npm - azure-pipelines-task-lib - Versions diffs - 4.9.0 → 4.10.0 - Mend

azure-pipelines-task-lib 4.9.0 → 4.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/internal.d.ts CHANGED Viewed

@@ -18,6 +18,7 @@ export declare enum IssueSource {
 }
 export declare function _startsWith(str: string, start: string): boolean;
 export declare function _endsWith(str: string, end: string): boolean;
+export declare function _truncateBeforeSensitiveKeyword(str: string, sensitiveKeywordsPattern: RegExp): string;
 export declare function _writeLine(str: string): void;
 export declare function _setStdStream(stdStream: any): void;
 export declare function _setErrStream(errStream: any): void;

package/internal.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports._exposeCertSettings = exports._exposeProxySettings = exports._normalizeSeparators = exports._isRooted = exports._getDirectoryName = exports._ensureRooted = exports._isUncPath = exports._loadData = exports._ensurePatternRooted = exports._getFindInfoFromPattern = exports._cloneMatchOptions = exports._legacyFindFiles_convertPatternToRegExp = exports._which = exports._checkPath = exports._exist = exports._debug = exports._error = exports._warning = exports._command = exports._getVariableKey = exports._getVariable = exports._loc = exports._setResourcePath = exports._setErrStream = exports._setStdStream = exports._writeLine = exports._endsWith = exports._startsWith = exports.IssueSource = exports._vault = exports._knownVariableMap = void 0;
+exports._exposeCertSettings = exports._exposeProxySettings = exports._normalizeSeparators = exports._isRooted = exports._getDirectoryName = exports._ensureRooted = exports._isUncPath = exports._loadData = exports._ensurePatternRooted = exports._getFindInfoFromPattern = exports._cloneMatchOptions = exports._legacyFindFiles_convertPatternToRegExp = exports._which = exports._checkPath = exports._exist = exports._debug = exports._error = exports._warning = exports._command = exports._getVariableKey = exports._getVariable = exports._loc = exports._setResourcePath = exports._setErrStream = exports._setStdStream = exports._writeLine = exports._truncateBeforeSensitiveKeyword = exports._endsWith = exports._startsWith = exports.IssueSource = exports._vault = exports._knownVariableMap = void 0;
 var fs = require("fs");
 var path = require("path");
 var os = require("os");
@@ -20,6 +20,7 @@ var crypto = require("crypto");
  *  3) to know the real variable name and not just the formatted env var name.
  */
 exports._knownVariableMap = {};
+var _taskSdkToken;
 //-----------------------------------------------------
 // Enums
 //-----------------------------------------------------
@@ -46,6 +47,17 @@ function _endsWith(str, end) {
     return str.slice(-end.length) == end;
 }
 exports._endsWith = _endsWith;
+function _truncateBeforeSensitiveKeyword(str, sensitiveKeywordsPattern) {
+    if (!str) {
+        return str;
+    }
+    var index = str.search(sensitiveKeywordsPattern);
+    if (index <= 0) {
+        return str;
+    }
+    return str.substring(0, index) + "...";
+}
+exports._truncateBeforeSensitiveKeyword = _truncateBeforeSensitiveKeyword;
 //-----------------------------------------------------
 // General Helpers
 //-----------------------------------------------------
@@ -257,11 +269,13 @@ function _command(command, properties, message) {
 }
 exports._command = _command;
 function _warning(message, source) {
-    _command('task.issue', { 'type': 'warning', 'source': source }, message);
+    if (source === void 0) { source = IssueSource.TaskInternal; }
+    _command('task.issue', { 'type': 'warning', 'source': source, 'token': _taskSdkToken }, message);
 }
 exports._warning = _warning;
 function _error(message, source) {
-    _command('task.issue', { 'type': 'error', 'source': source }, message);
+    if (source === void 0) { source = IssueSource.TaskInternal; }
+    _command('task.issue', { 'type': 'error', 'source': source, 'token': _taskSdkToken }, message);
 }
 exports._error = _error;
 function _debug(message) {
@@ -650,6 +664,9 @@ function _loadData() {
         }
     }
     _debug('loaded ' + loaded);
+    var token = process.env["TASK_SDK_COMMAND_TOKEN"];
+    delete process.env["TASK_SDK_COMMAND_TOKEN"];
+    _taskSdkToken = token ? String(token) : "";
     // store public variable metadata
     var names;
     try {

package/mock-task.js CHANGED Viewed

@@ -27,6 +27,7 @@ module.exports.Platform = task.Platform;
 module.exports.setStdStream = task.setStdStream;
 module.exports.setErrStream = task.setErrStream;
 module.exports.setResult = task.setResult;
+module.exports.setSanitizedResult = task.setSanitizedResult;
 //-----------------------------------------------------
 // Loc Helpers
 //-----------------------------------------------------

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "azure-pipelines-task-lib",
-  "version": "4.9.0",
+  "version": "4.10.0",
   "description": "Azure Pipelines Task SDK",
   "main": "./task.js",
   "typings": "./task.d.ts",

package/task.d.ts CHANGED Viewed

@@ -61,6 +61,18 @@ export declare const setErrStream: typeof im._setErrStream;
  */
 export declare function setResult(result: TaskResult.Succeeded, message?: string, done?: boolean): void;
 export declare function setResult(result: Exclude<TaskResult, 'Succeeded'>, message: string, done?: boolean): void;
+/**
+ * Sets the result of the task with sanitized message.
+ *
+ * @param result    TaskResult enum of Succeeded, SucceededWithIssues, Failed, Cancelled or Skipped.
+ * @param message   A message which will be logged as an error issue if the result is Failed. Message will be truncated
+ *                  before first occurence of wellknown sensitive keyword.
+ * @param done      Optional. Instructs the agent the task is done. This is helpful when child processes
+ *                  may still be running and prevent node from fully exiting. This argument is supported
+ *                  from agent version 2.142.0 or higher (otherwise will no-op).
+ * @returns         void
+ */
+export declare function setSanitizedResult(result: TaskResult, message: string, done?: boolean): void;
 export declare const setResourcePath: typeof im._setResourcePath;
 export declare const loc: typeof im._loc;
 export declare const getVariable: typeof im._getVariable;

package/task.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.updateReleaseName = exports.addBuildTag = exports.updateBuildNumber = exports.uploadBuildLog = exports.associateArtifact = exports.uploadArtifact = exports.logIssue = exports.logDetail = exports.setProgress = exports.setEndpoint = exports.addAttachment = exports.uploadSummary = exports.prependPath = exports.uploadFile = exports.CodeCoverageEnabler = exports.CodeCoveragePublisher = exports.TestPublisher = exports.getHttpCertConfiguration = exports.getHttpProxyConfiguration = exports.findMatch = exports.filter = exports.match = exports.tool = exports.execSync = exports.exec = exports.execAsync = exports.rmRF = exports.legacyFindFiles = exports.find = exports.retry = exports.mv = exports.cp = exports.ls = exports.which = exports.resolve = exports.mkdirP = exports.popd = exports.pushd = exports.cd = exports.checkPath = exports.cwd = exports.getAgentMode = exports.getNodeMajorVersion = exports.getPlatform = exports.osType = exports.writeFile = exports.exist = exports.stats = exports.debug = exports.error = exports.warning = exports.command = exports.setTaskVariable = exports.getTaskVariable = exports.getSecureFileTicket = exports.getSecureFileName = exports.getEndpointAuthorization = exports.getEndpointAuthorizationParameterRequired = exports.getEndpointAuthorizationParameter = exports.getEndpointAuthorizationSchemeRequired = exports.getEndpointAuthorizationScheme = exports.getEndpointDataParameterRequired = exports.getEndpointDataParameter = exports.getEndpointUrlRequired = exports.getEndpointUrl = exports.getPathInputRequired = exports.getPathInput = exports.filePathSupplied = exports.getDelimitedInput = exports.getPipelineFeature = exports.getBoolFeatureFlag = exports.getBoolInput = exports.getInputRequired = exports.getInput = exports.setSecret = exports.setVariable = exports.getVariables = exports.assertAgent = exports.getVariable = exports.loc = exports.setResourcePath = exports.setResult = exports.setErrStream = exports.setStdStream = exports.AgentHostedMode = exports.Platform = exports.IssueSource = exports.FieldType = exports.ArtifactType = exports.IssueType = exports.TaskState = exports.TaskResult = void 0;
+exports.updateReleaseName = exports.addBuildTag = exports.updateBuildNumber = exports.uploadBuildLog = exports.associateArtifact = exports.uploadArtifact = exports.logIssue = exports.logDetail = exports.setProgress = exports.setEndpoint = exports.addAttachment = exports.uploadSummary = exports.prependPath = exports.uploadFile = exports.CodeCoverageEnabler = exports.CodeCoveragePublisher = exports.TestPublisher = exports.getHttpCertConfiguration = exports.getHttpProxyConfiguration = exports.findMatch = exports.filter = exports.match = exports.tool = exports.execSync = exports.exec = exports.execAsync = exports.rmRF = exports.legacyFindFiles = exports.find = exports.retry = exports.mv = exports.cp = exports.ls = exports.which = exports.resolve = exports.mkdirP = exports.popd = exports.pushd = exports.cd = exports.checkPath = exports.cwd = exports.getAgentMode = exports.getNodeMajorVersion = exports.getPlatform = exports.osType = exports.writeFile = exports.exist = exports.stats = exports.debug = exports.error = exports.warning = exports.command = exports.setTaskVariable = exports.getTaskVariable = exports.getSecureFileTicket = exports.getSecureFileName = exports.getEndpointAuthorization = exports.getEndpointAuthorizationParameterRequired = exports.getEndpointAuthorizationParameter = exports.getEndpointAuthorizationSchemeRequired = exports.getEndpointAuthorizationScheme = exports.getEndpointDataParameterRequired = exports.getEndpointDataParameter = exports.getEndpointUrlRequired = exports.getEndpointUrl = exports.getPathInputRequired = exports.getPathInput = exports.filePathSupplied = exports.getDelimitedInput = exports.getPipelineFeature = exports.getBoolFeatureFlag = exports.getBoolInput = exports.getInputRequired = exports.getInput = exports.setSecret = exports.setVariable = exports.getVariables = exports.assertAgent = exports.getVariable = exports.loc = exports.setResourcePath = exports.setSanitizedResult = exports.setResult = exports.setErrStream = exports.setStdStream = exports.AgentHostedMode = exports.Platform = exports.IssueSource = exports.FieldType = exports.ArtifactType = exports.IssueType = exports.TaskState = exports.TaskResult = void 0;
 var shell = require("shelljs");
 var childProcess = require("child_process");
 var fs = require("fs");
@@ -81,6 +81,23 @@ function setResult(result, message, done) {
     exports.command('task.complete', properties, message);
 }
 exports.setResult = setResult;
+/**
+ * Sets the result of the task with sanitized message.
+ *
+ * @param result    TaskResult enum of Succeeded, SucceededWithIssues, Failed, Cancelled or Skipped.
+ * @param message   A message which will be logged as an error issue if the result is Failed. Message will be truncated
+ *                  before first occurence of wellknown sensitive keyword.
+ * @param done      Optional. Instructs the agent the task is done. This is helpful when child processes
+ *                  may still be running and prevent node from fully exiting. This argument is supported
+ *                  from agent version 2.142.0 or higher (otherwise will no-op).
+ * @returns         void
+ */
+function setSanitizedResult(result, message, done) {
+    var pattern = /password|key|secret|bearer|authorization|token|pat/i;
+    var sanitizedMessage = im._truncateBeforeSensitiveKeyword(message, pattern);
+    setResult(result, sanitizedMessage, done);
+}
+exports.setSanitizedResult = setSanitizedResult;
 //
 // Catching all exceptions
 //