@@ -79067,7 +79067,7 @@ async function restoreCacheV2(paths, primaryKey, restoreKeys, options, enableCro
7906779067 };
7906879068 const response = await twirpClient.GetCacheEntryDownloadURL(request);
7906979069 if (!response.ok) {
79070- core.debug(`Cache not found for version ${request.version} of keys: ${keys.join(', ')}`);
79070+ core.debug(`Cache not found for keys: ${keys.join(', ')}`);
7907179071 return undefined;
7907279072 }
7907379073 core.info(`Cache hit for: ${response.matchedKey}`);
@@ -80970,7 +80970,6 @@ const cacheUtils_1 = __nccwpck_require__(9225);
8097080970const auth_1 = __nccwpck_require__(4552);
8097180971const http_client_1 = __nccwpck_require__(4844);
8097280972const cache_twirp_client_1 = __nccwpck_require__(888);
80973- const util_1 = __nccwpck_require__(8634);
8097480973/**
8097580974 * This class is a wrapper around the CacheServiceClientJSON class generated by Twirp.
8097680975 *
@@ -81029,7 +81028,6 @@ class CacheServiceClient {
8102981028 (0, core_1.debug)(`[Response] - ${response.message.statusCode}`);
8103081029 (0, core_1.debug)(`Headers: ${JSON.stringify(response.message.headers, null, 2)}`);
8103181030 const body = JSON.parse(rawBody);
81032- (0, util_1.maskSecretUrls)(body);
8103381031 (0, core_1.debug)(`Body: ${JSON.stringify(body, null, 2)}`);
8103481032 if (this.isSuccessStatusCode(statusCode)) {
8103581033 return { response, body };
@@ -81206,86 +81204,6 @@ function getUserAgentString() {
8120681204}
8120781205
8120881206
81209- /***/ }),
81210-
81211- /***/ 8634:
81212- /***/ ((__unused_webpack_module, exports, __nccwpck_require__) => {
81213-
81214- "use strict";
81215-
81216- Object.defineProperty(exports, "__esModule", ({ value: true }));
81217- exports.maskSigUrl = maskSigUrl;
81218- exports.maskSecretUrls = maskSecretUrls;
81219- const core_1 = __nccwpck_require__(7484);
81220- /**
81221- * Masks the `sig` parameter in a URL and sets it as a secret.
81222- *
81223- * @param url - The URL containing the signature parameter to mask
81224- * @remarks
81225- * This function attempts to parse the provided URL and identify the 'sig' query parameter.
81226- * If found, it registers both the raw and URL-encoded signature values as secrets using
81227- * the Actions `setSecret` API, which prevents them from being displayed in logs.
81228- *
81229- * The function handles errors gracefully if URL parsing fails, logging them as debug messages.
81230- *
81231- * @example
81232- * ```typescript
81233- * // Mask a signature in an Azure SAS token URL
81234- * maskSigUrl('https://example.blob.core.windows.net/container/file.txt?sig=abc123&se=2023-01-01');
81235- * ```
81236- */
81237- function maskSigUrl(url) {
81238- if (!url)
81239- return;
81240- try {
81241- const parsedUrl = new URL(url);
81242- const signature = parsedUrl.searchParams.get('sig');
81243- if (signature) {
81244- (0, core_1.setSecret)(signature);
81245- (0, core_1.setSecret)(encodeURIComponent(signature));
81246- }
81247- }
81248- catch (error) {
81249- (0, core_1.debug)(`Failed to parse URL: ${url} ${error instanceof Error ? error.message : String(error)}`);
81250- }
81251- }
81252- /**
81253- * Masks sensitive information in URLs containing signature parameters.
81254- * Currently supports masking 'sig' parameters in the 'signed_upload_url'
81255- * and 'signed_download_url' properties of the provided object.
81256- *
81257- * @param body - The object should contain a signature
81258- * @remarks
81259- * This function extracts URLs from the object properties and calls maskSigUrl
81260- * on each one to redact sensitive signature information. The function doesn't
81261- * modify the original object; it only marks the signatures as secrets for
81262- * logging purposes.
81263- *
81264- * @example
81265- * ```typescript
81266- * const responseBody = {
81267- * signed_upload_url: 'https://blob.core.windows.net/?sig=abc123',
81268- * signed_download_url: 'https://blob.core/windows.net/?sig=def456'
81269- * };
81270- * maskSecretUrls(responseBody);
81271- * ```
81272- */
81273- function maskSecretUrls(body) {
81274- if (typeof body !== 'object' || body === null) {
81275- (0, core_1.debug)('body is not an object or is null');
81276- return;
81277- }
81278- if ('signed_upload_url' in body &&
81279- typeof body.signed_upload_url === 'string') {
81280- maskSigUrl(body.signed_upload_url);
81281- }
81282- if ('signed_download_url' in body &&
81283- typeof body.signed_download_url === 'string') {
81284- maskSigUrl(body.signed_download_url);
81285- }
81286- }
81287-
81288-
8128981207/***/ }),
8129081208
8129181209/***/ 7627:
@@ -81376,7 +81294,7 @@ async function getTarPath() {
8137681294 };
8137781295}
8137881296// Return arguments for tar as per tarPath, compressionMethod, method type and os
81379- async function getTarArgs(tarPath, compressionMethod, type, archivePath = '') {
81297+ async function getTarArgs(tarPath, compressionMethod, type, archivePath = '', extraTarArgs ) {
8138081298 const args = [`"${tarPath.path}"`];
8138181299 const cacheFileName = utils.getCacheFileName(compressionMethod);
8138281300 const tarFile = 'cache.tar';
@@ -81386,23 +81304,25 @@ async function getTarArgs(tarPath, compressionMethod, type, archivePath = '') {
8138681304 compressionMethod !== constants_1.CompressionMethod.Gzip &&
8138781305 IS_WINDOWS;
8138881306 // Method specific args
81307+ // --exclude-from is a positional argument
81308+ // It affects and therefore should go before --files-from
8138981309 switch (type) {
8139081310 case 'create':
8139181311 args.push('--posix', '-cf', BSD_TAR_ZSTD
8139281312 ? tarFile
8139381313 : cacheFileName.replace(new RegExp(`\\${path.sep}`, 'g'), '/'), '--exclude', BSD_TAR_ZSTD
8139481314 ? tarFile
81395- : cacheFileName.replace(new RegExp(`\\${path.sep}`, 'g'), '/'), '-P', '-C', workingDirectory.replace(new RegExp(`\\${path.sep}`, 'g'), '/'), '--files-from', constants_1.ManifestFilename);
81315+ : cacheFileName.replace(new RegExp(`\\${path.sep}`, 'g'), '/'), '-P', '-C', workingDirectory.replace(new RegExp(`\\${path.sep}`, 'g'), '/'), ...extraTarArgs, '--files-from', constants_1.ManifestFilename);
8139681316 break;
8139781317 case 'extract':
8139881318 args.push('-xf', BSD_TAR_ZSTD
8139981319 ? tarFile
81400- : archivePath.replace(new RegExp(`\\${path.sep}`, 'g'), '/'), '-P', '-C', workingDirectory.replace(new RegExp(`\\${path.sep}`, 'g'), '/'));
81320+ : archivePath.replace(new RegExp(`\\${path.sep}`, 'g'), '/'), '-P', '-C', workingDirectory.replace(new RegExp(`\\${path.sep}`, 'g'), '/'), ...extraTarArgs );
8140181321 break;
8140281322 case 'list':
8140381323 args.push('-tf', BSD_TAR_ZSTD
8140481324 ? tarFile
81405- : archivePath.replace(new RegExp(`\\${path.sep}`, 'g'), '/'), '-P');
81325+ : archivePath.replace(new RegExp(`\\${path.sep}`, 'g'), '/'), '-P', ...extraTarArgs );
8140681326 break;
8140781327 }
8140881328 // Platform specific args
@@ -81422,8 +81342,7 @@ async function getTarArgs(tarPath, compressionMethod, type, archivePath = '') {
8142281342async function getCommands(compressionMethod, type, archivePath = '', extraTarArgs = []) {
8142381343 let args;
8142481344 const tarPath = await getTarPath();
81425- const tarArgs = await getTarArgs(tarPath, compressionMethod, type, archivePath);
81426- tarArgs.push(...extraTarArgs);
81345+ const tarArgs = await getTarArgs(tarPath, compressionMethod, type, archivePath, extraTarArgs);
8142781346 const compressionArgs = type !== 'create'
8142881347 ? await getDecompressionProgram(tarPath, compressionMethod, archivePath)
8142981348 : await getCompressionProgram(tarPath, compressionMethod);
@@ -96043,7 +95962,7 @@ module.exports["default"] = exports.default;
9604395962/***/ ((module) => {
9604495963
9604595964"use strict";
96046- module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/cache","version":"4.0.3","preview":true,"description":"Actions cache lib","keywords":["github","actions","cache"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/cache","license":"MIT","main":"lib/cache.js","types":"lib/cache.d.ts","directories":{"lib":"lib","test":"__tests__"},"files":["lib","!.DS_Store"],"publishConfig":{"access":"public"},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/cache"},"scripts":{"audit-moderate":"npm install && npm audit --json --audit-level=moderate > audit.json","test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"dependencies":{"@actions/core":"^1.11.1","@actions/exec":"^1.0.1","@actions/glob":"^0.1.0","@actions/http-client":"^2.1.1","@actions/io":"^1.0.1","@azure/abort-controller":"^1.1.0","@azure/ms-rest-js":"^2.6.0","@azure/storage-blob":"^12.13.0","@protobuf-ts/plugin":"^2.9.4","semver":"^6.3.1"},"devDependencies":{"@types/node":"^22.13.9","@types/semver":"^6.0.0","typescript":"^5.2.2"}}');
95965+ module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/cache","version":"4.0.2","preview":true,"description":"Actions cache lib","keywords":["github","actions","cache"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/cache","license":"MIT","main":"lib/cache.js","types":"lib/cache.d.ts","directories":{"lib":"lib","test":"__tests__"},"files":["lib","!.DS_Store"],"publishConfig":{"access":"public"},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/cache"},"scripts":{"audit-moderate":"npm install && npm audit --json --audit-level=moderate > audit.json","test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"dependencies":{"@actions/core":"^1.11.1","@actions/exec":"^1.0.1","@actions/glob":"^0.1.0","@actions/http-client":"^2.1.1","@actions/io":"^1.0.1","@azure/abort-controller":"^1.1.0","@azure/ms-rest-js":"^2.6.0","@azure/storage-blob":"^12.13.0","@protobuf-ts/plugin":"^2.9.4","semver":"^6.3.1"},"devDependencies":{"@types/semver":"^6.0.0","typescript":"^5.2.2"}}');
9604795966
9604895967/***/ })
9604995968
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments