renovate 42.68.5 → 42.69.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/dist/config/global.js +1 -0
  2. package/dist/config/global.js.map +1 -1
  3. package/dist/config/options/index.js +7 -0
  4. package/dist/config/options/index.js.map +1 -1
  5. package/dist/config/types.d.ts +1 -0
  6. package/dist/config/types.js.map +1 -1
  7. package/dist/modules/manager/fingerprint.generated.js +1 -1
  8. package/dist/modules/manager/fingerprint.generated.js.map +1 -1
  9. package/dist/util/exec/containerbase.js +0 -4
  10. package/dist/util/exec/containerbase.js.map +1 -1
  11. package/dist/util/exec/types.d.ts +0 -1
  12. package/dist/util/exec/types.js.map +1 -1
  13. package/dist/workers/repository/update/branch/execute-post-upgrade-commands.js +1 -1
  14. package/dist/workers/repository/update/branch/execute-post-upgrade-commands.js.map +1 -1
  15. package/package.json +1 -1
  16. package/renovate-schema.json +7 -2
package/dist/config/global.js CHANGED
@@ -7,6 +7,7 @@ class GlobalConfig {
7
7
  'allowCustomCrateRegistries',
8
8
  'allowPlugins',
9
9
  'allowScripts',
10
+ 'allowShellExecutorForPostUpgradeCommands',
10
11
  'allowedCommands',
11
12
  'allowedEnv',
12
13
  'allowedHeaders',
package/dist/config/global.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"global.js","sourceRoot":"","sources":["../../lib/config/global.ts"],"names":[],"mappings":";;;AAEA,MAAa,YAAY;IACvB,iIAAiI;IACjI,MAAM,CAAC,OAAO,GAAwC;QACpD,4BAA4B;QAC5B,cAAc;QACd,cAAc;QACd,iBAAiB;QACjB,YAAY;QACZ,gBAAgB;QAChB,yBAAyB;QACzB,uBAAuB;QACvB,sBAAsB;QACtB,cAAc;QACd,UAAU;QACV,qBAAqB;QACrB,sBAAsB;QACtB,kBAAkB;QAClB,kBAAkB;QAClB,oBAAoB;QACpB,mBAAmB;QACnB,kBAAkB;QAClB,gBAAgB;QAChB,oBAAoB;QACpB,YAAY;QACZ,QAAQ;QACR,kBAAkB;QAClB,UAAU;QACV,kBAAkB;QAClB,cAAc;QACd,YAAY;QACZ,iBAAiB;QACjB,kBAAkB;QAClB,gBAAgB;QAChB,gBAAgB;QAChB,UAAU;QACV,gBAAgB;QAChB,wBAAwB;QACxB,UAAU;QACV,wBAAwB;QACxB,YAAY;QACZ,aAAa;QACb,WAAW;KACZ,CAAC;IAEM,MAAM,CAAC,MAAM,GAAqB,EAAE,CAAC;IAU7C,MAAM,CAAC,GAAG,CACR,GAAS,EACT,YAAoC;QAEpC,OAAO,GAAG;YACR,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC;YAC5C,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC;IAC1B,CAAC;IAED,MAAM,CAAC,GAAG,CAAC,MAAyC;QAClD,YAAY,CAAC,KAAK,EAAE,CAAC;QAErB,MAAM,MAAM,GAAG,EAAE,GAAG,MAAM,EAAE,CAAC;QAC7B,KAAK,MAAM,MAAM,IAAI,YAAY,CAAC,OAAO,EAAE,CAAC;YAC1C,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,CAAU,CAAC;YACtD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC;QACxB,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,CAAC,KAAK;QACV,YAAY,CAAC,MAAM,GAAG,EAAE,CAAC;IAC3B,CAAC;;AA7EH,oCA8EC","sourcesContent":["import type { RenovateConfig, RepoGlobalConfig } from './types';\n\nexport class GlobalConfig {\n // TODO: once global config work is complete, add a test to make sure this list includes all options with globalOnly=true (#9603)\n static OPTIONS: readonly (keyof RepoGlobalConfig)[] = [\n 'allowCustomCrateRegistries',\n 'allowPlugins',\n 'allowScripts',\n 'allowedCommands',\n 'allowedEnv',\n 'allowedHeaders',\n 'allowedUnsafeExecutions',\n 'autodiscoverRepoOrder',\n 'autodiscoverRepoSort',\n 'binarySource',\n 'cacheDir',\n 'cacheHardTtlMinutes',\n 'cachePrivatePackages',\n 'cacheTtlOverride',\n 'containerbaseDir',\n 'customEnvVariables',\n 'dockerChildPrefix',\n 'dockerCliOptions',\n 'dockerMaxPages',\n 'dockerSidecarImage',\n 'dockerUser',\n 'dryRun',\n 'encryptedWarning',\n 'endpoint',\n 'executionTimeout',\n 'exposeAllEnv',\n 'gitTimeout',\n 'githubTokenWarn',\n 'httpCacheTtlDays',\n 'ignorePrAuthor',\n 'includeMirrors',\n 'localDir',\n 'migratePresets',\n 'onboardingAutoCloseAge',\n 'platform',\n 'presetCachePersistence',\n 's3Endpoint',\n 's3PathStyle',\n 'userAgent',\n ];\n\n private static config: RepoGlobalConfig = {};\n\n static get(): RepoGlobalConfig;\n static get<Key extends keyof RepoGlobalConfig>(\n key: Key,\n ): RepoGlobalConfig[Key];\n static get<Key extends keyof RepoGlobalConfig>(\n key: Key,\n defaultValue: Required<RepoGlobalConfig>[Key],\n ): Required<RepoGlobalConfig>[Key];\n static get<Key extends keyof RepoGlobalConfig>(\n key?: Key,\n defaultValue?: RepoGlobalConfig[Key],\n ): RepoGlobalConfig | RepoGlobalConfig[Key] {\n return key\n ? (GlobalConfig.config[key] ?? defaultValue)\n : GlobalConfig.config;\n }\n\n static set(config: RenovateConfig & RepoGlobalConfig): RenovateConfig {\n GlobalConfig.reset();\n\n const result = { ...config };\n for (const option of GlobalConfig.OPTIONS) {\n GlobalConfig.config[option] = config[option] as never;\n delete result[option];\n }\n\n return result;\n }\n\n static reset(): void {\n GlobalConfig.config = {};\n }\n}\n"]}
1
+ {"version":3,"file":"global.js","sourceRoot":"","sources":["../../lib/config/global.ts"],"names":[],"mappings":";;;AAEA,MAAa,YAAY;IACvB,iIAAiI;IACjI,MAAM,CAAC,OAAO,GAAwC;QACpD,4BAA4B;QAC5B,cAAc;QACd,cAAc;QACd,0CAA0C;QAC1C,iBAAiB;QACjB,YAAY;QACZ,gBAAgB;QAChB,yBAAyB;QACzB,uBAAuB;QACvB,sBAAsB;QACtB,cAAc;QACd,UAAU;QACV,qBAAqB;QACrB,sBAAsB;QACtB,kBAAkB;QAClB,kBAAkB;QAClB,oBAAoB;QACpB,mBAAmB;QACnB,kBAAkB;QAClB,gBAAgB;QAChB,oBAAoB;QACpB,YAAY;QACZ,QAAQ;QACR,kBAAkB;QAClB,UAAU;QACV,kBAAkB;QAClB,cAAc;QACd,YAAY;QACZ,iBAAiB;QACjB,kBAAkB;QAClB,gBAAgB;QAChB,gBAAgB;QAChB,UAAU;QACV,gBAAgB;QAChB,wBAAwB;QACxB,UAAU;QACV,wBAAwB;QACxB,YAAY;QACZ,aAAa;QACb,WAAW;KACZ,CAAC;IAEM,MAAM,CAAC,MAAM,GAAqB,EAAE,CAAC;IAU7C,MAAM,CAAC,GAAG,CACR,GAAS,EACT,YAAoC;QAEpC,OAAO,GAAG;YACR,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC;YAC5C,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC;IAC1B,CAAC;IAED,MAAM,CAAC,GAAG,CAAC,MAAyC;QAClD,YAAY,CAAC,KAAK,EAAE,CAAC;QAErB,MAAM,MAAM,GAAG,EAAE,GAAG,MAAM,EAAE,CAAC;QAC7B,KAAK,MAAM,MAAM,IAAI,YAAY,CAAC,OAAO,EAAE,CAAC;YAC1C,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,CAAU,CAAC;YACtD,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC;QACxB,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,CAAC,KAAK;QACV,YAAY,CAAC,MAAM,GAAG,EAAE,CAAC;IAC3B,CAAC;;AA9EH,oCA+EC","sourcesContent":["import type { RenovateConfig, RepoGlobalConfig } from './types';\n\nexport class GlobalConfig {\n // TODO: once global config work is complete, add a test to make sure this list includes all options with globalOnly=true (#9603)\n static OPTIONS: readonly (keyof RepoGlobalConfig)[] = [\n 'allowCustomCrateRegistries',\n 'allowPlugins',\n 'allowScripts',\n 'allowShellExecutorForPostUpgradeCommands',\n 'allowedCommands',\n 'allowedEnv',\n 'allowedHeaders',\n 'allowedUnsafeExecutions',\n 'autodiscoverRepoOrder',\n 'autodiscoverRepoSort',\n 'binarySource',\n 'cacheDir',\n 'cacheHardTtlMinutes',\n 'cachePrivatePackages',\n 'cacheTtlOverride',\n 'containerbaseDir',\n 'customEnvVariables',\n 'dockerChildPrefix',\n 'dockerCliOptions',\n 'dockerMaxPages',\n 'dockerSidecarImage',\n 'dockerUser',\n 'dryRun',\n 'encryptedWarning',\n 'endpoint',\n 'executionTimeout',\n 'exposeAllEnv',\n 'gitTimeout',\n 'githubTokenWarn',\n 'httpCacheTtlDays',\n 'ignorePrAuthor',\n 'includeMirrors',\n 'localDir',\n 'migratePresets',\n 'onboardingAutoCloseAge',\n 'platform',\n 'presetCachePersistence',\n 's3Endpoint',\n 's3PathStyle',\n 'userAgent',\n ];\n\n private static config: RepoGlobalConfig = {};\n\n static get(): RepoGlobalConfig;\n static get<Key extends keyof RepoGlobalConfig>(\n key: Key,\n ): RepoGlobalConfig[Key];\n static get<Key extends keyof RepoGlobalConfig>(\n key: Key,\n defaultValue: Required<RepoGlobalConfig>[Key],\n ): Required<RepoGlobalConfig>[Key];\n static get<Key extends keyof RepoGlobalConfig>(\n key?: Key,\n defaultValue?: RepoGlobalConfig[Key],\n ): RepoGlobalConfig | RepoGlobalConfig[Key] {\n return key\n ? (GlobalConfig.config[key] ?? defaultValue)\n : GlobalConfig.config;\n }\n\n static set(config: RenovateConfig & RepoGlobalConfig): RenovateConfig {\n GlobalConfig.reset();\n\n const result = { ...config };\n for (const option of GlobalConfig.OPTIONS) {\n GlobalConfig.config[option] = config[option] as never;\n delete result[option];\n }\n\n return result;\n }\n\n static reset(): void {\n GlobalConfig.config = {};\n }\n}\n"]}
package/dist/config/options/index.js CHANGED
@@ -896,6 +896,13 @@ const options = [
896
896
  type: 'boolean',
897
897
  default: false,
898
898
  },
899
+ {
900
+ name: 'allowShellExecutorForPostUpgradeCommands',
901
+ description: 'Whether to run commands for `postUpgradeTasks` inside a shell. This has security implications, as it means that they can call out to other commands or access shell variables. It is difficult to craft an `allowedCommands` regex to restrict this.',
902
+ globalOnly: true,
903
+ type: 'boolean',
904
+ default: true,
905
+ },
899
906
  {
900
907
  name: 'allowCustomCrateRegistries',
901
908
  description: 'Set this to `true` to allow custom crate registries.',