azure-pipelines-task-lib 5.2.3 → 5.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/internal.js +6 -4
  2. package/package.json +1 -1
  3. package/task.js +17 -1
package/internal.js CHANGED
@@ -919,13 +919,15 @@ exports._exposeCertSettings = _exposeCertSettings;
919
919
  // downstream vsts-node-api will retrieve the secret later
920
920
  function _exposeTaskLibSecret(keyFile, secret) {
921
921
  if (secret) {
922
- var encryptKey = crypto.randomBytes(256);
923
- var cipher = crypto.createCipher("aes-256-ctr", encryptKey);
922
+ var encryptKey = crypto.randomBytes(32);
923
+ var iv = crypto.randomBytes(16);
924
+ var cipher = crypto.createCipheriv("aes-256-ctr", encryptKey, iv);
924
925
  var encryptedContent = cipher.update(secret, "utf8", "hex"); // CodeQL [SM01511] agent need to retrieve password later to connect to proxy server
925
926
  encryptedContent += cipher.final("hex");
926
927
  var storageFile = path.join(_getVariable('Agent.TempDirectory') || _getVariable("agent.workFolder") || process.cwd(), keyFile);
927
- fs.writeFileSync(storageFile, encryptKey.toString('base64'), { encoding: 'utf8' });
928
- return new Buffer(storageFile).toString('base64') + ':' + new Buffer(encryptedContent).toString('base64');
928
+ var keyAndIv = encryptKey.toString('base64') + ':' + iv.toString('base64');
929
+ fs.writeFileSync(storageFile, keyAndIv, { encoding: 'utf8' });
930
+ return Buffer.from(storageFile).toString('base64') + ':' + Buffer.from(encryptedContent).toString('base64');
929
931
  }
930
932
  }
931
933
  function isSigPipeError(e) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "azure-pipelines-task-lib",
3
- "version": "5.2.3",
3
+ "version": "5.2.5",
4
4
  "description": "Azure Pipelines Task SDK",
5
5
  "main": "./task.js",
6
6
  "typings": "./task.d.ts",
package/task.js CHANGED
@@ -977,7 +977,7 @@ function ls(optionsOrPaths) {
977
977
  if (!includeHidden && entrybasename.startsWith('.') && entrybasename !== '.' && entrybasename !== '..') {
978
978
  return "continue";
979
979
  }
980
- var baseDir = pathsCopy.find(function (p) { return entry.startsWith(path.resolve(p)); }) || path.resolve('.');
980
+ var baseDir = safeFind(pathsCopy, function (p) { return entry.startsWith(path.resolve(p)); }) || path.resolve('.');
981
981
  if (fs.lstatSync(entry).isDirectory() && isRecursive) {
982
982
  preparedPaths.push.apply(preparedPaths, fs.readdirSync(entry).map(function (x) { return path.join(entry, x); }));
983
983
  entries.push(path.relative(baseDir, entry));
@@ -2404,3 +2404,19 @@ if (!global['_vsts_task_lib_loaded']) {
2404
2404
  im._exposeProxySettings();
2405
2405
  im._exposeCertSettings();
2406
2406
  }
2407
+ //Helper Functions for internal use only
2408
+ /**
2409
+ * safeFind - safe replacement for Array.prototype.find
2410
+ *
2411
+ * @param {Array} arr - the array to search
2412
+ * @param {Function} predicate - function to test each element, returns true if match
2413
+ * @returns {*} - first element that matches or undefined
2414
+ */
2415
+ function safeFind(arr, predicate) {
2416
+ for (var i = 0; i < arr.length; i++) {
2417
+ if (predicate(arr[i])) {
2418
+ return arr[i];
2419
+ }
2420
+ }
2421
+ return undefined;
2422
+ }