + "name" : "Alibaba_Dragonwell_Standard_21.0.3.0.3.9_x64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.3.0.3%2B9_jdk-21.0.3-ga/Alibaba_Dragonwell_Standard_21.0.3.0.3.9_x64_linux.tar.gz" + } + }, + "riscv" : { + "Standard" : { + "sha256" : "e374698f8ee9c66b8d4a59ba50d0511aa654b55514732bc787e29c9afaddf846", + "name" : "Alibaba_Dragonwell_Standard_21.0.3.0.3.9_riscv64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.3.0.3%2B9_jdk-21.0.3-ga/Alibaba_Dragonwell_Standard_21.0.3.0.3.9_riscv64_linux.tar.gz" + } + } + }, + "windows" : { + "x64" : { + "Standard" : { + "sha256" : "0b75fc888cb2a9c7e050132fd020c30cbe65f3179feb36812a7c6be3c76ad277", + "name" : "Alibaba_Dragonwell_Standard_21.0.3.0.3.9_x64_windows.zip", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.3.0.3%2B9_jdk-21.0.3-ga/Alibaba_Dragonwell_Standard_21.0.3.0.3.9_x64_windows.zip" + } + } + } + }, + "21.0.2.0.2.13" : { + "alpine-linux" : { + "x64" : { + "Standard" : { + "sha256" : "71a391987fdd569385c0afe1aaf16dbd48d127e14306793ef9ac0e0986b9632c", + "name" : "Alibaba_Dragonwell_Standard_21.0.2.0.2.13_x64_alpine-linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.2.0.2%2B13_jdk-21.0.2-ga/Alibaba_Dragonwell_Standard_21.0.2.0.2.13_x64_alpine-linux.tar.gz" + } + } + }, + "linux" : { + "aarch64" : { + "Standard" : { + "sha256" : "307321a399c206f8d56e0ce5c65921f9448ec9882dfb81ffc5e841b8fb5f8ed8", + "name" : "Alibaba_Dragonwell_Standard_21.0.2.0.2.13_aarch64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.2.0.2%2B13_jdk-21.0.2-ga/Alibaba_Dragonwell_Standard_21.0.2.0.2.13_aarch64_linux.tar.gz" + } + }, + "x64" : { + "Standard" : { + "sha256" : "24198f0d436bb913b152181e07205647b05da01c196f5c10a96e9a998b10381a", + "name" : "Alibaba_Dragonwell_Standard_21.0.2.0.2.13_x64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.2.0.2%2B13_jdk-21.0.2-ga/Alibaba_Dragonwell_Standard_21.0.2.0.2.13_x64_linux.tar.gz" + } + }, + "riscv" : { + "Standard" : { + "sha256" : "970a49103b8971952e46c81be844bc3776caca04da8456337f12e3a7d2a18011", + "name" : "Alibaba_Dragonwell_Standard_21.0.2.0.2.13_riscv64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.2.0.2%2B13_jdk-21.0.2-ga/Alibaba_Dragonwell_Standard_21.0.2.0.2.13_riscv64_linux.tar.gz" + } + } + }, + "windows" : { + "x64" : { + "Standard" : { + "sha256" : "b77de54be5ef1595fc568f6f18fbd4b61d64d99a0c9c5ef78a84018b4f82032b", + "name" : "Alibaba_Dragonwell_Standard_21.0.2.0.2.13_x64_windows.zip", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.2.0.2%2B13_jdk-21.0.2-ga/Alibaba_Dragonwell_Standard_21.0.2.0.2.13_x64_windows.zip" + } + } + } + }, + "21.0.1.0.1.12" : { + "alpine-linux" : { + "x64" : { + "Standard" : { + "sha256" : "b9cea58bffe555484b831ff6d7cdb277c07e86a76d32b373ec35fa21ecb5fdc9", + "name" : "Alibaba_Dragonwell_Standard_21.0.1.0.1.12_x64_alpine-linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.1.0.1%2B12_jdk-21.0.1-ga/Alibaba_Dragonwell_Standard_21.0.1.0.1.12_x64_alpine-linux.tar.gz" + } + } + }, + "linux" : { + "aarch64" : { + "Standard" : { + "sha256" : "d36cef494ccc1939c6b5da04133cfdbe0b03956fd04147aef46014536bc5a37b", + "name" : "Alibaba_Dragonwell_Standard_21.0.1.0.1.12_aarch64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.1.0.1%2B12_jdk-21.0.1-ga/Alibaba_Dragonwell_Standard_21.0.1.0.1.12_aarch64_linux.tar.gz" + } + }, + "x64" : { + "Standard" : { + "sha256" : "dfb8d325a98b8f577d72fd639cc54feee325eec8ebba497868184c8405a1cf41", + "name" : "Alibaba_Dragonwell_Standard_21.0.1.0.1.12_x64_linux.tar.gz", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.1.0.1%2B12_jdk-21.0.1-ga/Alibaba_Dragonwell_Standard_21.0.1.0.1.12_x64_linux.tar.gz" + } + } + }, + "windows" : { + "x64" : { + "Standard" : { + "sha256" : "b8ab99ed9060341f75edb8cc238830fbfd608e51536e43f34bd45c3e968ebab5", + "name" : "Alibaba_Dragonwell_Standard_21.0.1.0.1.12_x64_windows.zip", + "content_type" : "application/zip", + "download_url" : "https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.1.0.1%2B12_jdk-21.0.1-ga/Alibaba_Dragonwell_Standard_21.0.1.0.1.12_x64_windows.zip" + } + } + } + } } } diff --git a/__tests__/distributors/dragonwell-installer.test.ts b/__tests__/distributors/dragonwell-installer.test.ts index 44cc39640..4a680d8f3 100644 --- a/__tests__/distributors/dragonwell-installer.test.ts +++ b/__tests__/distributors/dragonwell-installer.test.ts @@ -41,15 +41,16 @@ describe('getAvailableVersions', () => { describe('getAvailableVersions', () => { it.each([ ['8', 'x86', 'linux', 0], - ['8', 'aarch64', 'linux', 24], - ['8.6.6', 'x64', 'linux', 27], + ['8', 'aarch64', 'linux', 28], + ['8.6.6', 'x64', 'linux', 31], ['8', 'x86', 'anolis', 0], ['8', 'x86', 'windows', 0], ['8', 'x86', 'mac', 0], - ['11', 'x64', 'linux', 27], - ['11', 'aarch64', 'linux', 24], - ['17', 'riscv', 'linux', 0], - ['16.0.1', 'x64', 'linux', 27] + ['11', 'x64', 'linux', 31], + ['11', 'aarch64', 'linux', 28], + ['17', 'riscv', 'linux', 3], + ['16.0.1', 'x64', 'linux', 31], + ['21', 'x64', 'linux', 31] ])( 'should get right number of available versions from JSON', async ( @@ -103,25 +104,31 @@ describe('getAvailableVersions', () => { '11', 'linux', 'x64', - 'https://github.com/alibaba/dragonwell11/releases/download/dragonwell-extended-11.0.17.13_jdk-11.0.17-ga/Alibaba_Dragonwell_Extended_11.0.17.13.8_x64_linux.tar.gz' + 'https://github.com/dragonwell-project/dragonwell11/releases/download/dragonwell-extended-11.0.23.20_jdk-11.0.23-ga/Alibaba_Dragonwell_Extended_11.0.23.20.9_x64_linux.tar.gz' ], [ '11', 'linux', 'aarch64', - 'https://github.com/alibaba/dragonwell11/releases/download/dragonwell-extended-11.0.17.13_jdk-11.0.17-ga/Alibaba_Dragonwell_Extended_11.0.17.13.8_aarch64_linux.tar.gz' + 'https://github.com/dragonwell-project/dragonwell11/releases/download/dragonwell-extended-11.0.23.20_jdk-11.0.23-ga/Alibaba_Dragonwell_Extended_11.0.23.20.9_aarch64_linux.tar.gz' + ], + [ + '11', + 'linux', + 'riscv', + 'https://github.com/dragonwell-project/dragonwell11/releases/download/dragonwell-extended-11.0.23.20_jdk-11.0.23-ga/Alibaba_Dragonwell_Extended_11.0.23.20.9_riscv64_linux.tar.gz' ], [ '11', 'windows', 'x64', - 'https://github.com/alibaba/dragonwell11/releases/download/dragonwell-extended-11.0.17.13_jdk-11.0.17-ga/Alibaba_Dragonwell_Extended_11.0.17.13.8_x64_windows.zip' + 'https://github.com/dragonwell-project/dragonwell11/releases/download/dragonwell-extended-11.0.23.20_jdk-11.0.23-ga/Alibaba_Dragonwell_Extended_11.0.23.20.9_x64_windows.zip' ], [ '11', 'alpine-linux', 'x64', - 'https://github.com/alibaba/dragonwell11/releases/download/dragonwell-extended-11.0.17.13_jdk-11.0.17-ga/Alibaba_Dragonwell_Extended_11.0.17.13.8_x64_alpine-linux.tar.gz' + 'https://github.com/dragonwell-project/dragonwell11/releases/download/dragonwell-extended-11.0.23.20_jdk-11.0.23-ga/Alibaba_Dragonwell_Extended_11.0.23.20.9_x64_alpine-linux.tar.gz' ], [ '11.0.17', @@ -158,6 +165,30 @@ describe('getAvailableVersions', () => { 'linux', 'x64', 'https://github.com/alibaba/dragonwell17/releases/download/dragonwell-standard-17.0.4.0.4%2B8_jdk-17.0.4-ga/Alibaba_Dragonwell_Standard_17.0.4.0.4%2B8_x64_linux.tar.gz' + ], + [ + '17.0.4+8', + 'linux', + 'x64', + 'https://github.com/alibaba/dragonwell17/releases/download/dragonwell-standard-17.0.4.0.4%2B8_jdk-17.0.4-ga/Alibaba_Dragonwell_Standard_17.0.4.0.4%2B8_x64_linux.tar.gz' + ], + [ + '21', + 'linux', + 'aarch64', + 'https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.3.0.3%2B9_jdk-21.0.3-ga/Alibaba_Dragonwell_Standard_21.0.3.0.3.9_aarch64_linux.tar.gz' + ], + [ + '21.0.3+9', + 'linux', + 'riscv', + 'https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.3.0.3%2B9_jdk-21.0.3-ga/Alibaba_Dragonwell_Standard_21.0.3.0.3.9_riscv64_linux.tar.gz' + ], + [ + '21.0.1+12', + 'linux', + 'x64', + 'https://github.com/dragonwell-project/dragonwell21/releases/download/dragonwell-standard-21.0.1.0.1%2B12_jdk-21.0.1-ga/Alibaba_Dragonwell_Standard_21.0.1.0.1.12_x64_linux.tar.gz' ] ])( 'should return proper link according to the specified java-version, platform and arch', diff --git a/dist/setup/index.js b/dist/setup/index.js index 01d5f6741..2b6d6c142 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -124231,9 +124231,10 @@ class DragonwellDistribution extends base_installer_1.JavaBase { } // Some version of Dragonwell JDK are numerated with help of non-semver notation (more then 3 digits). // Common practice is to transform excess digits to the so-called semver build part, which is prefixed with the plus sign, to be able to operate with them using semver tools. - if (jdkVersion.split('.').length > 3) { - jdkVersion = (0, util_1.convertVersionToSemver)(jdkVersion); - } + const jdkVersionNums = jdkVersion + .replace('+', '.') + .split('.'); + jdkVersion = (0, util_1.convertVersionToSemver)(`${jdkVersionNums.slice(0, 3).join('.')}.${jdkVersionNums[jdkVersionNums.length - 1]}`); for (const edition in archMap) { eligibleVersions.push({ os: platform, diff --git a/src/distributions/dragonwell/installer.ts b/src/distributions/dragonwell/installer.ts index 8c616f36e..3e8475773 100644 --- a/src/distributions/dragonwell/installer.ts +++ b/src/distributions/dragonwell/installer.ts @@ -149,9 +149,14 @@ export class DragonwellDistribution extends JavaBase { // Some version of Dragonwell JDK are numerated with help of non-semver notation (more then 3 digits). // Common practice is to transform excess digits to the so-called semver build part, which is prefixed with the plus sign, to be able to operate with them using semver tools. - if (jdkVersion.split('.').length > 3) { - jdkVersion = convertVersionToSemver(jdkVersion); - } + const jdkVersionNums: string[] = jdkVersion + .replace('+', '.') + .split('.'); + jdkVersion = convertVersionToSemver( + `${jdkVersionNums.slice(0, 3).join('.')}.${ + jdkVersionNums[jdkVersionNums.length - 1] + }` + ); for (const edition in archMap) { eligibleVersions.push({