azure-pipelines-task-lib 5.2.2 → 5.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/internal.js +6 -4
  2. package/package.json +6 -6
package/internal.js CHANGED
@@ -919,13 +919,15 @@ exports._exposeCertSettings = _exposeCertSettings;
919
919
  // downstream vsts-node-api will retrieve the secret later
920
920
  function _exposeTaskLibSecret(keyFile, secret) {
921
921
  if (secret) {
922
- var encryptKey = crypto.randomBytes(256);
923
- var cipher = crypto.createCipher("aes-256-ctr", encryptKey);
922
+ var encryptKey = crypto.randomBytes(32);
923
+ var iv = crypto.randomBytes(16);
924
+ var cipher = crypto.createCipheriv("aes-256-ctr", encryptKey, iv);
924
925
  var encryptedContent = cipher.update(secret, "utf8", "hex"); // CodeQL [SM01511] agent need to retrieve password later to connect to proxy server
925
926
  encryptedContent += cipher.final("hex");
926
927
  var storageFile = path.join(_getVariable('Agent.TempDirectory') || _getVariable("agent.workFolder") || process.cwd(), keyFile);
927
- fs.writeFileSync(storageFile, encryptKey.toString('base64'), { encoding: 'utf8' });
928
- return new Buffer(storageFile).toString('base64') + ':' + new Buffer(encryptedContent).toString('base64');
928
+ var keyAndIv = encryptKey.toString('base64') + ':' + iv.toString('base64');
929
+ fs.writeFileSync(storageFile, keyAndIv, { encoding: 'utf8' });
930
+ return Buffer.from(storageFile).toString('base64') + ':' + Buffer.from(encryptedContent).toString('base64');
929
931
  }
930
932
  }
931
933
  function isSigPipeError(e) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "azure-pipelines-task-lib",
3
- "version": "5.2.2",
3
+ "version": "5.2.4",
4
4
  "description": "Azure Pipelines Task SDK",
5
5
  "main": "./task.js",
6
6
  "typings": "./task.d.ts",
@@ -32,17 +32,17 @@
32
32
  "nodejs-file-downloader": "^4.11.1",
33
33
  "q": "^1.5.1",
34
34
  "semver": "^5.7.2",
35
- "shelljs": "^0.8.5",
35
+ "shelljs": "^0.10.0",
36
36
  "uuid": "^3.0.1"
37
37
  },
38
38
  "devDependencies": {
39
39
  "@types/minimatch": "3.0.3",
40
- "@types/mocha": "^9.1.1",
40
+ "@types/mocha": "^10.0.10",
41
41
  "@types/node": "^16.11.39",
42
42
  "@types/q": "^1.5.4",
43
43
  "@types/semver": "^7.3.4",
44
- "@types/shelljs": "^0.8.8",
45
- "mocha": "^9.2.2",
46
- "typescript": "^4.0.0"
44
+ "@types/shelljs": "^0.8.17",
45
+ "mocha": "^11.7.5",
46
+ "typescript": "^4.9.5"
47
47
  }
48
48
  }