actions/toolkit
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/actions/toolkit synced 2026-04-22 14:58:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

update test case and handling

Browse Source
This commit is contained in:
bethanyj28
2024-02-23 13:41:40 -05:00
parent 76489f433b
commit 4256ea99c5
3 changed files with 20 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
packages/artifact/__tests__/download-artifact.test.ts
View File

@@ -180,7 +180,7 @@ describe('download-artifact', () => {
expect(response.downloadPath).toBe(fixtures.workspaceDir)
})
it.only('should not allow path traversal from malicious artifacts', async () => {
it('should not allow path traversal from malicious artifacts', async () => {
const downloadArtifactMock = github.getOctokit(fixtures.token).rest
.actions.downloadArtifact as MockedDownloadArtifact
downloadArtifactMock.mockResolvedValueOnce({
@@ -200,12 +200,12 @@ describe('download-artifact', () => {
}
)
const response = await downloadArtifactPublic(
await expect(downloadArtifactPublic(
fixtures.artifactID,
fixtures.repositoryOwner,
fixtures.repositoryName,
fixtures.token
)
)).rejects.toBeInstanceOf(Error)
expect(downloadArtifactMock).toHaveBeenCalledWith({
owner: fixtures.repositoryOwner,
@@ -221,10 +221,6 @@ describe('download-artifact', () => {
expect(mockGetArtifactMalicious).toHaveBeenCalledWith(
fixtures.blobStorageUrl
)
expect(
fs.readFileSync(path.join(fixtures.workspaceDir, 'etc/hosts'), 'utf8')
).toEqual('foo')
expect(response.downloadPath).toBe(fixtures.workspaceDir)
})
it('should successfully download an artifact to user defined path', async () => {

BIN
packages/artifact/__tests__/fixtures/evil.zip
View File

Binary file not shown.