7d7ff4475a
* initial esm conversion Signed-off-by: Brian DeHamer <bdehamer@github.com> * esm'ify jest tests Signed-off-by: Brian DeHamer <bdehamer@github.com> * lint issues Signed-off-by: Brian DeHamer <bdehamer@github.com> * debug mock Signed-off-by: Brian DeHamer <bdehamer@github.com> * glob updated Signed-off-by: Brian DeHamer <bdehamer@github.com> * async all file functions Signed-off-by: Brian DeHamer <bdehamer@github.com> * update @actions/github Signed-off-by: Brian DeHamer <bdehamer@github.com> * update @actions/attest Signed-off-by: Brian DeHamer <bdehamer@github.com> * rebuild package-lock.json Signed-off-by: Brian DeHamer <bdehamer@github.com> * use experimental flag for jest in ci Signed-off-by: Brian DeHamer <bdehamer@github.com> * remove stray istanbul ignore Signed-off-by: Brian DeHamer <bdehamer@github.com> * Optimize getSubjectFromPath to avoid concurrent stat calls Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> * Fix boundary condition for MAX_SUBJECT_COUNT check Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> * Improve error message clarity for subject count limit Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> * Update test to match new error message format Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> * Fix parseSBOMFromPath to check file size before reading Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> * Build package with updated changes Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com> --------- Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com>
63 lines
1.6 KiB
TypeScript
63 lines
1.6 KiB
TypeScript
import fs from 'fs/promises'
|
|
|
|
import type { Predicate } from '@actions/attest'
|
|
|
|
export type PredicateInputs = {
|
|
predicateType: string
|
|
predicate: string
|
|
predicatePath: string
|
|
}
|
|
|
|
const MAX_PREDICATE_SIZE_BYTES = 16 * 1024 * 1024
|
|
|
|
// Returns the predicate specified by the action's inputs. The predicate value
|
|
// may be specified as a path to a file or as a string.
|
|
export const predicateFromInputs = async (
|
|
inputs: PredicateInputs
|
|
): Promise<Predicate> => {
|
|
const { predicateType, predicate, predicatePath } = inputs
|
|
|
|
if (!predicateType) {
|
|
throw new Error('predicate-type must be provided')
|
|
}
|
|
|
|
if (!predicatePath && !predicate) {
|
|
throw new Error('One of predicate-path or predicate must be provided')
|
|
}
|
|
|
|
if (predicatePath && predicate) {
|
|
throw new Error('Only one of predicate-path or predicate may be provided')
|
|
}
|
|
|
|
let params: string = predicate
|
|
|
|
if (predicatePath) {
|
|
try {
|
|
await fs.access(predicatePath)
|
|
} catch {
|
|
throw new Error(`predicate file not found: ${predicatePath}`)
|
|
}
|
|
|
|
const stat = await fs.stat(predicatePath)
|
|
|
|
/* istanbul ignore next */
|
|
if (stat.size > MAX_PREDICATE_SIZE_BYTES) {
|
|
throw new Error(
|
|
`predicate file exceeds maximum allowed size: ${MAX_PREDICATE_SIZE_BYTES} bytes`
|
|
)
|
|
}
|
|
|
|
params = await fs.readFile(predicatePath, 'utf-8')
|
|
} else {
|
|
if (predicate.length > MAX_PREDICATE_SIZE_BYTES) {
|
|
throw new Error(
|
|
`predicate string exceeds maximum allowed size: ${MAX_PREDICATE_SIZE_BYTES} bytes`
|
|
)
|
|
}
|
|
|
|
params = predicate
|
|
}
|
|
|
|
return { type: predicateType, params: JSON.parse(params) }
|
|
}
|