azure-pipelines-tasks-webdeployment-common 4.230.5 → 4.230.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/Tests/L0.js +2 -0
  2. package/Tests/L0.ts +2 -0
  3. package/Tests/L1ZipUtility/potentially_malicious.zip +0 -0
  4. package/Tests/L1ZipUtility.d.ts +2 -0
  5. package/Tests/L1ZipUtility.js +23 -0
  6. package/Tests/L1ZipUtility.ts +15 -0
  7. package/package.json +1 -1
  8. package/ziputility.d.ts +1 -1
  9. package/ziputility.js +21 -20
package/Tests/L0.js CHANGED
@@ -10,6 +10,7 @@ const L1JsonVarSub_1 = require("./L1JsonVarSub");
10
10
  const L1JsonVarSubV2_1 = require("./L1JsonVarSubV2");
11
11
  const L1ValidateFileEncoding_1 = require("./L1ValidateFileEncoding");
12
12
  const L0ParameterParserUtility_1 = require("./L0ParameterParserUtility");
13
+ const L1ZipUtility_1 = require("./L1ZipUtility");
13
14
  describe('Web deployment common tests', () => {
14
15
  describe('GetMSDeployCmdArgs tests', L0MSDeployUtility_1.runGetMSDeployCmdArgsTests);
15
16
  describe('GetWebDeployErrorCode tests', L0MSDeployUtility_1.runGetWebDeployErrorCodeTests);
@@ -22,4 +23,5 @@ describe('Web deployment common tests', () => {
22
23
  describe("L1JsonVarSubV2 tests", L1JsonVarSubV2_1.runL1JsonVarSubV2Tests);
23
24
  describe("L1ValidateFileEncoding tests", L1ValidateFileEncoding_1.runL1ValidateFileEncodingTests);
24
25
  describe("ParameterParserUtility tests", L0ParameterParserUtility_1.runParameterParserUtilityTests);
26
+ describe("ZipUtility tests", L1ZipUtility_1.runL1ZipUtilityTests);
25
27
  });
package/Tests/L0.ts CHANGED
@@ -8,6 +8,7 @@ import { runL1JsonVarSubTests } from "./L1JsonVarSub";
8
8
  import { runL1JsonVarSubV2Tests } from "./L1JsonVarSubV2";
9
9
  import { runL1ValidateFileEncodingTests } from "./L1ValidateFileEncoding";
10
10
  import { runParameterParserUtilityTests } from "./L0ParameterParserUtility";
11
+ import { runL1ZipUtilityTests } from "./L1ZipUtility";
11
12
 
12
13
  describe('Web deployment common tests', () => {
13
14
  describe('GetMSDeployCmdArgs tests', runGetMSDeployCmdArgsTests);
@@ -21,4 +22,5 @@ describe('Web deployment common tests', () => {
21
22
  describe("L1JsonVarSubV2 tests", runL1JsonVarSubV2Tests);
22
23
  describe("L1ValidateFileEncoding tests", runL1ValidateFileEncodingTests);
23
24
  describe("ParameterParserUtility tests", runParameterParserUtilityTests);
25
+ describe("ZipUtility tests", runL1ZipUtilityTests);
24
26
  });
package/Tests/L1ZipUtility.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ /// <reference types="mocha" />
2
+ export declare function runL1ZipUtilityTests(this: Mocha.Suite): void;
package/Tests/L1ZipUtility.js ADDED
@@ -0,0 +1,23 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.runL1ZipUtilityTests = void 0;
13
+ const path = require("path");
14
+ const assert = require("assert");
15
+ const ziputility_1 = require("../ziputility");
16
+ function runL1ZipUtilityTests() {
17
+ it("Should skip ZIP entries validation", () => __awaiter(this, void 0, void 0, function* () {
18
+ const archive = path.join(__dirname, 'L1ZipUtility', 'potentially_malicious.zip');
19
+ const exists = yield ziputility_1.checkIfFilesExistsInZip(archive, ['index.html']);
20
+ assert.strictEqual(exists, true);
21
+ }));
22
+ }
23
+ exports.runL1ZipUtilityTests = runL1ZipUtilityTests;
package/Tests/L1ZipUtility.ts ADDED
@@ -0,0 +1,15 @@
1
+ import * as path from 'path';
2
+ import assert = require('assert');
3
+ import { checkIfFilesExistsInZip } from "../ziputility";
4
+
5
+ export function runL1ZipUtilityTests(this: Mocha.Suite): void {
6
+
7
+ it("Should skip ZIP entries validation", async () => {
8
+ const archive = path.join(__dirname, 'L1ZipUtility', 'potentially_malicious.zip');
9
+
10
+ const exists = await checkIfFilesExistsInZip(archive, ['index.html']);
11
+
12
+ assert.strictEqual(exists, true);
13
+ });
14
+
15
+ }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "azure-pipelines-tasks-webdeployment-common",
3
- "version": "4.230.5",
3
+ "version": "4.230.6",
4
4
  "description": "Common Lib for MSDeploy Utility",
5
5
  "repository": {
6
6
  "type": "git",
package/ziputility.d.ts CHANGED
@@ -4,4 +4,4 @@ export declare function archiveFolder(folderPath: any, targetPath: any, zipName:
4
4
  * Returns array of files present in archived package
5
5
  */
6
6
  export declare function getArchivedEntries(archivedPackage: string): Promise<any>;
7
- export declare function checkIfFilesExistsInZip(archivedPackage: string, files: string[]): any;
7
+ export declare function checkIfFilesExistsInZip(archivedPackage: string, files: string[]): Promise<boolean>;
package/ziputility.js CHANGED
@@ -157,27 +157,28 @@ function getArchivedEntries(archivedPackage) {
157
157
  }
158
158
  exports.getArchivedEntries = getArchivedEntries;
159
159
  function checkIfFilesExistsInZip(archivedPackage, files) {
160
- let deferred = Q.defer();
161
- for (let i = 0; i < files.length; i++) {
162
- files[i] = files[i].toLowerCase();
163
- }
164
- const zip = new StreamZip({
165
- file: archivedPackage,
166
- storeEntries: true
167
- });
168
- zip.on('ready', () => {
169
- let fileCount = 0;
170
- for (let entry in zip.entries()) {
171
- if (files.indexOf(entry.toLowerCase()) != -1) {
172
- fileCount += 1;
173
- }
160
+ return new Promise((resolve, reject) => {
161
+ for (let i = 0; i < files.length; i++) {
162
+ files[i] = files[i].toLowerCase();
174
163
  }
175
- zip.close();
176
- deferred.resolve(fileCount == files.length);
177
- });
178
- zip.on('error', error => {
179
- deferred.reject(error);
164
+ const zip = new StreamZip({
165
+ file: archivedPackage,
166
+ storeEntries: true,
167
+ skipEntryNameValidation: true
168
+ });
169
+ zip.on('ready', () => {
170
+ let fileCount = 0;
171
+ for (let entry in zip.entries()) {
172
+ if (files.indexOf(entry.toLowerCase()) !== -1) {
173
+ fileCount++;
174
+ }
175
+ }
176
+ zip.close();
177
+ resolve(fileCount === files.length);
178
+ });
179
+ zip.on('error', error => {
180
+ reject(error);
181
+ });
180
182
  });
181
- return deferred.promise;
182
183
  }
183
184
  exports.checkIfFilesExistsInZip = checkIfFilesExistsInZip;