actions/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action synced 2026-05-22 00:00:34 +03:00
Code Issues Packages Projects Releases Wiki Activity

Make it clearer what the expectations for isUsernamePassword are

Browse Source
This commit is contained in:
Michael B. Gale
2026-04-30 12:49:49 +01:00
parent 7a6ed56219
commit 549683cee5
6 changed files with 149 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/start-proxy-action.js
Generated
+8 -5
View File
@@ -122008,14 +122008,17 @@ var usernamePasswordSchema = {
password: optional(string),
...usernameSchema
};
function isUsernamePassword(config) {
return validateSchema(usernamePasswordSchema, config);
function hasUsernameAndPassword(config) {
return hasUsername(config) && "password" in config;
}
var tokenSchema = {
/** The token needed to authenticate to the package registry, if any. */
token: optional(string),
...usernameSchema
};
function hasToken(config) {
return "token" in config;
}
function isToken(config) {
return "token" in config && validateSchema(tokenSchema, config);
}
@@ -122086,7 +122089,7 @@ function credentialToStr(credential) {
isDefined2(credential.password) ? "***" : void 0
);
}
if (isToken(credential)) {
if (hasToken(credential)) {
appendIfDefined("Token", isDefined2(credential.token) ? "***" : void 0);
}
if (isAzureConfig(credential)) {
@@ -122604,8 +122607,8 @@ function getCredentials(logger, registrySecrets, registriesCredentials, language
}
}
const noUsername = !hasUsername(authConfig) || !isDefined2(authConfig.username);
const passwordIsPAT = isUsernamePassword(authConfig) && isDefined2(authConfig.password) && isPAT(authConfig.password);
const tokenIsPAT = isToken(authConfig) && isDefined2(authConfig.token) && isPAT(authConfig.token);
const passwordIsPAT = hasUsernameAndPassword(authConfig) && isDefined2(authConfig.password) && isPAT(authConfig.password);
const tokenIsPAT = hasToken(authConfig) && isDefined2(authConfig.token) && isPAT(authConfig.token);
if (noUsername && (passwordIsPAT || tokenIsPAT)) {
logger.warning(
`A ${e.type} private registry is configured for ${e.host || e.url} using a GitHub Personal Access Token (PAT), but no username was provided. This may not work correctly. When configuring a private registry using a PAT, select "Username and password" and enter the username of the user who generated the PAT.`