renovate 40.0.0-next.2 → 40.0.0-next.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (294) hide show
  1. package/dist/config/decrypt/legacy.js +0 -1
  2. package/dist/config/decrypt/legacy.js.map +1 -1
  3. package/dist/config/decrypt.d.ts +3 -1
  4. package/dist/config/decrypt.js +56 -13
  5. package/dist/config/decrypt.js.map +1 -1
  6. package/dist/config/migrate-validate.js +3 -2
  7. package/dist/config/migrate-validate.js.map +1 -1
  8. package/dist/config/migration.js +2 -1
  9. package/dist/config/migration.js.map +1 -1
  10. package/dist/config/migrations/custom/rebase-stale-prs-migration.js +1 -1
  11. package/dist/config/migrations/custom/rebase-stale-prs-migration.js.map +1 -1
  12. package/dist/config/options/index.js +3 -3
  13. package/dist/config/options/index.js.map +1 -1
  14. package/dist/config/parse.js +2 -2
  15. package/dist/config/parse.js.map +1 -1
  16. package/dist/config/presets/gitea/index.js +0 -1
  17. package/dist/config/presets/gitea/index.js.map +1 -1
  18. package/dist/config/presets/github/index.js +0 -1
  19. package/dist/config/presets/github/index.js.map +1 -1
  20. package/dist/config/presets/gitlab/index.js +1 -1
  21. package/dist/config/presets/gitlab/index.js.map +1 -1
  22. package/dist/config/presets/http/index.js +1 -2
  23. package/dist/config/presets/http/index.js.map +1 -1
  24. package/dist/config/presets/index.js +0 -7
  25. package/dist/config/presets/index.js.map +1 -1
  26. package/dist/config/presets/internal/custom-managers.js +3 -4
  27. package/dist/config/presets/internal/custom-managers.js.map +1 -1
  28. package/dist/config/presets/internal/index.js +1 -3
  29. package/dist/config/presets/internal/index.js.map +1 -1
  30. package/dist/config/schema.d.ts +2 -2
  31. package/dist/config/validation.js +3 -5
  32. package/dist/config/validation.js.map +1 -1
  33. package/dist/config-validator.js +0 -1
  34. package/dist/config-validator.js.map +1 -1
  35. package/dist/constants/category.js +0 -1
  36. package/dist/constants/category.js.map +1 -1
  37. package/dist/data/monorepo.json +2 -1
  38. package/dist/instrumentation/index.js +5 -3
  39. package/dist/instrumentation/index.js.map +1 -1
  40. package/dist/instrumentation/utils.js +1 -1
  41. package/dist/instrumentation/utils.js.map +1 -1
  42. package/dist/logger/cmd-serializer.js +0 -1
  43. package/dist/logger/cmd-serializer.js.map +1 -1
  44. package/dist/logger/config-serializer.js +0 -1
  45. package/dist/logger/config-serializer.js.map +1 -1
  46. package/dist/logger/index.js +0 -3
  47. package/dist/logger/index.js.map +1 -1
  48. package/dist/logger/once.js +4 -2
  49. package/dist/logger/once.js.map +1 -1
  50. package/dist/logger/pretty-stdout.js +0 -1
  51. package/dist/logger/pretty-stdout.js.map +1 -1
  52. package/dist/logger/renovate-logger.js +1 -1
  53. package/dist/logger/renovate-logger.js.map +1 -1
  54. package/dist/logger/utils.js +6 -11
  55. package/dist/logger/utils.js.map +1 -1
  56. package/dist/modules/datasource/artifactory/index.js +1 -1
  57. package/dist/modules/datasource/artifactory/index.js.map +1 -1
  58. package/dist/modules/datasource/azure-pipelines-tasks/index.js +11 -1
  59. package/dist/modules/datasource/azure-pipelines-tasks/index.js.map +1 -1
  60. package/dist/modules/datasource/azure-pipelines-tasks/schema.d.ts +16 -0
  61. package/dist/modules/datasource/azure-pipelines-tasks/schema.js +2 -0
  62. package/dist/modules/datasource/azure-pipelines-tasks/schema.js.map +1 -1
  63. package/dist/modules/datasource/crate/index.js +1 -1
  64. package/dist/modules/datasource/crate/index.js.map +1 -1
  65. package/dist/modules/datasource/custom/formats/html.js +1 -1
  66. package/dist/modules/datasource/custom/formats/html.js.map +1 -1
  67. package/dist/modules/datasource/custom/formats/yaml.js +1 -1
  68. package/dist/modules/datasource/custom/formats/yaml.js.map +1 -1
  69. package/dist/modules/datasource/custom/schema.d.ts +5 -5
  70. package/dist/modules/datasource/deb/index.js +1 -1
  71. package/dist/modules/datasource/deb/index.js.map +1 -1
  72. package/dist/modules/datasource/deno/schema.d.ts +8 -8
  73. package/dist/modules/datasource/docker/common.js +1 -1
  74. package/dist/modules/datasource/docker/common.js.map +1 -1
  75. package/dist/modules/datasource/docker/index.js +5 -3
  76. package/dist/modules/datasource/docker/index.js.map +1 -1
  77. package/dist/modules/datasource/docker/schema.d.ts +32 -32
  78. package/dist/modules/datasource/galaxy/schema.d.ts +1 -1
  79. package/dist/modules/datasource/galaxy-collection/schema.d.ts +3 -3
  80. package/dist/modules/datasource/gitea-releases/schema.d.ts +4 -4
  81. package/dist/modules/datasource/gitea-tags/schema.d.ts +4 -4
  82. package/dist/modules/datasource/github-release-attachments/index.js +2 -2
  83. package/dist/modules/datasource/github-release-attachments/index.js.map +1 -1
  84. package/dist/modules/datasource/go/base.js +1 -1
  85. package/dist/modules/datasource/go/base.js.map +1 -1
  86. package/dist/modules/datasource/go/releases-goproxy.js +1 -1
  87. package/dist/modules/datasource/go/releases-goproxy.js.map +1 -1
  88. package/dist/modules/datasource/golang-version/index.js +1 -1
  89. package/dist/modules/datasource/golang-version/index.js.map +1 -1
  90. package/dist/modules/datasource/hex/schema.d.ts +11 -11
  91. package/dist/modules/datasource/hexpm-bob/index.js +1 -1
  92. package/dist/modules/datasource/hexpm-bob/index.js.map +1 -1
  93. package/dist/modules/datasource/index.js +2 -2
  94. package/dist/modules/datasource/index.js.map +1 -1
  95. package/dist/modules/datasource/maven/util.js +1 -1
  96. package/dist/modules/datasource/maven/util.js.map +1 -1
  97. package/dist/modules/datasource/nuget/v2.js +1 -1
  98. package/dist/modules/datasource/nuget/v2.js.map +1 -1
  99. package/dist/modules/datasource/nuget/v3.js +1 -1
  100. package/dist/modules/datasource/nuget/v3.js.map +1 -1
  101. package/dist/modules/datasource/packagist/schema.d.ts +30 -30
  102. package/dist/modules/datasource/pod/index.js +1 -1
  103. package/dist/modules/datasource/pod/index.js.map +1 -1
  104. package/dist/modules/datasource/pypi/index.js +1 -1
  105. package/dist/modules/datasource/pypi/index.js.map +1 -1
  106. package/dist/modules/datasource/ruby-version/index.js +1 -1
  107. package/dist/modules/datasource/ruby-version/index.js.map +1 -1
  108. package/dist/modules/datasource/rubygems/index.js +1 -1
  109. package/dist/modules/datasource/rubygems/index.js.map +1 -1
  110. package/dist/modules/datasource/rubygems/versions-endpoint-cache.js +2 -2
  111. package/dist/modules/datasource/rubygems/versions-endpoint-cache.js.map +1 -1
  112. package/dist/modules/datasource/terraform-provider/index.js +1 -1
  113. package/dist/modules/datasource/terraform-provider/index.js.map +1 -1
  114. package/dist/modules/datasource/unity3d/index.d.ts +4 -1
  115. package/dist/modules/datasource/unity3d/index.js +36 -42
  116. package/dist/modules/datasource/unity3d/index.js.map +1 -1
  117. package/dist/modules/datasource/unity3d/schema.d.ts +47 -0
  118. package/dist/modules/datasource/unity3d/schema.js +17 -0
  119. package/dist/modules/datasource/unity3d/schema.js.map +1 -0
  120. package/dist/modules/manager/argocd/schema.d.ts +10 -10
  121. package/dist/modules/manager/azure-pipelines/schema.d.ts +10 -10
  122. package/dist/modules/manager/batect/schema.d.ts +6 -6
  123. package/dist/modules/manager/batect-wrapper/artifacts.js +1 -1
  124. package/dist/modules/manager/batect-wrapper/artifacts.js.map +1 -1
  125. package/dist/modules/manager/bazel/rules/docker.d.ts +9 -9
  126. package/dist/modules/manager/bazel/rules/git.d.ts +10 -10
  127. package/dist/modules/manager/bazel/rules/git.js +7 -1
  128. package/dist/modules/manager/bazel/rules/git.js.map +1 -1
  129. package/dist/modules/manager/bazel/rules/go.d.ts +5 -5
  130. package/dist/modules/manager/bazel/rules/oci.d.ts +3 -3
  131. package/dist/modules/manager/bazel-module/parser/fragments.d.ts +40 -40
  132. package/dist/modules/manager/bazel-module/parser/maven.d.ts +27 -27
  133. package/dist/modules/manager/bazel-module/parser/oci.d.ts +17 -17
  134. package/dist/modules/manager/bazel-module/rules.d.ts +40 -40
  135. package/dist/modules/manager/bundler/artifacts.js.map +1 -1
  136. package/dist/modules/manager/cargo/schema.d.ts +100 -100
  137. package/dist/modules/manager/circleci/schema.d.ts +6 -6
  138. package/dist/modules/manager/composer/schema.d.ts +40 -40
  139. package/dist/modules/manager/composer/utils.js +9 -6
  140. package/dist/modules/manager/composer/utils.js.map +1 -1
  141. package/dist/modules/manager/crossplane/schema.d.ts +2 -2
  142. package/dist/modules/manager/custom/jsonata/index.js +4 -0
  143. package/dist/modules/manager/custom/jsonata/index.js.map +1 -1
  144. package/dist/modules/manager/custom/jsonata/schema.d.ts +7 -7
  145. package/dist/modules/manager/devbox/artifacts.d.ts +1 -1
  146. package/dist/modules/manager/devbox/artifacts.js +29 -11
  147. package/dist/modules/manager/devbox/artifacts.js.map +1 -1
  148. package/dist/modules/manager/fingerprint.generated.js +68 -68
  149. package/dist/modules/manager/fingerprint.generated.js.map +1 -1
  150. package/dist/modules/manager/fleet/schema.d.ts +12 -12
  151. package/dist/modules/manager/flux/schema.d.ts +50 -50
  152. package/dist/modules/manager/glasskube/schema.d.ts +8 -8
  153. package/dist/modules/manager/gradle-wrapper/artifacts.js +1 -1
  154. package/dist/modules/manager/gradle-wrapper/artifacts.js.map +1 -1
  155. package/dist/modules/manager/maven/extract.js +3 -1
  156. package/dist/modules/manager/maven/extract.js.map +1 -1
  157. package/dist/modules/manager/mise/extract.js +1 -1
  158. package/dist/modules/manager/mise/extract.js.map +1 -1
  159. package/dist/modules/manager/nix/schema.d.ts +24 -24
  160. package/dist/modules/manager/npm/schema.d.ts +13 -13
  161. package/dist/modules/manager/nuget/schema.d.ts +8 -8
  162. package/dist/modules/manager/ocb/schema.d.ts +6 -6
  163. package/dist/modules/manager/pep621/schema.d.ts +55 -55
  164. package/dist/modules/manager/pep621/utils.js +1 -1
  165. package/dist/modules/manager/pep621/utils.js.map +1 -1
  166. package/dist/modules/manager/poetry/artifacts.js +3 -3
  167. package/dist/modules/manager/poetry/artifacts.js.map +1 -1
  168. package/dist/modules/manager/poetry/extract.js +2 -1
  169. package/dist/modules/manager/poetry/extract.js.map +1 -1
  170. package/dist/modules/manager/poetry/schema.d.ts +48 -48
  171. package/dist/modules/manager/sveltos/schema.d.ts +12 -12
  172. package/dist/modules/manager/terraform/lockfile/hash.d.ts +1 -1
  173. package/dist/modules/manager/vendir/schema.d.ts +27 -27
  174. package/dist/modules/platform/api.d.ts +1 -1
  175. package/dist/modules/platform/bitbucket/index.d.ts +1 -0
  176. package/dist/modules/platform/bitbucket/index.js +6 -1
  177. package/dist/modules/platform/bitbucket/index.js.map +1 -1
  178. package/dist/modules/platform/bitbucket/schema.d.ts +17 -17
  179. package/dist/modules/platform/bitbucket-server/index.d.ts +1 -1
  180. package/dist/modules/platform/bitbucket-server/index.js +13 -11
  181. package/dist/modules/platform/bitbucket-server/index.js.map +1 -1
  182. package/dist/modules/platform/bitbucket-server/schema.d.ts +75 -0
  183. package/dist/modules/platform/bitbucket-server/schema.js +14 -1
  184. package/dist/modules/platform/bitbucket-server/schema.js.map +1 -1
  185. package/dist/modules/platform/bitbucket-server/types.d.ts +2 -1
  186. package/dist/modules/platform/bitbucket-server/types.js.map +1 -1
  187. package/dist/modules/platform/bitbucket-server/utils.d.ts +0 -2
  188. package/dist/modules/platform/bitbucket-server/utils.js +1 -51
  189. package/dist/modules/platform/bitbucket-server/utils.js.map +1 -1
  190. package/dist/modules/platform/gerrit/client.js +1 -1
  191. package/dist/modules/platform/gerrit/client.js.map +1 -1
  192. package/dist/modules/platform/gitea/index.d.ts +1 -0
  193. package/dist/modules/platform/gitea/index.js +11 -0
  194. package/dist/modules/platform/gitea/index.js.map +1 -1
  195. package/dist/modules/platform/gitea/schema.d.ts +8 -8
  196. package/dist/modules/platform/github/common.d.ts +2 -0
  197. package/dist/modules/platform/github/common.js +16 -0
  198. package/dist/modules/platform/github/common.js.map +1 -1
  199. package/dist/modules/platform/github/index.d.ts +1 -1
  200. package/dist/modules/platform/github/index.js +6 -4
  201. package/dist/modules/platform/github/index.js.map +1 -1
  202. package/dist/modules/platform/github/issue.d.ts +12 -12
  203. package/dist/modules/platform/github/schema.d.ts +65 -65
  204. package/dist/modules/platform/gitlab/index.d.ts +1 -0
  205. package/dist/modules/platform/gitlab/index.js +9 -0
  206. package/dist/modules/platform/gitlab/index.js.map +1 -1
  207. package/dist/modules/platform/scm.d.ts +1 -1
  208. package/dist/modules/versioning/composer/index.js +10 -0
  209. package/dist/modules/versioning/composer/index.js.map +1 -1
  210. package/dist/modules/versioning/npm/index.js +2 -1
  211. package/dist/modules/versioning/npm/index.js.map +1 -1
  212. package/dist/modules/versioning/schema.js +1 -1
  213. package/dist/modules/versioning/schema.js.map +1 -1
  214. package/dist/modules/versioning/types.d.ts +4 -0
  215. package/dist/modules/versioning/types.js.map +1 -1
  216. package/dist/proxy.js +2 -1
  217. package/dist/proxy.js.map +1 -1
  218. package/dist/renovate.js +2 -2
  219. package/dist/renovate.js.map +1 -1
  220. package/dist/util/cache/package/decorator.js +2 -2
  221. package/dist/util/cache/package/decorator.js.map +1 -1
  222. package/dist/util/cache/package/redis.js +0 -1
  223. package/dist/util/cache/package/redis.js.map +1 -1
  224. package/dist/util/cache/repository/impl/base.d.ts +1 -1
  225. package/dist/util/exec/containerbase.js +12 -12
  226. package/dist/util/exec/containerbase.js.map +1 -1
  227. package/dist/util/github/graphql/query-adapters/releases-query-adapter.d.ts +5 -5
  228. package/dist/util/http/auth.js +0 -1
  229. package/dist/util/http/auth.js.map +1 -1
  230. package/dist/util/http/bitbucket-server.d.ts +5 -4
  231. package/dist/util/http/bitbucket-server.js +17 -20
  232. package/dist/util/http/bitbucket-server.js.map +1 -1
  233. package/dist/util/http/bitbucket.d.ts +6 -5
  234. package/dist/util/http/bitbucket.js +30 -31
  235. package/dist/util/http/bitbucket.js.map +1 -1
  236. package/dist/util/http/cache/abstract-http-cache-provider.js +1 -1
  237. package/dist/util/http/cache/abstract-http-cache-provider.js.map +1 -1
  238. package/dist/util/http/cache/schema.d.ts +2 -2
  239. package/dist/util/http/errors.d.ts +2 -0
  240. package/dist/util/http/errors.js +8 -0
  241. package/dist/util/http/errors.js.map +1 -0
  242. package/dist/util/http/gerrit.d.ts +6 -4
  243. package/dist/util/http/gerrit.js +11 -12
  244. package/dist/util/http/gerrit.js.map +1 -1
  245. package/dist/util/http/gitea.d.ts +5 -4
  246. package/dist/util/http/gitea.js +12 -13
  247. package/dist/util/http/gitea.js.map +1 -1
  248. package/dist/util/http/github.d.ts +14 -8
  249. package/dist/util/http/github.js +64 -60
  250. package/dist/util/http/github.js.map +1 -1
  251. package/dist/util/http/gitlab.d.ts +7 -5
  252. package/dist/util/http/gitlab.js +56 -46
  253. package/dist/util/http/gitlab.js.map +1 -1
  254. package/dist/util/http/got.d.ts +9 -0
  255. package/dist/util/http/got.js +54 -0
  256. package/dist/util/http/got.js.map +1 -0
  257. package/dist/util/http/host-rules.d.ts +2 -1
  258. package/dist/util/http/host-rules.js.map +1 -1
  259. package/dist/util/http/http.d.ts +93 -0
  260. package/dist/util/http/http.js +339 -0
  261. package/dist/util/http/http.js.map +1 -0
  262. package/dist/util/http/index.d.ts +6 -74
  263. package/dist/util/http/index.js +5 -359
  264. package/dist/util/http/index.js.map +1 -1
  265. package/dist/util/http/legacy.js +4 -1
  266. package/dist/util/http/legacy.js.map +1 -1
  267. package/dist/util/http/types.d.ts +9 -16
  268. package/dist/util/http/types.js.map +1 -1
  269. package/dist/util/string.d.ts +15 -0
  270. package/dist/util/string.js +75 -0
  271. package/dist/util/string.js.map +1 -1
  272. package/dist/util/toml.d.ts +1 -0
  273. package/dist/util/toml.js +6 -0
  274. package/dist/util/toml.js.map +1 -1
  275. package/dist/util/url.js +3 -8
  276. package/dist/util/url.js.map +1 -1
  277. package/dist/util/yaml.js +2 -6
  278. package/dist/util/yaml.js.map +1 -1
  279. package/dist/workers/global/config/parse/env.js +3 -2
  280. package/dist/workers/global/config/parse/env.js.map +1 -1
  281. package/dist/workers/global/config/parse/file.js +19 -9
  282. package/dist/workers/global/config/parse/file.js.map +1 -1
  283. package/dist/workers/global/config/parse/host-rules-from-env.js +6 -2
  284. package/dist/workers/global/config/parse/host-rules-from-env.js.map +1 -1
  285. package/dist/workers/repository/cache.js +0 -1
  286. package/dist/workers/repository/cache.js.map +1 -1
  287. package/dist/workers/repository/onboarding/pr/config-description.js +3 -1
  288. package/dist/workers/repository/onboarding/pr/config-description.js.map +1 -1
  289. package/dist/workers/repository/update/pr/changelog/bitbucket/index.js +1 -1
  290. package/dist/workers/repository/update/pr/changelog/bitbucket/index.js.map +1 -1
  291. package/dist/workers/repository/update/pr/changelog/gitlab/index.js +1 -1
  292. package/dist/workers/repository/update/pr/changelog/gitlab/index.js.map +1 -1
  293. package/package.json +44 -49
  294. package/renovate-schema.json +2 -1
package/dist/config/decrypt/legacy.js CHANGED
@@ -3,7 +3,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.tryDecryptPublicKeyPKCS1 = tryDecryptPublicKeyPKCS1;
4
4
  exports.tryDecryptPublicKeyDefault = tryDecryptPublicKeyDefault;
5
5
  const tslib_1 = require("tslib");
6
- /** istanbul ignore file */
7
6
  const node_crypto_1 = tslib_1.__importDefault(require("node:crypto"));
8
7
  const logger_1 = require("../../logger");
9
8
  function tryDecryptPublicKeyPKCS1(privateKey, encryptedStr) {
package/dist/config/decrypt/legacy.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"legacy.js","sourceRoot":"","sources":["../../../lib/config/decrypt/legacy.ts"],"names":[],"mappings":";;AAIA,4DAmBC;AAED,gEAcC;;AAvCD,2BAA2B;AAC3B,sEAAiC;AACjC,yCAAsC;AAEtC,SAAgB,wBAAwB,CACtC,UAAkB,EAClB,YAAoB;IAEpB,IAAI,YAAY,GAAkB,IAAI,CAAC;IACvC,IAAI,CAAC;QACH,YAAY,GAAG,qBAAM;aAClB,cAAc,CACb;YACE,GAAG,EAAE,UAAU;YACf,OAAO,EAAE,qBAAM,CAAC,SAAS,CAAC,iBAAiB;SAC5C,EACD,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CACpC;aACA,QAAQ,EAAE,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,eAAM,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAgB,0BAA0B,CACxC,UAAkB,EAClB,YAAoB;IAEpB,IAAI,YAAY,GAAkB,IAAI,CAAC;IACvC,IAAI,CAAC;QACH,YAAY,GAAG,qBAAM;aAClB,cAAc,CAAC,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;aAC/D,QAAQ,EAAE,CAAC;QACd,eAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC1D,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC","sourcesContent":["/** istanbul ignore file */\nimport crypto from 'node:crypto';\nimport { logger } from '../../logger';\n\nexport function tryDecryptPublicKeyPKCS1(\n privateKey: string,\n encryptedStr: string,\n): string | null {\n let decryptedStr: string | null = null;\n try {\n decryptedStr = crypto\n .privateDecrypt(\n {\n key: privateKey,\n padding: crypto.constants.RSA_PKCS1_PADDING,\n },\n Buffer.from(encryptedStr, 'base64'),\n )\n .toString();\n } catch {\n logger.debug('Could not decrypt using PKCS1 padding');\n }\n return decryptedStr;\n}\n\nexport function tryDecryptPublicKeyDefault(\n privateKey: string,\n encryptedStr: string,\n): string | null {\n let decryptedStr: string | null = null;\n try {\n decryptedStr = crypto\n .privateDecrypt(privateKey, Buffer.from(encryptedStr, 'base64'))\n .toString();\n logger.debug('Decrypted config using default padding');\n } catch {\n logger.debug('Could not decrypt using default padding');\n }\n return decryptedStr;\n}\n"]}
1
+ {"version":3,"file":"legacy.js","sourceRoot":"","sources":["../../../lib/config/decrypt/legacy.ts"],"names":[],"mappings":";;AAGA,4DAmBC;AAED,gEAcC;;AAtCD,sEAAiC;AACjC,yCAAsC;AAEtC,SAAgB,wBAAwB,CACtC,UAAkB,EAClB,YAAoB;IAEpB,IAAI,YAAY,GAAkB,IAAI,CAAC;IACvC,IAAI,CAAC;QACH,YAAY,GAAG,qBAAM;aAClB,cAAc,CACb;YACE,GAAG,EAAE,UAAU;YACf,OAAO,EAAE,qBAAM,CAAC,SAAS,CAAC,iBAAiB;SAC5C,EACD,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CACpC;aACA,QAAQ,EAAE,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,eAAM,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAgB,0BAA0B,CACxC,UAAkB,EAClB,YAAoB;IAEpB,IAAI,YAAY,GAAkB,IAAI,CAAC;IACvC,IAAI,CAAC;QACH,YAAY,GAAG,qBAAM;aAClB,cAAc,CAAC,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;aAC/D,QAAQ,EAAE,CAAC;QACd,eAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC1D,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC","sourcesContent":["import crypto from 'node:crypto';\nimport { logger } from '../../logger';\n\nexport function tryDecryptPublicKeyPKCS1(\n privateKey: string,\n encryptedStr: string,\n): string | null {\n let decryptedStr: string | null = null;\n try {\n decryptedStr = crypto\n .privateDecrypt(\n {\n key: privateKey,\n padding: crypto.constants.RSA_PKCS1_PADDING,\n },\n Buffer.from(encryptedStr, 'base64'),\n )\n .toString();\n } catch {\n logger.debug('Could not decrypt using PKCS1 padding');\n }\n return decryptedStr;\n}\n\nexport function tryDecryptPublicKeyDefault(\n privateKey: string,\n encryptedStr: string,\n): string | null {\n let decryptedStr: string | null = null;\n try {\n decryptedStr = crypto\n .privateDecrypt(privateKey, Buffer.from(encryptedStr, 'base64'))\n .toString();\n logger.debug('Decrypted config using default padding');\n } catch {\n logger.debug('Could not decrypt using default padding');\n }\n return decryptedStr;\n}\n"]}
package/dist/config/decrypt.d.ts CHANGED
@@ -1,3 +1,5 @@
1
1
  import type { RenovateConfig } from './types';
2
2
  export declare function tryDecrypt(privateKey: string, encryptedStr: string, repository: string, keyName: string): Promise<string | null>;
3
- export declare function decryptConfig(config: RenovateConfig, repository: string): Promise<RenovateConfig>;
3
+ export declare function validateDecryptedValue(decryptedObjStr: string, repository: string): string | null;
4
+ export declare function decryptConfig(config: RenovateConfig, repository: string, existingPath?: string): Promise<RenovateConfig>;
5
+ export declare function getAzureCollection(): string | undefined;
package/dist/config/decrypt.js CHANGED
@@ -1,7 +1,9 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.tryDecrypt = tryDecrypt;
4
+ exports.validateDecryptedValue = validateDecryptedValue;
4
5
  exports.decryptConfig = decryptConfig;
6
+ exports.getAzureCollection = getAzureCollection;
5
7
  const tslib_1 = require("tslib");
6
8
  const is_1 = tslib_1.__importDefault(require("@sindresorhus/is"));
7
9
  const error_messages_1 = require("../constants/error-messages");
@@ -31,10 +33,11 @@ async function tryDecrypt(privateKey, encryptedStr, repository, keyName) {
31
33
  }
32
34
  else {
33
35
  decryptedStr = (0, legacy_1.tryDecryptPublicKeyPKCS1)(privateKey, encryptedStr);
34
- // istanbul ignore if
36
+ /* v8 ignore start: not testable */
35
37
  if (is_1.default.string(decryptedStr)) {
36
38
  logger_1.logger.warn({ keyName }, 'Encrypted value is using deprecated PKCS1 padding, please change to using PGP encryption.');
37
39
  }
40
+ /* v8 ignore stop */
38
41
  }
39
42
  }
40
43
  return decryptedStr;
@@ -42,7 +45,6 @@ async function tryDecrypt(privateKey, encryptedStr, repository, keyName) {
42
45
  function validateDecryptedValue(decryptedObjStr, repository) {
43
46
  try {
44
47
  const decryptedObj = schema_1.DecryptedObject.safeParse(decryptedObjStr);
45
- // istanbul ignore if
46
48
  if (!decryptedObj.success) {
47
49
  const error = new Error('config-validation');
48
50
  error.validationError = `Could not parse decrypted config.`;
@@ -59,6 +61,14 @@ function validateDecryptedValue(decryptedObjStr, repository) {
59
61
  error.validationError = `Encrypted value in config is missing a scope.`;
60
62
  throw error;
61
63
  }
64
+ const repositories = [repository.toUpperCase()];
65
+ const azureCollection = getAzureCollection();
66
+ if (is_1.default.nonEmptyString(azureCollection)) {
67
+ // used for full 'org/project/repo' matching
68
+ repositories.push(`${azureCollection}/${repository}`.toUpperCase());
69
+ // used for org prefix matching without repo
70
+ repositories.push(`${azureCollection}/*/`.toUpperCase());
71
+ }
62
72
  const orgPrefixes = org
63
73
  .split(',')
64
74
  .map((o) => o.trim())
@@ -66,8 +76,10 @@ function validateDecryptedValue(decryptedObjStr, repository) {
66
76
  .map((o) => (0, url_1.ensureTrailingSlash)(o));
67
77
  if (is_1.default.nonEmptyString(repo)) {
68
78
  const scopedRepos = orgPrefixes.map((orgPrefix) => `${orgPrefix}${repo}`.toUpperCase());
69
- if (scopedRepos.some((r) => r === repository.toUpperCase())) {
70
- return value;
79
+ for (const rp of repositories) {
80
+ if (scopedRepos.some((r) => r === rp)) {
81
+ return value;
82
+ }
71
83
  }
72
84
  logger_1.logger.debug({ scopedRepos }, 'Secret is scoped to a different repository');
73
85
  const error = new Error('config-validation');
@@ -76,8 +88,13 @@ function validateDecryptedValue(decryptedObjStr, repository) {
76
88
  throw error;
77
89
  }
78
90
  // no scoped repos, only org
79
- if (orgPrefixes.some((orgPrefix) => repository.toUpperCase().startsWith(orgPrefix))) {
80
- return value;
91
+ const azcol = azureCollection === undefined
92
+ ? undefined
93
+ : (0, url_1.ensureTrailingSlash)(azureCollection).toUpperCase();
94
+ for (const rp of repositories) {
95
+ if (orgPrefixes.some((orgPrefix) => rp.startsWith(orgPrefix) && orgPrefix !== azcol)) {
96
+ return value;
97
+ }
81
98
  }
82
99
  logger_1.logger.debug({ orgPrefixes }, 'Secret is scoped to a different org');
83
100
  const error = new Error('config-validation');
@@ -90,21 +107,22 @@ function validateDecryptedValue(decryptedObjStr, repository) {
90
107
  }
91
108
  return null;
92
109
  }
93
- async function decryptConfig(config, repository) {
110
+ async function decryptConfig(config, repository, existingPath = '$') {
94
111
  logger_1.logger.trace({ config }, 'decryptConfig()');
95
112
  const decryptedConfig = { ...config };
96
113
  const privateKey = global_1.GlobalConfig.get('privateKey');
97
114
  const privateKeyOld = global_1.GlobalConfig.get('privateKeyOld');
98
115
  for (const [key, val] of Object.entries(config)) {
99
116
  if (key === 'encrypted' && is_1.default.object(val)) {
100
- logger_1.logger.debug({ config: val }, 'Found encrypted config');
117
+ const path = `${existingPath}.${key}`;
118
+ logger_1.logger.debug({ config: val }, `Found encrypted config in ${path}`);
101
119
  const encryptedWarning = global_1.GlobalConfig.get('encryptedWarning');
102
120
  if (is_1.default.string(encryptedWarning)) {
103
121
  logger_1.logger.once.warn(encryptedWarning);
104
122
  }
105
123
  if (privateKey) {
106
124
  for (const [eKey, eVal] of Object.entries(val)) {
107
- logger_1.logger.debug('Trying to decrypt ' + eKey);
125
+ logger_1.logger.debug(`Trying to decrypt ${eKey} in ${path}`);
108
126
  let decryptedStr = await tryDecrypt(privateKey, eVal, repository, eKey);
109
127
  if (privateKeyOld && !is_1.default.nonEmptyString(decryptedStr)) {
110
128
  logger_1.logger.debug(`Trying to decrypt with old private key`);
@@ -115,7 +133,7 @@ async function decryptConfig(config, repository) {
115
133
  error.validationError = `Failed to decrypt field ${eKey}. Please re-encrypt and try again.`;
116
134
  throw error;
117
135
  }
118
- logger_1.logger.debug(`Decrypted ${eKey}`);
136
+ logger_1.logger.debug(`Decrypted ${eKey} in ${path}`);
119
137
  if (eKey === 'npmToken') {
120
138
  const token = decryptedStr.replace((0, regex_1.regEx)(/\n$/), '');
121
139
  decryptedConfig[eKey] = token;
@@ -149,9 +167,10 @@ Refer to migration documents here: https://docs.renovatebot.com/mend-hosted/migr
149
167
  }
150
168
  else if (is_1.default.array(val)) {
151
169
  decryptedConfig[key] = [];
152
- for (const item of val) {
170
+ for (const [index, item] of val.entries()) {
153
171
  if (is_1.default.object(item) && !is_1.default.array(item)) {
154
- decryptedConfig[key].push(await decryptConfig(item, repository));
172
+ const path = `${existingPath}.${key}[${index}]`;
173
+ decryptedConfig[key].push(await decryptConfig(item, repository, path));
155
174
  }
156
175
  else {
157
176
  decryptedConfig[key].push(item);
@@ -159,11 +178,35 @@ Refer to migration documents here: https://docs.renovatebot.com/mend-hosted/migr
159
178
  }
160
179
  }
161
180
  else if (is_1.default.object(val) && key !== 'content') {
162
- decryptedConfig[key] = await decryptConfig(val, repository);
181
+ const path = `${existingPath}.${key}`;
182
+ decryptedConfig[key] = await decryptConfig(val, repository, path);
163
183
  }
164
184
  }
165
185
  delete decryptedConfig.encrypted;
166
186
  logger_1.logger.trace({ config: decryptedConfig }, 'decryptedConfig');
167
187
  return decryptedConfig;
168
188
  }
189
+ function getAzureCollection() {
190
+ const platform = global_1.GlobalConfig.get('platform');
191
+ if (platform !== 'azure') {
192
+ return undefined;
193
+ }
194
+ const endpoint = global_1.GlobalConfig.get('endpoint');
195
+ const endpointUrl = (0, url_1.parseUrl)(endpoint);
196
+ if (endpointUrl === null) {
197
+ // should not happen
198
+ logger_1.logger.warn({ endpoint }, 'Unable to parse endpoint for token decryption');
199
+ return undefined;
200
+ }
201
+ const azureCollection = (0, url_1.trimSlashes)(endpointUrl.pathname);
202
+ if (!is_1.default.nonEmptyString(azureCollection)) {
203
+ logger_1.logger.debug({ endpoint }, 'Unable to find azure collection name from URL');
204
+ return undefined;
205
+ }
206
+ if (azureCollection.startsWith('tfs/')) {
207
+ // Azure DevOps Server
208
+ return azureCollection.substring(4);
209
+ }
210
+ return azureCollection;
211
+ }
169
212
  //# sourceMappingURL=decrypt.js.map
package/dist/config/decrypt.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"decrypt.js","sourceRoot":"","sources":["../../lib/config/decrypt.ts"],"names":[],"mappings":";;AAgBA,gCAkCC;AAuED,sCAyFC;;AAlND,kEAAkC;AAClC,gEAAgE;AAChE,sCAAmC;AACnC,yCAAsC;AACtC,+CAA0D;AAC1D,qCAAkD;AAClD,2CAAkD;AAClD,6CAG0B;AAC1B,+CAAsD;AACtD,qCAAwC;AACxC,qCAA2C;AAGpC,KAAK,UAAU,UAAU,CAC9B,UAAkB,EAClB,YAAoB,EACpB,UAAkB,EAClB,OAAe;IAEf,IAAI,YAAY,GAAkB,IAAI,CAAC;IACvC,IAAI,UAAU,EAAE,UAAU,CAAC,uCAAuC,CAAC,EAAE,CAAC;QACpE,MAAM,eAAe,GACnB,OAAO,CAAC,GAAG,CAAC,sBAAsB,KAAK,MAAM;YAC3C,CAAC,CAAC,MAAM,IAAA,2BAAiB,EAAC,UAAU,EAAE,YAAY,CAAC;YACnD,CAAC,CAAC,MAAM,IAAA,uBAAe,EAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QACtD,IAAI,eAAe,EAAE,CAAC;YACpB,YAAY,GAAG,sBAAsB,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;SAAM,CAAC;QACN,YAAY,GAAG,IAAA,mCAA0B,EAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QACpE,IAAI,YAAE,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC;YAC5B,eAAM,CAAC,IAAI,CACT,EAAE,OAAO,EAAE,EACX,6FAA6F,CAC9F,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,YAAY,GAAG,IAAA,iCAAwB,EAAC,UAAU,EAAE,YAAY,CAAC,CAAC;YAClE,qBAAqB;YACrB,IAAI,YAAE,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC5B,eAAM,CAAC,IAAI,CACT,EAAE,OAAO,EAAE,EACX,2FAA2F,CAC5F,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,sBAAsB,CAC7B,eAAuB,EACvB,UAAkB;IAElB,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,wBAAe,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAChE,qBAAqB;QACrB,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;YAC1B,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC7C,KAAK,CAAC,eAAe,GAAG,mCAAmC,CAAC;YAC5D,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC;QAExD,IAAI,CAAC,YAAE,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC7C,KAAK,CAAC,eAAe,GAAG,+CAA+C,CAAC;YACxE,MAAM,KAAK,CAAC;QACd,CAAC;QAED,IAAI,CAAC,YAAE,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5B,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC7C,KAAK,CAAC,eAAe,GAAG,+CAA+C,CAAC;YACxE,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAM,WAAW,GAAG,GAAG;aACpB,KAAK,CAAC,GAAG,CAAC;aACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;aAC3B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,yBAAmB,EAAC,CAAC,CAAC,CAAC,CAAC;QAEtC,IAAI,YAAE,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAChD,GAAG,SAAS,GAAG,IAAI,EAAE,CAAC,WAAW,EAAE,CACpC,CAAC;YACF,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,UAAU,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBAC5D,OAAO,KAAK,CAAC;YACf,CAAC;YACD,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,EACf,4CAA4C,CAC7C,CAAC;YACF,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC7C,MAAM,WAAW,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC1C,KAAK,CAAC,eAAe,GAAG,0DAA0D,WAAW,IAAI,CAAC;YAClG,MAAM,KAAK,CAAC;QACd,CAAC;QAED,4BAA4B;QAC5B,IACE,WAAW,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAC7B,UAAU,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,CAC/C,EACD,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,eAAM,CAAC,KAAK,CAAC,EAAE,WAAW,EAAE,EAAE,qCAAqC,CAAC,CAAC;QACrE,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QAC7C,MAAM,WAAW,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1C,KAAK,CAAC,eAAe,GAAG,mDAAmD,WAAW,IAAI,CAAC;QAC3F,MAAM,KAAK,CAAC;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,eAAM,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,EAAE,kCAAkC,CAAC,CAAC;IAC3D,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAEM,KAAK,UAAU,aAAa,CACjC,MAAsB,EACtB,UAAkB;IAElB,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,EAAE,iBAAiB,CAAC,CAAC;IAC5C,MAAM,eAAe,GAAG,EAAE,GAAG,MAAM,EAAE,CAAC;IACtC,MAAM,UAAU,GAAG,qBAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,qBAAY,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACxD,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAChD,IAAI,GAAG,KAAK,WAAW,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1C,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,wBAAwB,CAAC,CAAC;YAExD,MAAM,gBAAgB,GAAG,qBAAY,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YAC9D,IAAI,YAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBAChC,eAAM,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YACrC,CAAC;YAED,IAAI,UAAU,EAAE,CAAC;gBACf,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC/C,eAAM,CAAC,KAAK,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;oBAC1C,IAAI,YAAY,GAAG,MAAM,UAAU,CACjC,UAAU,EACV,IAAI,EACJ,UAAU,EACV,IAAI,CACL,CAAC;oBACF,IAAI,aAAa,IAAI,CAAC,YAAE,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,CAAC;wBACtD,eAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;wBACvD,YAAY,GAAG,MAAM,UAAU,CAC7B,aAAa,EACb,IAAI,EACJ,UAAU,EACV,IAAI,CACL,CAAC;oBACJ,CAAC;oBACD,IAAI,CAAC,YAAE,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,CAAC;wBACrC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;wBAC7C,KAAK,CAAC,eAAe,GAAG,2BAA2B,IAAI,oCAAoC,CAAC;wBAC5F,MAAM,KAAK,CAAC;oBACd,CAAC;oBACD,eAAM,CAAC,KAAK,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC;oBAClC,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;wBACxB,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,CAAC,IAAA,aAAK,EAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;wBACrD,eAAe,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;wBAC9B,IAAA,iCAAsB,EAAC,KAAK,CAAC,CAAC;oBAChC,CAAC;yBAAM,CAAC;wBACN,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC;wBACrC,IAAA,iCAAsB,EAAC,YAAY,CAAC,CAAC;oBACvC,CAAC;gBACH,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,OAAO,CAAC,GAAG,CAAC,2BAA2B,KAAK,MAAM,EAAE,CAAC;oBACvD,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,kCAAiB,CAAC,CAAC;oBAC3C,KAAK,CAAC,gBAAgB,GAAG,QAAQ,CAAC;oBAClC,KAAK,CAAC,eAAe,GAAG,8BAA8B,CAAC;oBACvD,KAAK,CAAC,iBAAiB,GAAG,4DAA4D,GAAG,sJAAsJ,CAAC;oBAChP,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,MAAM,EAAE,CAAC;wBACvC,KAAK,CAAC,iBAAiB,GAAG;;;+FAGyD,CAAC;oBACtF,CAAC;oBACD,MAAM,KAAK,CAAC;gBACd,CAAC;qBAAM,CAAC;oBACN,eAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;gBACzD,CAAC;YACH,CAAC;YACD,OAAO,eAAe,CAAC,SAAS,CAAC;QACnC,CAAC;aAAM,IAAI,YAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;YAC1B,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;gBACvB,IAAI,YAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAE,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;oBACtC,eAAe,CAAC,GAAG,CAAsB,CAAC,IAAI,CAC7C,MAAM,aAAa,CAAC,IAAsB,EAAE,UAAU,CAAC,CACxD,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACL,eAAe,CAAC,GAAG,CAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjD,CAAC;YACH,CAAC;QACH,CAAC;aAAM,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YAC/C,eAAe,CAAC,GAAG,CAAC,GAAG,MAAM,aAAa,CACxC,GAAqB,EACrB,UAAU,CACX,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,eAAe,CAAC,SAAS,CAAC;IACjC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,EAAE,iBAAiB,CAAC,CAAC;IAC7D,OAAO,eAAe,CAAC;AACzB,CAAC","sourcesContent":["import is from '@sindresorhus/is';\nimport { CONFIG_VALIDATION } from '../constants/error-messages';\nimport { logger } from '../logger';\nimport { regEx } from '../util/regex';\nimport { addSecretForSanitizing } from '../util/sanitize';\nimport { ensureTrailingSlash } from '../util/url';\nimport { tryDecryptKbPgp } from './decrypt/kbpgp';\nimport {\n tryDecryptPublicKeyDefault,\n tryDecryptPublicKeyPKCS1,\n} from './decrypt/legacy';\nimport { tryDecryptOpenPgp } from './decrypt/openpgp';\nimport { GlobalConfig } from './global';\nimport { DecryptedObject } from './schema';\nimport type { RenovateConfig } from './types';\n\nexport async function tryDecrypt(\n privateKey: string,\n encryptedStr: string,\n repository: string,\n keyName: string,\n): Promise<string | null> {\n let decryptedStr: string | null = null;\n if (privateKey?.startsWith('-----BEGIN PGP PRIVATE KEY BLOCK-----')) {\n const decryptedObjStr =\n process.env.RENOVATE_X_USE_OPENPGP === 'true'\n ? await tryDecryptOpenPgp(privateKey, encryptedStr)\n : await tryDecryptKbPgp(privateKey, encryptedStr);\n if (decryptedObjStr) {\n decryptedStr = validateDecryptedValue(decryptedObjStr, repository);\n }\n } else {\n decryptedStr = tryDecryptPublicKeyDefault(privateKey, encryptedStr);\n if (is.string(decryptedStr)) {\n logger.warn(\n { keyName },\n 'Encrypted value is using deprecated default padding, please change to using PGP encryption.',\n );\n } else {\n decryptedStr = tryDecryptPublicKeyPKCS1(privateKey, encryptedStr);\n // istanbul ignore if\n if (is.string(decryptedStr)) {\n logger.warn(\n { keyName },\n 'Encrypted value is using deprecated PKCS1 padding, please change to using PGP encryption.',\n );\n }\n }\n }\n return decryptedStr;\n}\n\nfunction validateDecryptedValue(\n decryptedObjStr: string,\n repository: string,\n): string | null {\n try {\n const decryptedObj = DecryptedObject.safeParse(decryptedObjStr);\n // istanbul ignore if\n if (!decryptedObj.success) {\n const error = new Error('config-validation');\n error.validationError = `Could not parse decrypted config.`;\n throw error;\n }\n\n const { o: org, r: repo, v: value } = decryptedObj.data;\n\n if (!is.nonEmptyString(value)) {\n const error = new Error('config-validation');\n error.validationError = `Encrypted value in config is missing a value.`;\n throw error;\n }\n\n if (!is.nonEmptyString(org)) {\n const error = new Error('config-validation');\n error.validationError = `Encrypted value in config is missing a scope.`;\n throw error;\n }\n\n const orgPrefixes = org\n .split(',')\n .map((o) => o.trim())\n .map((o) => o.toUpperCase())\n .map((o) => ensureTrailingSlash(o));\n\n if (is.nonEmptyString(repo)) {\n const scopedRepos = orgPrefixes.map((orgPrefix) =>\n `${orgPrefix}${repo}`.toUpperCase(),\n );\n if (scopedRepos.some((r) => r === repository.toUpperCase())) {\n return value;\n }\n logger.debug(\n { scopedRepos },\n 'Secret is scoped to a different repository',\n );\n const error = new Error('config-validation');\n const scopeString = scopedRepos.join(',');\n error.validationError = `Encrypted secret is scoped to a different repository: \"${scopeString}\".`;\n throw error;\n }\n\n // no scoped repos, only org\n if (\n orgPrefixes.some((orgPrefix) =>\n repository.toUpperCase().startsWith(orgPrefix),\n )\n ) {\n return value;\n }\n logger.debug({ orgPrefixes }, 'Secret is scoped to a different org');\n const error = new Error('config-validation');\n const scopeString = orgPrefixes.join(',');\n error.validationError = `Encrypted secret is scoped to a different org: \"${scopeString}\".`;\n throw error;\n } catch (err) {\n logger.warn({ err }, 'Could not parse decrypted string');\n }\n return null;\n}\n\nexport async function decryptConfig(\n config: RenovateConfig,\n repository: string,\n): Promise<RenovateConfig> {\n logger.trace({ config }, 'decryptConfig()');\n const decryptedConfig = { ...config };\n const privateKey = GlobalConfig.get('privateKey');\n const privateKeyOld = GlobalConfig.get('privateKeyOld');\n for (const [key, val] of Object.entries(config)) {\n if (key === 'encrypted' && is.object(val)) {\n logger.debug({ config: val }, 'Found encrypted config');\n\n const encryptedWarning = GlobalConfig.get('encryptedWarning');\n if (is.string(encryptedWarning)) {\n logger.once.warn(encryptedWarning);\n }\n\n if (privateKey) {\n for (const [eKey, eVal] of Object.entries(val)) {\n logger.debug('Trying to decrypt ' + eKey);\n let decryptedStr = await tryDecrypt(\n privateKey,\n eVal,\n repository,\n eKey,\n );\n if (privateKeyOld && !is.nonEmptyString(decryptedStr)) {\n logger.debug(`Trying to decrypt with old private key`);\n decryptedStr = await tryDecrypt(\n privateKeyOld,\n eVal,\n repository,\n eKey,\n );\n }\n if (!is.nonEmptyString(decryptedStr)) {\n const error = new Error('config-validation');\n error.validationError = `Failed to decrypt field ${eKey}. Please re-encrypt and try again.`;\n throw error;\n }\n logger.debug(`Decrypted ${eKey}`);\n if (eKey === 'npmToken') {\n const token = decryptedStr.replace(regEx(/\\n$/), '');\n decryptedConfig[eKey] = token;\n addSecretForSanitizing(token);\n } else {\n decryptedConfig[eKey] = decryptedStr;\n addSecretForSanitizing(decryptedStr);\n }\n }\n } else {\n if (process.env.RENOVATE_X_ENCRYPTED_STRICT === 'true') {\n const error = new Error(CONFIG_VALIDATION);\n error.validationSource = 'config';\n error.validationError = 'Encrypted config unsupported';\n error.validationMessage = `This config contains an encrypted object at location \\`$.${key}\\` but no privateKey is configured. To support encrypted config, the Renovate administrator must configure a \\`privateKey\\` in Global Configuration.`;\n if (process.env.MEND_HOSTED === 'true') {\n error.validationMessage = `Mend-hosted Renovate Apps no longer support the use of encrypted secrets in Renovate file config (e.g. renovate.json).\nPlease migrate all secrets to the Developer Portal using the web UI available at https://developer.mend.io/\n\nRefer to migration documents here: https://docs.renovatebot.com/mend-hosted/migrating-secrets/`;\n }\n throw error;\n } else {\n logger.error('Found encrypted data but no privateKey');\n }\n }\n delete decryptedConfig.encrypted;\n } else if (is.array(val)) {\n decryptedConfig[key] = [];\n for (const item of val) {\n if (is.object(item) && !is.array(item)) {\n (decryptedConfig[key] as RenovateConfig[]).push(\n await decryptConfig(item as RenovateConfig, repository),\n );\n } else {\n (decryptedConfig[key] as unknown[]).push(item);\n }\n }\n } else if (is.object(val) && key !== 'content') {\n decryptedConfig[key] = await decryptConfig(\n val as RenovateConfig,\n repository,\n );\n }\n }\n delete decryptedConfig.encrypted;\n logger.trace({ config: decryptedConfig }, 'decryptedConfig');\n return decryptedConfig;\n}\n"]}
1
+ {"version":3,"file":"decrypt.js","sourceRoot":"","sources":["../../lib/config/decrypt.ts"],"names":[],"mappings":";;AAgBA,gCAmCC;AAED,wDAqFC;AAED,sCA8FC;AAED,gDAyBC;;AArQD,kEAAkC;AAClC,gEAAgE;AAChE,sCAAmC;AACnC,yCAAsC;AACtC,+CAA0D;AAC1D,qCAAyE;AACzE,2CAAkD;AAClD,6CAG0B;AAC1B,+CAAsD;AACtD,qCAAwC;AACxC,qCAA2C;AAGpC,KAAK,UAAU,UAAU,CAC9B,UAAkB,EAClB,YAAoB,EACpB,UAAkB,EAClB,OAAe;IAEf,IAAI,YAAY,GAAkB,IAAI,CAAC;IACvC,IAAI,UAAU,EAAE,UAAU,CAAC,uCAAuC,CAAC,EAAE,CAAC;QACpE,MAAM,eAAe,GACnB,OAAO,CAAC,GAAG,CAAC,sBAAsB,KAAK,MAAM;YAC3C,CAAC,CAAC,MAAM,IAAA,2BAAiB,EAAC,UAAU,EAAE,YAAY,CAAC;YACnD,CAAC,CAAC,MAAM,IAAA,uBAAe,EAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QACtD,IAAI,eAAe,EAAE,CAAC;YACpB,YAAY,GAAG,sBAAsB,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;SAAM,CAAC;QACN,YAAY,GAAG,IAAA,mCAA0B,EAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QACpE,IAAI,YAAE,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC;YAC5B,eAAM,CAAC,IAAI,CACT,EAAE,OAAO,EAAE,EACX,6FAA6F,CAC9F,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,YAAY,GAAG,IAAA,iCAAwB,EAAC,UAAU,EAAE,YAAY,CAAC,CAAC;YAClE,mCAAmC;YACnC,IAAI,YAAE,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC5B,eAAM,CAAC,IAAI,CACT,EAAE,OAAO,EAAE,EACX,2FAA2F,CAC5F,CAAC;YACJ,CAAC;YACD,oBAAoB;QACtB,CAAC;IACH,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAgB,sBAAsB,CACpC,eAAuB,EACvB,UAAkB;IAElB,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,wBAAe,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAChE,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;YAC1B,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC7C,KAAK,CAAC,eAAe,GAAG,mCAAmC,CAAC;YAC5D,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC;QAExD,IAAI,CAAC,YAAE,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC7C,KAAK,CAAC,eAAe,GAAG,+CAA+C,CAAC;YACxE,MAAM,KAAK,CAAC;QACd,CAAC;QAED,IAAI,CAAC,YAAE,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5B,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC7C,KAAK,CAAC,eAAe,GAAG,+CAA+C,CAAC;YACxE,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAM,YAAY,GAAG,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,CAAC;QAEhD,MAAM,eAAe,GAAG,kBAAkB,EAAE,CAAC;QAC7C,IAAI,YAAE,CAAC,cAAc,CAAC,eAAe,CAAC,EAAE,CAAC;YACvC,4CAA4C;YAC5C,YAAY,CAAC,IAAI,CAAC,GAAG,eAAe,IAAI,UAAU,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YACpE,4CAA4C;YAC5C,YAAY,CAAC,IAAI,CAAC,GAAG,eAAe,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,WAAW,GAAG,GAAG;aACpB,KAAK,CAAC,GAAG,CAAC;aACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;aAC3B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,yBAAmB,EAAC,CAAC,CAAC,CAAC,CAAC;QAEtC,IAAI,YAAE,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAChD,GAAG,SAAS,GAAG,IAAI,EAAE,CAAC,WAAW,EAAE,CACpC,CAAC;YACF,KAAK,MAAM,EAAE,IAAI,YAAY,EAAE,CAAC;gBAC9B,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC;oBACtC,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,EACf,4CAA4C,CAC7C,CAAC;YACF,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC7C,MAAM,WAAW,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC1C,KAAK,CAAC,eAAe,GAAG,0DAA0D,WAAW,IAAI,CAAC;YAClG,MAAM,KAAK,CAAC;QACd,CAAC;QAED,4BAA4B;QAC5B,MAAM,KAAK,GACT,eAAe,KAAK,SAAS;YAC3B,CAAC,CAAC,SAAS;YACX,CAAC,CAAC,IAAA,yBAAmB,EAAC,eAAe,CAAC,CAAC,WAAW,EAAE,CAAC;QACzD,KAAK,MAAM,EAAE,IAAI,YAAY,EAAE,CAAC;YAC9B,IACE,WAAW,CAAC,IAAI,CACd,CAAC,SAAS,EAAE,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,SAAS,KAAK,KAAK,CAC/D,EACD,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,eAAM,CAAC,KAAK,CAAC,EAAE,WAAW,EAAE,EAAE,qCAAqC,CAAC,CAAC;QACrE,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QAC7C,MAAM,WAAW,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1C,KAAK,CAAC,eAAe,GAAG,mDAAmD,WAAW,IAAI,CAAC;QAC3F,MAAM,KAAK,CAAC;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,eAAM,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,EAAE,kCAAkC,CAAC,CAAC;IAC3D,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAEM,KAAK,UAAU,aAAa,CACjC,MAAsB,EACtB,UAAkB,EAClB,YAAY,GAAG,GAAG;IAElB,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,EAAE,iBAAiB,CAAC,CAAC;IAC5C,MAAM,eAAe,GAAG,EAAE,GAAG,MAAM,EAAE,CAAC;IACtC,MAAM,UAAU,GAAG,qBAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,qBAAY,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACxD,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAChD,IAAI,GAAG,KAAK,WAAW,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,GAAG,YAAY,IAAI,GAAG,EAAE,CAAC;YACtC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,6BAA6B,IAAI,EAAE,CAAC,CAAC;YAEnE,MAAM,gBAAgB,GAAG,qBAAY,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YAC9D,IAAI,YAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBAChC,eAAM,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YACrC,CAAC;YAED,IAAI,UAAU,EAAE,CAAC;gBACf,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC/C,eAAM,CAAC,KAAK,CAAC,qBAAqB,IAAI,OAAO,IAAI,EAAE,CAAC,CAAC;oBACrD,IAAI,YAAY,GAAG,MAAM,UAAU,CACjC,UAAU,EACV,IAAI,EACJ,UAAU,EACV,IAAI,CACL,CAAC;oBACF,IAAI,aAAa,IAAI,CAAC,YAAE,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,CAAC;wBACtD,eAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;wBACvD,YAAY,GAAG,MAAM,UAAU,CAC7B,aAAa,EACb,IAAI,EACJ,UAAU,EACV,IAAI,CACL,CAAC;oBACJ,CAAC;oBACD,IAAI,CAAC,YAAE,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,CAAC;wBACrC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;wBAC7C,KAAK,CAAC,eAAe,GAAG,2BAA2B,IAAI,oCAAoC,CAAC;wBAC5F,MAAM,KAAK,CAAC;oBACd,CAAC;oBACD,eAAM,CAAC,KAAK,CAAC,aAAa,IAAI,OAAO,IAAI,EAAE,CAAC,CAAC;oBAC7C,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;wBACxB,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,CAAC,IAAA,aAAK,EAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;wBACrD,eAAe,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;wBAC9B,IAAA,iCAAsB,EAAC,KAAK,CAAC,CAAC;oBAChC,CAAC;yBAAM,CAAC;wBACN,eAAe,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC;wBACrC,IAAA,iCAAsB,EAAC,YAAY,CAAC,CAAC;oBACvC,CAAC;gBACH,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,OAAO,CAAC,GAAG,CAAC,2BAA2B,KAAK,MAAM,EAAE,CAAC;oBACvD,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,kCAAiB,CAAC,CAAC;oBAC3C,KAAK,CAAC,gBAAgB,GAAG,QAAQ,CAAC;oBAClC,KAAK,CAAC,eAAe,GAAG,8BAA8B,CAAC;oBACvD,KAAK,CAAC,iBAAiB,GAAG,4DAA4D,GAAG,sJAAsJ,CAAC;oBAChP,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,MAAM,EAAE,CAAC;wBACvC,KAAK,CAAC,iBAAiB,GAAG;;;+FAGyD,CAAC;oBACtF,CAAC;oBACD,MAAM,KAAK,CAAC;gBACd,CAAC;qBAAM,CAAC;oBACN,eAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;gBACzD,CAAC;YACH,CAAC;YACD,OAAO,eAAe,CAAC,SAAS,CAAC;QACnC,CAAC;aAAM,IAAI,YAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;YAC1B,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC;gBAC1C,IAAI,YAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAE,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;oBACvC,MAAM,IAAI,GAAG,GAAG,YAAY,IAAI,GAAG,IAAI,KAAK,GAAG,CAAC;oBAC/C,eAAe,CAAC,GAAG,CAAsB,CAAC,IAAI,CAC7C,MAAM,aAAa,CAAC,IAAsB,EAAE,UAAU,EAAE,IAAI,CAAC,CAC9D,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACL,eAAe,CAAC,GAAG,CAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjD,CAAC;YACH,CAAC;QACH,CAAC;aAAM,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YAC/C,MAAM,IAAI,GAAG,GAAG,YAAY,IAAI,GAAG,EAAE,CAAC;YACtC,eAAe,CAAC,GAAG,CAAC,GAAG,MAAM,aAAa,CACxC,GAAqB,EACrB,UAAU,EACV,IAAI,CACL,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,eAAe,CAAC,SAAS,CAAC;IACjC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,EAAE,iBAAiB,CAAC,CAAC;IAC7D,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAgB,kBAAkB;IAChC,MAAM,QAAQ,GAAG,qBAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC9C,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QACzB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,QAAQ,GAAG,qBAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC9C,MAAM,WAAW,GAAG,IAAA,cAAQ,EAAC,QAAQ,CAAC,CAAC;IACvC,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;QACzB,oBAAoB;QACpB,eAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,EAAE,+CAA+C,CAAC,CAAC;QAC3E,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,eAAe,GAAG,IAAA,iBAAW,EAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC1D,IAAI,CAAC,YAAE,CAAC,cAAc,CAAC,eAAe,CAAC,EAAE,CAAC;QACxC,eAAM,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,EAAE,+CAA+C,CAAC,CAAC;QAC5E,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAI,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACvC,sBAAsB;QACtB,OAAO,eAAe,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC","sourcesContent":["import is from '@sindresorhus/is';\nimport { CONFIG_VALIDATION } from '../constants/error-messages';\nimport { logger } from '../logger';\nimport { regEx } from '../util/regex';\nimport { addSecretForSanitizing } from '../util/sanitize';\nimport { ensureTrailingSlash, parseUrl, trimSlashes } from '../util/url';\nimport { tryDecryptKbPgp } from './decrypt/kbpgp';\nimport {\n tryDecryptPublicKeyDefault,\n tryDecryptPublicKeyPKCS1,\n} from './decrypt/legacy';\nimport { tryDecryptOpenPgp } from './decrypt/openpgp';\nimport { GlobalConfig } from './global';\nimport { DecryptedObject } from './schema';\nimport type { RenovateConfig } from './types';\n\nexport async function tryDecrypt(\n privateKey: string,\n encryptedStr: string,\n repository: string,\n keyName: string,\n): Promise<string | null> {\n let decryptedStr: string | null = null;\n if (privateKey?.startsWith('-----BEGIN PGP PRIVATE KEY BLOCK-----')) {\n const decryptedObjStr =\n process.env.RENOVATE_X_USE_OPENPGP === 'true'\n ? await tryDecryptOpenPgp(privateKey, encryptedStr)\n : await tryDecryptKbPgp(privateKey, encryptedStr);\n if (decryptedObjStr) {\n decryptedStr = validateDecryptedValue(decryptedObjStr, repository);\n }\n } else {\n decryptedStr = tryDecryptPublicKeyDefault(privateKey, encryptedStr);\n if (is.string(decryptedStr)) {\n logger.warn(\n { keyName },\n 'Encrypted value is using deprecated default padding, please change to using PGP encryption.',\n );\n } else {\n decryptedStr = tryDecryptPublicKeyPKCS1(privateKey, encryptedStr);\n /* v8 ignore start: not testable */\n if (is.string(decryptedStr)) {\n logger.warn(\n { keyName },\n 'Encrypted value is using deprecated PKCS1 padding, please change to using PGP encryption.',\n );\n }\n /* v8 ignore stop */\n }\n }\n return decryptedStr;\n}\n\nexport function validateDecryptedValue(\n decryptedObjStr: string,\n repository: string,\n): string | null {\n try {\n const decryptedObj = DecryptedObject.safeParse(decryptedObjStr);\n if (!decryptedObj.success) {\n const error = new Error('config-validation');\n error.validationError = `Could not parse decrypted config.`;\n throw error;\n }\n\n const { o: org, r: repo, v: value } = decryptedObj.data;\n\n if (!is.nonEmptyString(value)) {\n const error = new Error('config-validation');\n error.validationError = `Encrypted value in config is missing a value.`;\n throw error;\n }\n\n if (!is.nonEmptyString(org)) {\n const error = new Error('config-validation');\n error.validationError = `Encrypted value in config is missing a scope.`;\n throw error;\n }\n\n const repositories = [repository.toUpperCase()];\n\n const azureCollection = getAzureCollection();\n if (is.nonEmptyString(azureCollection)) {\n // used for full 'org/project/repo' matching\n repositories.push(`${azureCollection}/${repository}`.toUpperCase());\n // used for org prefix matching without repo\n repositories.push(`${azureCollection}/*/`.toUpperCase());\n }\n\n const orgPrefixes = org\n .split(',')\n .map((o) => o.trim())\n .map((o) => o.toUpperCase())\n .map((o) => ensureTrailingSlash(o));\n\n if (is.nonEmptyString(repo)) {\n const scopedRepos = orgPrefixes.map((orgPrefix) =>\n `${orgPrefix}${repo}`.toUpperCase(),\n );\n for (const rp of repositories) {\n if (scopedRepos.some((r) => r === rp)) {\n return value;\n }\n }\n\n logger.debug(\n { scopedRepos },\n 'Secret is scoped to a different repository',\n );\n const error = new Error('config-validation');\n const scopeString = scopedRepos.join(',');\n error.validationError = `Encrypted secret is scoped to a different repository: \"${scopeString}\".`;\n throw error;\n }\n\n // no scoped repos, only org\n const azcol =\n azureCollection === undefined\n ? undefined\n : ensureTrailingSlash(azureCollection).toUpperCase();\n for (const rp of repositories) {\n if (\n orgPrefixes.some(\n (orgPrefix) => rp.startsWith(orgPrefix) && orgPrefix !== azcol,\n )\n ) {\n return value;\n }\n }\n logger.debug({ orgPrefixes }, 'Secret is scoped to a different org');\n const error = new Error('config-validation');\n const scopeString = orgPrefixes.join(',');\n error.validationError = `Encrypted secret is scoped to a different org: \"${scopeString}\".`;\n throw error;\n } catch (err) {\n logger.warn({ err }, 'Could not parse decrypted string');\n }\n return null;\n}\n\nexport async function decryptConfig(\n config: RenovateConfig,\n repository: string,\n existingPath = '$',\n): Promise<RenovateConfig> {\n logger.trace({ config }, 'decryptConfig()');\n const decryptedConfig = { ...config };\n const privateKey = GlobalConfig.get('privateKey');\n const privateKeyOld = GlobalConfig.get('privateKeyOld');\n for (const [key, val] of Object.entries(config)) {\n if (key === 'encrypted' && is.object(val)) {\n const path = `${existingPath}.${key}`;\n logger.debug({ config: val }, `Found encrypted config in ${path}`);\n\n const encryptedWarning = GlobalConfig.get('encryptedWarning');\n if (is.string(encryptedWarning)) {\n logger.once.warn(encryptedWarning);\n }\n\n if (privateKey) {\n for (const [eKey, eVal] of Object.entries(val)) {\n logger.debug(`Trying to decrypt ${eKey} in ${path}`);\n let decryptedStr = await tryDecrypt(\n privateKey,\n eVal,\n repository,\n eKey,\n );\n if (privateKeyOld && !is.nonEmptyString(decryptedStr)) {\n logger.debug(`Trying to decrypt with old private key`);\n decryptedStr = await tryDecrypt(\n privateKeyOld,\n eVal,\n repository,\n eKey,\n );\n }\n if (!is.nonEmptyString(decryptedStr)) {\n const error = new Error('config-validation');\n error.validationError = `Failed to decrypt field ${eKey}. Please re-encrypt and try again.`;\n throw error;\n }\n logger.debug(`Decrypted ${eKey} in ${path}`);\n if (eKey === 'npmToken') {\n const token = decryptedStr.replace(regEx(/\\n$/), '');\n decryptedConfig[eKey] = token;\n addSecretForSanitizing(token);\n } else {\n decryptedConfig[eKey] = decryptedStr;\n addSecretForSanitizing(decryptedStr);\n }\n }\n } else {\n if (process.env.RENOVATE_X_ENCRYPTED_STRICT === 'true') {\n const error = new Error(CONFIG_VALIDATION);\n error.validationSource = 'config';\n error.validationError = 'Encrypted config unsupported';\n error.validationMessage = `This config contains an encrypted object at location \\`$.${key}\\` but no privateKey is configured. To support encrypted config, the Renovate administrator must configure a \\`privateKey\\` in Global Configuration.`;\n if (process.env.MEND_HOSTED === 'true') {\n error.validationMessage = `Mend-hosted Renovate Apps no longer support the use of encrypted secrets in Renovate file config (e.g. renovate.json).\nPlease migrate all secrets to the Developer Portal using the web UI available at https://developer.mend.io/\n\nRefer to migration documents here: https://docs.renovatebot.com/mend-hosted/migrating-secrets/`;\n }\n throw error;\n } else {\n logger.error('Found encrypted data but no privateKey');\n }\n }\n delete decryptedConfig.encrypted;\n } else if (is.array(val)) {\n decryptedConfig[key] = [];\n for (const [index, item] of val.entries()) {\n if (is.object(item) && !is.array(item)) {\n const path = `${existingPath}.${key}[${index}]`;\n (decryptedConfig[key] as RenovateConfig[]).push(\n await decryptConfig(item as RenovateConfig, repository, path),\n );\n } else {\n (decryptedConfig[key] as unknown[]).push(item);\n }\n }\n } else if (is.object(val) && key !== 'content') {\n const path = `${existingPath}.${key}`;\n decryptedConfig[key] = await decryptConfig(\n val as RenovateConfig,\n repository,\n path,\n );\n }\n }\n delete decryptedConfig.encrypted;\n logger.trace({ config: decryptedConfig }, 'decryptedConfig');\n return decryptedConfig;\n}\n\nexport function getAzureCollection(): string | undefined {\n const platform = GlobalConfig.get('platform');\n if (platform !== 'azure') {\n return undefined;\n }\n\n const endpoint = GlobalConfig.get('endpoint');\n const endpointUrl = parseUrl(endpoint);\n if (endpointUrl === null) {\n // should not happen\n logger.warn({ endpoint }, 'Unable to parse endpoint for token decryption');\n return undefined;\n }\n\n const azureCollection = trimSlashes(endpointUrl.pathname);\n if (!is.nonEmptyString(azureCollection)) {\n logger.debug({ endpoint }, 'Unable to find azure collection name from URL');\n return undefined;\n }\n\n if (azureCollection.startsWith('tfs/')) {\n // Azure DevOps Server\n return azureCollection.substring(4);\n }\n return azureCollection;\n}\n"]}
package/dist/config/migrate-validate.js CHANGED
@@ -24,7 +24,7 @@ async function migrateAndValidate(config, input) {
24
24
  logger_1.logger.debug({ config: massagedConfig }, 'Post-massage config');
25
25
  }
26
26
  const { warnings, errors, } = await configValidation.validateConfig('repo', massagedConfig);
27
- // istanbul ignore if
27
+ /* v8 ignore start: hard to test */
28
28
  if (is_1.default.nonEmptyArray(warnings)) {
29
29
  logger_1.logger.warn({ warnings }, 'Found renovate config warnings');
30
30
  }
@@ -36,8 +36,9 @@ async function migrateAndValidate(config, input) {
36
36
  massagedConfig.warnings = (config.warnings ?? []).concat(warnings);
37
37
  }
38
38
  return massagedConfig;
39
+ /* v8 ignore next 3: TODO: test me */
39
40
  }
40
- catch (err) /* istanbul ignore next */ {
41
+ catch (err) {
41
42
  logger_1.logger.debug({ config: input }, 'migrateAndValidate error');
42
43
  throw err;
43
44
  }
package/dist/config/migrate-validate.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"migrate-validate.js","sourceRoot":"","sources":["../../lib/config/migrate-validate.ts"],"names":[],"mappings":";;AAQA,gDA2CC;;AAnDD,kEAAkC;AAClC,mCAAgC;AAChC,sCAAmC;AACnC,iEAA2C;AAC3C,qEAA+C;AAE/C,uEAAiD;AAE1C,KAAK,UAAU,kBAAkB,CACtC,MAAsB,EACtB,KAAqB;IAErB,eAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;IACrC,IAAI,CAAC;QACH,MAAM,EAAE,UAAU,EAAE,cAAc,EAAE,GAAG,eAAe,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAC5E,IAAI,UAAU,EAAE,CAAC;YACf,eAAM,CAAC,KAAK,CACV,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,EAC/C,4BAA4B,CAC7B,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,eAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAChD,CAAC;QACD,MAAM,cAAc,GAAG,aAAa,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QACnE,2BAA2B;QAC3B,IAAI,CAAC,IAAA,eAAM,EAAC,KAAK,EAAE,cAAc,CAAC,EAAE,CAAC;YACnC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,EAAE,qBAAqB,CAAC,CAAC;QAClE,CAAC;QACD,MAAM,EACJ,QAAQ,EACR,MAAM,GACP,GAGG,MAAM,gBAAgB,CAAC,cAAc,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAClE,qBAAqB;QACrB,IAAI,YAAE,CAAC,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/B,eAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,EAAE,gCAAgC,CAAC,CAAC;QAC9D,CAAC;QACD,IAAI,YAAE,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7B,eAAM,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,8BAA8B,CAAC,CAAC;QAC1D,CAAC;QACD,cAAc,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;YAC5B,cAAc,CAAC,QAAQ,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrE,CAAC;QACD,OAAO,cAAc,CAAC;IACxB,CAAC;IAAC,OAAO,GAAG,EAAE,0BAA0B,CAAC,CAAC;QACxC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,0BAA0B,CAAC,CAAC;QAC5D,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC","sourcesContent":["import is from '@sindresorhus/is';\nimport { dequal } from 'dequal';\nimport { logger } from '../logger';\nimport * as configMassage from './massage';\nimport * as configMigration from './migration';\nimport type { RenovateConfig, ValidationMessage } from './types';\nimport * as configValidation from './validation';\n\nexport async function migrateAndValidate(\n config: RenovateConfig,\n input: RenovateConfig,\n): Promise<RenovateConfig> {\n logger.debug('migrateAndValidate()');\n try {\n const { isMigrated, migratedConfig } = configMigration.migrateConfig(input);\n if (isMigrated) {\n logger.debug(\n { oldConfig: input, newConfig: migratedConfig },\n 'Config migration necessary',\n );\n } else {\n logger.debug('No config migration necessary');\n }\n const massagedConfig = configMassage.massageConfig(migratedConfig);\n // log only if it's changed\n if (!dequal(input, massagedConfig)) {\n logger.debug({ config: massagedConfig }, 'Post-massage config');\n }\n const {\n warnings,\n errors,\n }: {\n warnings: ValidationMessage[];\n errors: ValidationMessage[];\n } = await configValidation.validateConfig('repo', massagedConfig);\n // istanbul ignore if\n if (is.nonEmptyArray(warnings)) {\n logger.warn({ warnings }, 'Found renovate config warnings');\n }\n if (is.nonEmptyArray(errors)) {\n logger.info({ errors }, 'Found renovate config errors');\n }\n massagedConfig.errors = (config.errors ?? []).concat(errors);\n if (!config.repoIsOnboarded) {\n massagedConfig.warnings = (config.warnings ?? []).concat(warnings);\n }\n return massagedConfig;\n } catch (err) /* istanbul ignore next */ {\n logger.debug({ config: input }, 'migrateAndValidate error');\n throw err;\n }\n}\n"]}
1
+ {"version":3,"file":"migrate-validate.js","sourceRoot":"","sources":["../../lib/config/migrate-validate.ts"],"names":[],"mappings":";;AAQA,gDA4CC;;AApDD,kEAAkC;AAClC,mCAAgC;AAChC,sCAAmC;AACnC,iEAA2C;AAC3C,qEAA+C;AAE/C,uEAAiD;AAE1C,KAAK,UAAU,kBAAkB,CACtC,MAAsB,EACtB,KAAqB;IAErB,eAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;IACrC,IAAI,CAAC;QACH,MAAM,EAAE,UAAU,EAAE,cAAc,EAAE,GAAG,eAAe,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAC5E,IAAI,UAAU,EAAE,CAAC;YACf,eAAM,CAAC,KAAK,CACV,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,EAC/C,4BAA4B,CAC7B,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,eAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAChD,CAAC;QACD,MAAM,cAAc,GAAG,aAAa,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QACnE,2BAA2B;QAC3B,IAAI,CAAC,IAAA,eAAM,EAAC,KAAK,EAAE,cAAc,CAAC,EAAE,CAAC;YACnC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,EAAE,qBAAqB,CAAC,CAAC;QAClE,CAAC;QACD,MAAM,EACJ,QAAQ,EACR,MAAM,GACP,GAGG,MAAM,gBAAgB,CAAC,cAAc,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAClE,mCAAmC;QACnC,IAAI,YAAE,CAAC,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/B,eAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,EAAE,gCAAgC,CAAC,CAAC;QAC9D,CAAC;QACD,IAAI,YAAE,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7B,eAAM,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,8BAA8B,CAAC,CAAC;QAC1D,CAAC;QACD,cAAc,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;YAC5B,cAAc,CAAC,QAAQ,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrE,CAAC;QACD,OAAO,cAAc,CAAC;QACtB,qCAAqC;IACvC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,0BAA0B,CAAC,CAAC;QAC5D,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC","sourcesContent":["import is from '@sindresorhus/is';\nimport { dequal } from 'dequal';\nimport { logger } from '../logger';\nimport * as configMassage from './massage';\nimport * as configMigration from './migration';\nimport type { RenovateConfig, ValidationMessage } from './types';\nimport * as configValidation from './validation';\n\nexport async function migrateAndValidate(\n config: RenovateConfig,\n input: RenovateConfig,\n): Promise<RenovateConfig> {\n logger.debug('migrateAndValidate()');\n try {\n const { isMigrated, migratedConfig } = configMigration.migrateConfig(input);\n if (isMigrated) {\n logger.debug(\n { oldConfig: input, newConfig: migratedConfig },\n 'Config migration necessary',\n );\n } else {\n logger.debug('No config migration necessary');\n }\n const massagedConfig = configMassage.massageConfig(migratedConfig);\n // log only if it's changed\n if (!dequal(input, massagedConfig)) {\n logger.debug({ config: massagedConfig }, 'Post-massage config');\n }\n const {\n warnings,\n errors,\n }: {\n warnings: ValidationMessage[];\n errors: ValidationMessage[];\n } = await configValidation.validateConfig('repo', massagedConfig);\n /* v8 ignore start: hard to test */\n if (is.nonEmptyArray(warnings)) {\n logger.warn({ warnings }, 'Found renovate config warnings');\n }\n if (is.nonEmptyArray(errors)) {\n logger.info({ errors }, 'Found renovate config errors');\n }\n massagedConfig.errors = (config.errors ?? []).concat(errors);\n if (!config.repoIsOnboarded) {\n massagedConfig.warnings = (config.warnings ?? []).concat(warnings);\n }\n return massagedConfig;\n /* v8 ignore next 3: TODO: test me */\n } catch (err) {\n logger.debug({ config: input }, 'migrateAndValidate error');\n throw err;\n }\n}\n"]}
package/dist/config/migration.js CHANGED
@@ -166,8 +166,9 @@ function migrateConfig(config, parentKey) {
166
166
  };
167
167
  }
168
168
  return { isMigrated, migratedConfig };
169
+ /* v8 ignore next 4: TODO: test me */
169
170
  }
170
- catch (err) /* istanbul ignore next */ {
171
+ catch (err) {
171
172
  logger_1.logger.debug({ config, err }, 'migrateConfig() error');
172
173
  throw err;
173
174
  }
package/dist/config/migration.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"migration.js","sourceRoot":"","sources":["../../lib/config/migration.ts"],"names":[],"mappings":";;AAiBA,sCAEC;AAID,sCAmLC;;AA1MD,kEAAkC;AAClC,mCAAgC;AAChC,sCAAmC;AACnC,yCAAsC;AACtC,yCAAsC;AACtC,6CAAiD;AACjD,uCAAuC;AAQvC,mCAA2C;AAE3C,MAAM,OAAO,GAAG,IAAA,oBAAU,GAAE,CAAC;AAC7B,SAAgB,aAAa,CAAC,KAAa;IACzC,OAAO,KAAK,CAAC,OAAO,CAAC,IAAA,aAAK,EAAC,mBAAmB,CAAC,EAAE,SAAS,CAAC,CAAC;AAC9D,CAAC;AAED,IAAI,WAAoD,CAAC;AACzD,4BAA4B;AAC5B,SAAgB,aAAa,CAC3B,MAAsB,EACtB,SAAkB;IAElB,IAAI,CAAC;QACH,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,WAAW,GAAG,EAAE,CAAC;YACjB,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;gBACzB,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC;YACzC,CAAC,CAAC,CAAC;QACL,CAAC;QACD,MAAM,SAAS,GAAG,8BAAiB,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,IAAA,aAAK,EAAC,SAAS,CAA2B,CAAC;QAElE,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;YACnD,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBAClD,cAAc,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,CAC/B,IAAA,aAAK,EAAC,cAAc,CAAC,EACrB,oBAAoB,CACrB,CAAC;YACJ,CAAC;iBAAM,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBAC5D,cAAc,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,CAC/B,IAAA,aAAK,EAAC,iBAAiB,CAAC,EACxB,iBAAiB,CAClB,CAAC;YACJ,CAAC;iBAAM,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC9D,cAAc,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,CAC/B,IAAA,aAAK,EAAC,mBAAmB,CAAC,EAC1B,aAAa,CACd,CAAC;YACJ,CAAC;iBAAM,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBAClE,cAAc,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,CAC/B,oBAAoB,EACpB,sHAAsH,CACvH,CAAC;YACJ,CAAC;iBAAM,IAAI,WAAW,CAAC,GAAG,CAAC,KAAK,QAAQ,IAAI,YAAE,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC5D,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;YACzC,CAAC;iBAAM,IAAI,WAAW,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;gBAC1C,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;oBACnB,cAAc,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;gBAC7B,CAAC;qBAAM,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;oBAC3B,cAAc,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;gBAC9B,CAAC;YACH,CAAC;iBAAM,IACL,WAAW,CAAC,GAAG,CAAC,KAAK,QAAQ;gBAC7B,YAAE,CAAC,KAAK,CAAC,GAAG,CAAC;gBACb,GAAG,CAAC,MAAM,KAAK,CAAC,EAChB,CAAC;gBACD,cAAc,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACvC,CAAC;iBAAM,IAAI,YAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;gBACzB,IAAI,YAAE,CAAC,KAAK,CAAC,cAAc,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;oBACpC,MAAM,QAAQ,GAAG,EAAE,CAAC;oBACpB,KAAK,MAAM,IAAI,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;wBACvC,IAAI,YAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAE,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;4BACvC,MAAM,UAAU,GAAG,aAAa,CAAC,IAAsB,CAAC,CAAC;4BACzD,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;wBAC3C,CAAC;6BAAM,CAAC;4BACN,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBACtB,CAAC;oBACH,CAAC;oBACD,cAAc,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC;gBACjC,CAAC;YACH,CAAC;iBAAM,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1B,MAAM,UAAU,GAAG,aAAa,CAC9B,cAAc,CAAC,GAAG,CAAmB,EACrC,GAAG,CACJ,CAAC;gBACF,IAAI,UAAU,CAAC,UAAU,EAAE,CAAC;oBAC1B,cAAc,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,cAAc,CAAC;gBAClD,CAAC;YACH,CAAC;YAED,MAAM,iBAAiB,GAAG;gBACxB,WAAW,EAAE,gBAAgB;gBAC7B,aAAa,EAAE,UAAU;gBACzB,aAAa,EAAE,UAAU;gBACzB,eAAe,EAAE,UAAU;gBAC3B,eAAe,EAAE,UAAU;gBAC3B,SAAS,EAAE,YAAY;aACxB,CAAC;YACF,IAAI,YAAE,CAAC,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBACnC,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC3D,cAAc,CAAC,GAAG,CAAC,GAAI,cAAc,CAAC,GAAG,CAAY,CAAC,OAAO,CAC3D,IAAA,aAAK,EAAC,IAAI,EAAE,GAAG,CAAC,EAChB,EAAE,CACH,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QACD,MAAM,SAAS,GAAG;YAChB,QAAQ;YACR,QAAQ;YACR,QAAQ;YACR,MAAM;YACN,IAAI;YACJ,MAAM;YACN,KAAK;YACL,QAAQ;YACR,MAAM;YACN,MAAM;SACP,CAAC;QACF,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,IAAI,YAAE,CAAC,cAAc,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;gBAChD,cAAc,CAAC,YAAY,KAAK,EAAE,CAAC;gBACnC,MAAM,cAAc,GAAG,cAAc,CAAC,QAAQ,CAAQ,CAAC;gBACvD,MAAM,WAAW,GAAG;oBAClB,eAAe,EAAE,CAAC,QAAQ,CAAC;oBAC3B,GAAG,cAAc;iBAClB,CAAC;gBACF,cAAc,CAAC,YAAY,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;gBACjD,OAAO,cAAc,CAAC,QAAQ,CAAC,CAAC;YAClC,CAAC;QACH,CAAC;QACD,8BAA8B;QAC9B,IAAI,YAAE,CAAC,aAAa,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,CAAC;YAClD,MAAM,aAAa,GAAG,cAAc,CAAC,YAAY,CAAC;YAClD,cAAc,CAAC,YAAY,GAAG,EAAE,CAAC;YACjC,KAAK,MAAM,WAAW,IAAI,aAAa,EAAE,CAAC;gBACxC,IAAI,YAAE,CAAC,KAAK,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;oBACvC,eAAM,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;oBAC/C,gDAAgD;oBAChD,KAAK,MAAM,OAAO,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;wBAC/C,yBAAyB;wBACzB,MAAM,YAAY,GAAG,IAAA,wBAAgB,EACnC,WAAW,EACX,OAAsB,CACvB,CAAC;wBACF,OAAO,YAAY,CAAC,YAAY,CAAC;wBACjC,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;oBACjD,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBAChD,CAAC;YACH,CAAC;QACH,CAAC;QACD,IACE,YAAE,CAAC,cAAc,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC;YAChD,YAAE,CAAC,aAAa,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,SAAS,CAAC,EACzD,CAAC;YACD,cAAc,CAAC,aAAa,CAAC,CAAC,SAAS,GAAG,cAAc,CACtD,aAAa,CACd,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;gBAC5B,MAAM,KAAK,GAAG,SAAmB,CAAC;gBAClC,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC1B,OAAO,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBACxC,CAAC;gBACD,OAAO,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAC3C,CAAC,CAAC,CAAC;QACL,CAAC;QACD,IAAI,YAAE,CAAC,aAAa,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,CAAC;YACnD,IAAI,cAAc,CAAC,aAAa,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBACzD,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACrD,cAAc,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAC9C,CAAC;gBACD,cAAc,CAAC,aAAa,GAAG,cAAc,CAAC,aAAa,CAAC,MAAM,CAChE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,KAAK,aAAa,CACvC,CAAC;YACJ,CAAC;QACH,CAAC;QACD,IAAI,YAAE,CAAC,cAAc,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YACrD,cAAc,CAAC,MAAM,GAAG,IAAA,wBAAgB,EACtC,cAAc,CAAC,MAAM,IAAI,EAAE,EAC3B,cAAc,CAAC,aAAa,CAAC,CAC9B,CAAC;QACJ,CAAC;QACD,OAAO,cAAc,CAAC,aAAa,CAAC,CAAC;QACrC,MAAM,UAAU,GAAG,CAAC,IAAA,eAAM,EAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QACnD,IAAI,UAAU,EAAE,CAAC;YACf,qEAAqE;YACrE,OAAO;gBACL,UAAU;gBACV,cAAc,EAAE,aAAa,CAAC,cAAc,CAAC,CAAC,cAAc;aAC7D,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,CAAC;IACxC,CAAC;IAAC,OAAO,GAAG,EAAE,0BAA0B,CAAC,CAAC;QACxC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,uBAAuB,CAAC,CAAC;QACvD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC","sourcesContent":["import is from '@sindresorhus/is';\nimport { dequal } from 'dequal';\nimport { logger } from '../logger';\nimport { clone } from '../util/clone';\nimport { regEx } from '../util/regex';\nimport { MigrationsService } from './migrations';\nimport { getOptions } from './options';\nimport type {\n MigratedConfig,\n MigratedRenovateConfig,\n PackageRule,\n RenovateConfig,\n RenovateOptions,\n} from './types';\nimport { mergeChildConfig } from './utils';\n\nconst options = getOptions();\nexport function fixShortHours(input: string): string {\n return input.replace(regEx(/( \\d?\\d)((a|p)m)/g), '$1:00$2');\n}\n\nlet optionTypes: Record<string, RenovateOptions['type']>;\n// Returns a migrated config\nexport function migrateConfig(\n config: RenovateConfig,\n parentKey?: string,\n): MigratedConfig {\n try {\n if (!optionTypes) {\n optionTypes = {};\n options.forEach((option) => {\n optionTypes[option.name] = option.type;\n });\n }\n const newConfig = MigrationsService.run(config, parentKey);\n const migratedConfig = clone(newConfig) as MigratedRenovateConfig;\n\n for (const [key, val] of Object.entries(newConfig)) {\n if (is.string(val) && val.includes('{{baseDir}}')) {\n migratedConfig[key] = val.replace(\n regEx(/{{baseDir}}/g),\n '{{packageFileDir}}',\n );\n } else if (is.string(val) && val.includes('{{lookupName}}')) {\n migratedConfig[key] = val.replace(\n regEx(/{{lookupName}}/g),\n '{{packageName}}',\n );\n } else if (is.string(val) && val.includes('{{depNameShort}}')) {\n migratedConfig[key] = val.replace(\n regEx(/{{depNameShort}}/g),\n '{{depName}}',\n );\n } else if (is.string(val) && val.startsWith('{{semanticPrefix}}')) {\n migratedConfig[key] = val.replace(\n '{{semanticPrefix}}',\n '{{#if semanticCommitType}}{{semanticCommitType}}{{#if semanticCommitScope}}({{semanticCommitScope}}){{/if}}: {{/if}}',\n );\n } else if (optionTypes[key] === 'object' && is.boolean(val)) {\n migratedConfig[key] = { enabled: val };\n } else if (optionTypes[key] === 'boolean') {\n if (val === 'true') {\n migratedConfig[key] = true;\n } else if (val === 'false') {\n migratedConfig[key] = false;\n }\n } else if (\n optionTypes[key] === 'string' &&\n is.array(val) &&\n val.length === 1\n ) {\n migratedConfig[key] = String(val[0]);\n } else if (is.array(val)) {\n if (is.array(migratedConfig?.[key])) {\n const newArray = [];\n for (const item of migratedConfig[key]) {\n if (is.object(item) && !is.array(item)) {\n const arrMigrate = migrateConfig(item as RenovateConfig);\n newArray.push(arrMigrate.migratedConfig);\n } else {\n newArray.push(item);\n }\n }\n migratedConfig[key] = newArray;\n }\n } else if (is.object(val)) {\n const subMigrate = migrateConfig(\n migratedConfig[key] as RenovateConfig,\n key,\n );\n if (subMigrate.isMigrated) {\n migratedConfig[key] = subMigrate.migratedConfig;\n }\n }\n\n const migratedTemplates = {\n fromVersion: 'currentVersion',\n newValueMajor: 'newMajor',\n newValueMinor: 'newMinor',\n newVersionMajor: 'newMajor',\n newVersionMinor: 'newMinor',\n toVersion: 'newVersion',\n };\n if (is.string(migratedConfig[key])) {\n for (const [from, to] of Object.entries(migratedTemplates)) {\n migratedConfig[key] = (migratedConfig[key] as string).replace(\n regEx(from, 'g'),\n to,\n );\n }\n }\n }\n const languages = [\n 'docker',\n 'dotnet',\n 'golang',\n 'java',\n 'js',\n 'node',\n 'php',\n 'python',\n 'ruby',\n 'rust',\n ];\n for (const language of languages) {\n if (is.nonEmptyObject(migratedConfig[language])) {\n migratedConfig.packageRules ??= [];\n const currentContent = migratedConfig[language] as any;\n const packageRule = {\n matchCategories: [language],\n ...currentContent,\n };\n migratedConfig.packageRules.unshift(packageRule);\n delete migratedConfig[language];\n }\n }\n // Migrate nested packageRules\n if (is.nonEmptyArray(migratedConfig.packageRules)) {\n const existingRules = migratedConfig.packageRules;\n migratedConfig.packageRules = [];\n for (const packageRule of existingRules) {\n if (is.array(packageRule.packageRules)) {\n logger.debug('Flattening nested packageRules');\n // merge each subrule and add to the parent list\n for (const subrule of packageRule.packageRules) {\n // TODO: fix types #22198\n const combinedRule = mergeChildConfig(\n packageRule,\n subrule as PackageRule,\n );\n delete combinedRule.packageRules;\n migratedConfig.packageRules.push(combinedRule);\n }\n } else {\n migratedConfig.packageRules.push(packageRule);\n }\n }\n }\n if (\n is.nonEmptyObject(migratedConfig['pip-compile']) &&\n is.nonEmptyArray(migratedConfig['pip-compile'].fileMatch)\n ) {\n migratedConfig['pip-compile'].fileMatch = migratedConfig[\n 'pip-compile'\n ].fileMatch.map((fileMatch) => {\n const match = fileMatch as string;\n if (match.endsWith('.in')) {\n return match.replace(/\\.in$/, '.txt');\n }\n return match.replace(/\\.in\\$$/, '.txt$');\n });\n }\n if (is.nonEmptyArray(migratedConfig.matchManagers)) {\n if (migratedConfig.matchManagers.includes('gradle-lite')) {\n if (!migratedConfig.matchManagers.includes('gradle')) {\n migratedConfig.matchManagers.push('gradle');\n }\n migratedConfig.matchManagers = migratedConfig.matchManagers.filter(\n (manager) => manager !== 'gradle-lite',\n );\n }\n }\n if (is.nonEmptyObject(migratedConfig['gradle-lite'])) {\n migratedConfig.gradle = mergeChildConfig(\n migratedConfig.gradle ?? {},\n migratedConfig['gradle-lite'],\n );\n }\n delete migratedConfig['gradle-lite'];\n const isMigrated = !dequal(config, migratedConfig);\n if (isMigrated) {\n // recursive call in case any migrated configs need further migrating\n return {\n isMigrated,\n migratedConfig: migrateConfig(migratedConfig).migratedConfig,\n };\n }\n return { isMigrated, migratedConfig };\n } catch (err) /* istanbul ignore next */ {\n logger.debug({ config, err }, 'migrateConfig() error');\n throw err;\n }\n}\n"]}
1
+ {"version":3,"file":"migration.js","sourceRoot":"","sources":["../../lib/config/migration.ts"],"names":[],"mappings":";;AAiBA,sCAEC;AAID,sCAoLC;;AA3MD,kEAAkC;AAClC,mCAAgC;AAChC,sCAAmC;AACnC,yCAAsC;AACtC,yCAAsC;AACtC,6CAAiD;AACjD,uCAAuC;AAQvC,mCAA2C;AAE3C,MAAM,OAAO,GAAG,IAAA,oBAAU,GAAE,CAAC;AAC7B,SAAgB,aAAa,CAAC,KAAa;IACzC,OAAO,KAAK,CAAC,OAAO,CAAC,IAAA,aAAK,EAAC,mBAAmB,CAAC,EAAE,SAAS,CAAC,CAAC;AAC9D,CAAC;AAED,IAAI,WAAoD,CAAC;AACzD,4BAA4B;AAC5B,SAAgB,aAAa,CAC3B,MAAsB,EACtB,SAAkB;IAElB,IAAI,CAAC;QACH,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,WAAW,GAAG,EAAE,CAAC;YACjB,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;gBACzB,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC;YACzC,CAAC,CAAC,CAAC;QACL,CAAC;QACD,MAAM,SAAS,GAAG,8BAAiB,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,IAAA,aAAK,EAAC,SAAS,CAA2B,CAAC;QAElE,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;YACnD,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBAClD,cAAc,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,CAC/B,IAAA,aAAK,EAAC,cAAc,CAAC,EACrB,oBAAoB,CACrB,CAAC;YACJ,CAAC;iBAAM,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBAC5D,cAAc,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,CAC/B,IAAA,aAAK,EAAC,iBAAiB,CAAC,EACxB,iBAAiB,CAClB,CAAC;YACJ,CAAC;iBAAM,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC9D,cAAc,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,CAC/B,IAAA,aAAK,EAAC,mBAAmB,CAAC,EAC1B,aAAa,CACd,CAAC;YACJ,CAAC;iBAAM,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBAClE,cAAc,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,OAAO,CAC/B,oBAAoB,EACpB,sHAAsH,CACvH,CAAC;YACJ,CAAC;iBAAM,IAAI,WAAW,CAAC,GAAG,CAAC,KAAK,QAAQ,IAAI,YAAE,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC5D,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;YACzC,CAAC;iBAAM,IAAI,WAAW,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;gBAC1C,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;oBACnB,cAAc,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;gBAC7B,CAAC;qBAAM,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;oBAC3B,cAAc,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;gBAC9B,CAAC;YACH,CAAC;iBAAM,IACL,WAAW,CAAC,GAAG,CAAC,KAAK,QAAQ;gBAC7B,YAAE,CAAC,KAAK,CAAC,GAAG,CAAC;gBACb,GAAG,CAAC,MAAM,KAAK,CAAC,EAChB,CAAC;gBACD,cAAc,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACvC,CAAC;iBAAM,IAAI,YAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;gBACzB,IAAI,YAAE,CAAC,KAAK,CAAC,cAAc,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;oBACpC,MAAM,QAAQ,GAAG,EAAE,CAAC;oBACpB,KAAK,MAAM,IAAI,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;wBACvC,IAAI,YAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAE,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;4BACvC,MAAM,UAAU,GAAG,aAAa,CAAC,IAAsB,CAAC,CAAC;4BACzD,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;wBAC3C,CAAC;6BAAM,CAAC;4BACN,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBACtB,CAAC;oBACH,CAAC;oBACD,cAAc,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC;gBACjC,CAAC;YACH,CAAC;iBAAM,IAAI,YAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1B,MAAM,UAAU,GAAG,aAAa,CAC9B,cAAc,CAAC,GAAG,CAAmB,EACrC,GAAG,CACJ,CAAC;gBACF,IAAI,UAAU,CAAC,UAAU,EAAE,CAAC;oBAC1B,cAAc,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,cAAc,CAAC;gBAClD,CAAC;YACH,CAAC;YAED,MAAM,iBAAiB,GAAG;gBACxB,WAAW,EAAE,gBAAgB;gBAC7B,aAAa,EAAE,UAAU;gBACzB,aAAa,EAAE,UAAU;gBACzB,eAAe,EAAE,UAAU;gBAC3B,eAAe,EAAE,UAAU;gBAC3B,SAAS,EAAE,YAAY;aACxB,CAAC;YACF,IAAI,YAAE,CAAC,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBACnC,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC3D,cAAc,CAAC,GAAG,CAAC,GAAI,cAAc,CAAC,GAAG,CAAY,CAAC,OAAO,CAC3D,IAAA,aAAK,EAAC,IAAI,EAAE,GAAG,CAAC,EAChB,EAAE,CACH,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QACD,MAAM,SAAS,GAAG;YAChB,QAAQ;YACR,QAAQ;YACR,QAAQ;YACR,MAAM;YACN,IAAI;YACJ,MAAM;YACN,KAAK;YACL,QAAQ;YACR,MAAM;YACN,MAAM;SACP,CAAC;QACF,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,IAAI,YAAE,CAAC,cAAc,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;gBAChD,cAAc,CAAC,YAAY,KAAK,EAAE,CAAC;gBACnC,MAAM,cAAc,GAAG,cAAc,CAAC,QAAQ,CAAQ,CAAC;gBACvD,MAAM,WAAW,GAAG;oBAClB,eAAe,EAAE,CAAC,QAAQ,CAAC;oBAC3B,GAAG,cAAc;iBAClB,CAAC;gBACF,cAAc,CAAC,YAAY,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;gBACjD,OAAO,cAAc,CAAC,QAAQ,CAAC,CAAC;YAClC,CAAC;QACH,CAAC;QACD,8BAA8B;QAC9B,IAAI,YAAE,CAAC,aAAa,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,CAAC;YAClD,MAAM,aAAa,GAAG,cAAc,CAAC,YAAY,CAAC;YAClD,cAAc,CAAC,YAAY,GAAG,EAAE,CAAC;YACjC,KAAK,MAAM,WAAW,IAAI,aAAa,EAAE,CAAC;gBACxC,IAAI,YAAE,CAAC,KAAK,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;oBACvC,eAAM,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;oBAC/C,gDAAgD;oBAChD,KAAK,MAAM,OAAO,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;wBAC/C,yBAAyB;wBACzB,MAAM,YAAY,GAAG,IAAA,wBAAgB,EACnC,WAAW,EACX,OAAsB,CACvB,CAAC;wBACF,OAAO,YAAY,CAAC,YAAY,CAAC;wBACjC,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;oBACjD,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBAChD,CAAC;YACH,CAAC;QACH,CAAC;QACD,IACE,YAAE,CAAC,cAAc,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC;YAChD,YAAE,CAAC,aAAa,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,SAAS,CAAC,EACzD,CAAC;YACD,cAAc,CAAC,aAAa,CAAC,CAAC,SAAS,GAAG,cAAc,CACtD,aAAa,CACd,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;gBAC5B,MAAM,KAAK,GAAG,SAAmB,CAAC;gBAClC,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC1B,OAAO,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBACxC,CAAC;gBACD,OAAO,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAC3C,CAAC,CAAC,CAAC;QACL,CAAC;QACD,IAAI,YAAE,CAAC,aAAa,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,CAAC;YACnD,IAAI,cAAc,CAAC,aAAa,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBACzD,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACrD,cAAc,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAC9C,CAAC;gBACD,cAAc,CAAC,aAAa,GAAG,cAAc,CAAC,aAAa,CAAC,MAAM,CAChE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,KAAK,aAAa,CACvC,CAAC;YACJ,CAAC;QACH,CAAC;QACD,IAAI,YAAE,CAAC,cAAc,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YACrD,cAAc,CAAC,MAAM,GAAG,IAAA,wBAAgB,EACtC,cAAc,CAAC,MAAM,IAAI,EAAE,EAC3B,cAAc,CAAC,aAAa,CAAC,CAC9B,CAAC;QACJ,CAAC;QACD,OAAO,cAAc,CAAC,aAAa,CAAC,CAAC;QACrC,MAAM,UAAU,GAAG,CAAC,IAAA,eAAM,EAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QACnD,IAAI,UAAU,EAAE,CAAC;YACf,qEAAqE;YACrE,OAAO;gBACL,UAAU;gBACV,cAAc,EAAE,aAAa,CAAC,cAAc,CAAC,CAAC,cAAc;aAC7D,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,CAAC;QACtC,qCAAqC;IACvC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,uBAAuB,CAAC,CAAC;QACvD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC","sourcesContent":["import is from '@sindresorhus/is';\nimport { dequal } from 'dequal';\nimport { logger } from '../logger';\nimport { clone } from '../util/clone';\nimport { regEx } from '../util/regex';\nimport { MigrationsService } from './migrations';\nimport { getOptions } from './options';\nimport type {\n MigratedConfig,\n MigratedRenovateConfig,\n PackageRule,\n RenovateConfig,\n RenovateOptions,\n} from './types';\nimport { mergeChildConfig } from './utils';\n\nconst options = getOptions();\nexport function fixShortHours(input: string): string {\n return input.replace(regEx(/( \\d?\\d)((a|p)m)/g), '$1:00$2');\n}\n\nlet optionTypes: Record<string, RenovateOptions['type']>;\n// Returns a migrated config\nexport function migrateConfig(\n config: RenovateConfig,\n parentKey?: string,\n): MigratedConfig {\n try {\n if (!optionTypes) {\n optionTypes = {};\n options.forEach((option) => {\n optionTypes[option.name] = option.type;\n });\n }\n const newConfig = MigrationsService.run(config, parentKey);\n const migratedConfig = clone(newConfig) as MigratedRenovateConfig;\n\n for (const [key, val] of Object.entries(newConfig)) {\n if (is.string(val) && val.includes('{{baseDir}}')) {\n migratedConfig[key] = val.replace(\n regEx(/{{baseDir}}/g),\n '{{packageFileDir}}',\n );\n } else if (is.string(val) && val.includes('{{lookupName}}')) {\n migratedConfig[key] = val.replace(\n regEx(/{{lookupName}}/g),\n '{{packageName}}',\n );\n } else if (is.string(val) && val.includes('{{depNameShort}}')) {\n migratedConfig[key] = val.replace(\n regEx(/{{depNameShort}}/g),\n '{{depName}}',\n );\n } else if (is.string(val) && val.startsWith('{{semanticPrefix}}')) {\n migratedConfig[key] = val.replace(\n '{{semanticPrefix}}',\n '{{#if semanticCommitType}}{{semanticCommitType}}{{#if semanticCommitScope}}({{semanticCommitScope}}){{/if}}: {{/if}}',\n );\n } else if (optionTypes[key] === 'object' && is.boolean(val)) {\n migratedConfig[key] = { enabled: val };\n } else if (optionTypes[key] === 'boolean') {\n if (val === 'true') {\n migratedConfig[key] = true;\n } else if (val === 'false') {\n migratedConfig[key] = false;\n }\n } else if (\n optionTypes[key] === 'string' &&\n is.array(val) &&\n val.length === 1\n ) {\n migratedConfig[key] = String(val[0]);\n } else if (is.array(val)) {\n if (is.array(migratedConfig?.[key])) {\n const newArray = [];\n for (const item of migratedConfig[key]) {\n if (is.object(item) && !is.array(item)) {\n const arrMigrate = migrateConfig(item as RenovateConfig);\n newArray.push(arrMigrate.migratedConfig);\n } else {\n newArray.push(item);\n }\n }\n migratedConfig[key] = newArray;\n }\n } else if (is.object(val)) {\n const subMigrate = migrateConfig(\n migratedConfig[key] as RenovateConfig,\n key,\n );\n if (subMigrate.isMigrated) {\n migratedConfig[key] = subMigrate.migratedConfig;\n }\n }\n\n const migratedTemplates = {\n fromVersion: 'currentVersion',\n newValueMajor: 'newMajor',\n newValueMinor: 'newMinor',\n newVersionMajor: 'newMajor',\n newVersionMinor: 'newMinor',\n toVersion: 'newVersion',\n };\n if (is.string(migratedConfig[key])) {\n for (const [from, to] of Object.entries(migratedTemplates)) {\n migratedConfig[key] = (migratedConfig[key] as string).replace(\n regEx(from, 'g'),\n to,\n );\n }\n }\n }\n const languages = [\n 'docker',\n 'dotnet',\n 'golang',\n 'java',\n 'js',\n 'node',\n 'php',\n 'python',\n 'ruby',\n 'rust',\n ];\n for (const language of languages) {\n if (is.nonEmptyObject(migratedConfig[language])) {\n migratedConfig.packageRules ??= [];\n const currentContent = migratedConfig[language] as any;\n const packageRule = {\n matchCategories: [language],\n ...currentContent,\n };\n migratedConfig.packageRules.unshift(packageRule);\n delete migratedConfig[language];\n }\n }\n // Migrate nested packageRules\n if (is.nonEmptyArray(migratedConfig.packageRules)) {\n const existingRules = migratedConfig.packageRules;\n migratedConfig.packageRules = [];\n for (const packageRule of existingRules) {\n if (is.array(packageRule.packageRules)) {\n logger.debug('Flattening nested packageRules');\n // merge each subrule and add to the parent list\n for (const subrule of packageRule.packageRules) {\n // TODO: fix types #22198\n const combinedRule = mergeChildConfig(\n packageRule,\n subrule as PackageRule,\n );\n delete combinedRule.packageRules;\n migratedConfig.packageRules.push(combinedRule);\n }\n } else {\n migratedConfig.packageRules.push(packageRule);\n }\n }\n }\n if (\n is.nonEmptyObject(migratedConfig['pip-compile']) &&\n is.nonEmptyArray(migratedConfig['pip-compile'].fileMatch)\n ) {\n migratedConfig['pip-compile'].fileMatch = migratedConfig[\n 'pip-compile'\n ].fileMatch.map((fileMatch) => {\n const match = fileMatch as string;\n if (match.endsWith('.in')) {\n return match.replace(/\\.in$/, '.txt');\n }\n return match.replace(/\\.in\\$$/, '.txt$');\n });\n }\n if (is.nonEmptyArray(migratedConfig.matchManagers)) {\n if (migratedConfig.matchManagers.includes('gradle-lite')) {\n if (!migratedConfig.matchManagers.includes('gradle')) {\n migratedConfig.matchManagers.push('gradle');\n }\n migratedConfig.matchManagers = migratedConfig.matchManagers.filter(\n (manager) => manager !== 'gradle-lite',\n );\n }\n }\n if (is.nonEmptyObject(migratedConfig['gradle-lite'])) {\n migratedConfig.gradle = mergeChildConfig(\n migratedConfig.gradle ?? {},\n migratedConfig['gradle-lite'],\n );\n }\n delete migratedConfig['gradle-lite'];\n const isMigrated = !dequal(config, migratedConfig);\n if (isMigrated) {\n // recursive call in case any migrated configs need further migrating\n return {\n isMigrated,\n migratedConfig: migrateConfig(migratedConfig).migratedConfig,\n };\n }\n return { isMigrated, migratedConfig };\n /* v8 ignore next 4: TODO: test me */\n } catch (err) {\n logger.debug({ config, err }, 'migrateConfig() error');\n throw err;\n }\n}\n"]}
package/dist/config/migrations/custom/rebase-stale-prs-migration.js CHANGED
@@ -13,7 +13,7 @@ class RebaseStalePrsMigration extends abstract_migration_1.AbstractMigration {
13
13
  if (is_1.default.boolean(value)) {
14
14
  this.setSafely('rebaseWhen', value ? 'behind-base-branch' : 'conflicted');
15
15
  }
16
- if (is_1.default.null_(value)) {
16
+ if (null === value) {
17
17
  this.setSafely('rebaseWhen', 'auto');
18
18
  }
19
19
  }
package/dist/config/migrations/custom/rebase-stale-prs-migration.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"rebase-stale-prs-migration.js","sourceRoot":"","sources":["../../../../lib/config/migrations/custom/rebase-stale-prs-migration.ts"],"names":[],"mappings":";;;;AAAA,kEAAkC;AAClC,mEAA+D;AAE/D,MAAa,uBAAwB,SAAQ,sCAAiB;IAC1C,UAAU,GAAG,IAAI,CAAC;IAClB,YAAY,GAAG,gBAAgB,CAAC;IAEzC,GAAG,CAAC,KAAc;QACzB,MAAM,mBAAmB,GAAG,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QAE5D,IAAI,mBAAmB,KAAK,KAAK,EAAE,CAAC;YAClC,IAAI,YAAE,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACtB,IAAI,CAAC,SAAS,CACZ,YAAY,EACZ,KAAK,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,YAAY,CAC5C,CAAC;YACJ,CAAC;YAED,IAAI,YAAE,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;gBACpB,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;IACH,CAAC;CACF;AApBD,0DAoBC","sourcesContent":["import is from '@sindresorhus/is';\nimport { AbstractMigration } from '../base/abstract-migration';\n\nexport class RebaseStalePrsMigration extends AbstractMigration {\n override readonly deprecated = true;\n override readonly propertyName = 'rebaseStalePrs';\n\n override run(value: unknown): void {\n const rebaseConflictedPrs = this.get('rebaseConflictedPrs');\n\n if (rebaseConflictedPrs !== false) {\n if (is.boolean(value)) {\n this.setSafely(\n 'rebaseWhen',\n value ? 'behind-base-branch' : 'conflicted',\n );\n }\n\n if (is.null_(value)) {\n this.setSafely('rebaseWhen', 'auto');\n }\n }\n }\n}\n"]}
1
+ {"version":3,"file":"rebase-stale-prs-migration.js","sourceRoot":"","sources":["../../../../lib/config/migrations/custom/rebase-stale-prs-migration.ts"],"names":[],"mappings":";;;;AAAA,kEAAkC;AAClC,mEAA+D;AAE/D,MAAa,uBAAwB,SAAQ,sCAAiB;IAC1C,UAAU,GAAG,IAAI,CAAC;IAClB,YAAY,GAAG,gBAAgB,CAAC;IAEzC,GAAG,CAAC,KAAc;QACzB,MAAM,mBAAmB,GAAG,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QAE5D,IAAI,mBAAmB,KAAK,KAAK,EAAE,CAAC;YAClC,IAAI,YAAE,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACtB,IAAI,CAAC,SAAS,CACZ,YAAY,EACZ,KAAK,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,YAAY,CAC5C,CAAC;YACJ,CAAC;YAED,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;gBACnB,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;IACH,CAAC;CACF;AApBD,0DAoBC","sourcesContent":["import is from '@sindresorhus/is';\nimport { AbstractMigration } from '../base/abstract-migration';\n\nexport class RebaseStalePrsMigration extends AbstractMigration {\n override readonly deprecated = true;\n override readonly propertyName = 'rebaseStalePrs';\n\n override run(value: unknown): void {\n const rebaseConflictedPrs = this.get('rebaseConflictedPrs');\n\n if (rebaseConflictedPrs !== false) {\n if (is.boolean(value)) {\n this.setSafely(\n 'rebaseWhen',\n value ? 'behind-base-branch' : 'conflicted',\n );\n }\n\n if (null === value) {\n this.setSafely('rebaseWhen', 'auto');\n }\n }\n }\n}\n"]}
package/dist/config/options/index.js CHANGED
@@ -475,7 +475,7 @@ const options = [
475
475
  name: 'dockerSidecarImage',
476
476
  description: 'Change this value to override the default Renovate sidecar image.',
477
477
  type: 'string',
478
- default: 'ghcr.io/containerbase/sidecar:13.7.17',
478
+ default: 'ghcr.io/containerbase/sidecar:13.8.5',
479
479
  globalOnly: true,
480
480
  },
481
481
  {
@@ -1874,7 +1874,7 @@ const options = [
1874
1874
  type: 'string',
1875
1875
  allowedValues: ['auto', 'fast-forward', 'merge-commit', 'rebase', 'squash'],
1876
1876
  default: 'auto',
1877
- supportedPlatforms: ['azure', 'bitbucket', 'gitea'],
1877
+ supportedPlatforms: ['azure', 'bitbucket', 'gitea', 'github'],
1878
1878
  },
1879
1879
  {
1880
1880
  name: 'automergeComment',
@@ -2581,7 +2581,7 @@ const options = [
2581
2581
  name: 'fileFormat',
2582
2582
  description: 'It specifies the syntax of the package file being managed by the custom JSONata manager.',
2583
2583
  type: 'string',
2584
- allowedValues: ['json', 'yaml'],
2584
+ allowedValues: ['json', 'toml', 'yaml'],
2585
2585
  parents: ['customManagers'],
2586
2586
  cli: false,
2587
2587
  env: false,