mirror of
https://github.com/actions/setup-node.git
synced 2026-06-29 15:44:10 +08:00
Compare commits
2 Commits
dependabot
...
02bd4fe351
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
02bd4fe351 | ||
|
|
ecb118ff9d |
@@ -118,6 +118,24 @@ describe('authutil tests', () => {
|
||||
expect(process.env.NODE_AUTH_TOKEN).toEqual('foobar');
|
||||
});
|
||||
|
||||
it('should not export NODE_AUTH_TOKEN if not set (OIDC support)', async () => {
|
||||
// Clean NODE_AUTH_TOKEN from environment
|
||||
delete process.env.NODE_AUTH_TOKEN;
|
||||
await auth.configAuthentication('https://registry.npmjs.org/');
|
||||
expect(fs.statSync(rcFile)).toBeDefined();
|
||||
// NODE_AUTH_TOKEN should not be exported to environment if not initially set
|
||||
// This allows OIDC authentication to work properly
|
||||
const rc = readRcFile(rcFile);
|
||||
expect(rc['registry']).toBe('https://registry.npmjs.org/');
|
||||
});
|
||||
|
||||
it('should export empty string NODE_AUTH_TOKEN if explicitly set to empty (OIDC support)', async () => {
|
||||
process.env.NODE_AUTH_TOKEN = '';
|
||||
await auth.configAuthentication('https://registry.npmjs.org/');
|
||||
expect(fs.statSync(rcFile)).toBeDefined();
|
||||
expect(process.env.NODE_AUTH_TOKEN).toEqual('');
|
||||
});
|
||||
|
||||
it('configAuthentication should overwrite non-scoped with non-scoped', async () => {
|
||||
fs.writeFileSync(rcFile, 'registry=NNN');
|
||||
await auth.configAuthentication('https://registry.npmjs.org/');
|
||||
|
||||
8
dist/setup/index.js
vendored
8
dist/setup/index.js
vendored
@@ -53633,8 +53633,12 @@ function writeRegistryToFile(registryUrl, fileLocation) {
|
||||
newContents += `${authString}${os.EOL}${registryString}`;
|
||||
fs.writeFileSync(fileLocation, newContents);
|
||||
core.exportVariable('NPM_CONFIG_USERCONFIG', fileLocation);
|
||||
// Export empty node_auth_token if didn't exist so npm doesn't complain about not being able to find it
|
||||
core.exportVariable('NODE_AUTH_TOKEN', process.env.NODE_AUTH_TOKEN || 'XXXXX-XXXXX-XXXXX-XXXXX');
|
||||
// Only export NODE_AUTH_TOKEN if explicitly provided by user
|
||||
// This is required to support NPM OIDC tokens which need NODE_AUTH_TOKEN to be unset
|
||||
// See: https://github.com/actions/setup-node/issues/1440
|
||||
if (Object.prototype.hasOwnProperty.call(process.env, 'NODE_AUTH_TOKEN')) {
|
||||
core.exportVariable('NODE_AUTH_TOKEN', process.env.NODE_AUTH_TOKEN);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
979
package-lock.json
generated
979
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
@@ -43,12 +43,12 @@
|
||||
"@types/jest": "^29.5.14",
|
||||
"@types/node": "^24.1.0",
|
||||
"@types/semver": "^7.5.8",
|
||||
"@typescript-eslint/eslint-plugin": "^8.54.0",
|
||||
"@typescript-eslint/parser": "^8.54.0",
|
||||
"@typescript-eslint/eslint-plugin": "^5.54.0",
|
||||
"@typescript-eslint/parser": "^5.54.0",
|
||||
"@vercel/ncc": "^0.38.3",
|
||||
"eslint": "^9.39.2",
|
||||
"eslint": "^8.57.0",
|
||||
"eslint-config-prettier": "^8.6.0",
|
||||
"eslint-plugin-jest": "^28.14.0",
|
||||
"eslint-plugin-jest": "^27.9.0",
|
||||
"eslint-plugin-node": "^11.1.0",
|
||||
"jest": "^29.7.0",
|
||||
"jest-circus": "^29.7.0",
|
||||
|
||||
@@ -46,9 +46,10 @@ function writeRegistryToFile(registryUrl: string, fileLocation: string) {
|
||||
newContents += `${authString}${os.EOL}${registryString}`;
|
||||
fs.writeFileSync(fileLocation, newContents);
|
||||
core.exportVariable('NPM_CONFIG_USERCONFIG', fileLocation);
|
||||
// Export empty node_auth_token if didn't exist so npm doesn't complain about not being able to find it
|
||||
core.exportVariable(
|
||||
'NODE_AUTH_TOKEN',
|
||||
process.env.NODE_AUTH_TOKEN || 'XXXXX-XXXXX-XXXXX-XXXXX'
|
||||
);
|
||||
// Only export NODE_AUTH_TOKEN if explicitly provided by user
|
||||
// This is required to support NPM OIDC tokens which need NODE_AUTH_TOKEN to be unset
|
||||
// See: https://github.com/actions/setup-node/issues/1440
|
||||
if (Object.prototype.hasOwnProperty.call(process.env, 'NODE_AUTH_TOKEN')) {
|
||||
core.exportVariable('NODE_AUTH_TOKEN', process.env.NODE_AUTH_TOKEN);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user