diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index 48e7c1bd71..3e77189961 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -114966,6 +114966,7 @@ var require_commonjs19 = __commonJS({ "node_modules/@isaacs/brace-expansion/dist/commonjs/index.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.EXPANSION_MAX = void 0; exports2.expand = expand2; var balanced_match_1 = require_commonjs18(); var escSlash = "\0SLASH" + Math.random() + "\0"; @@ -114983,6 +114984,7 @@ var require_commonjs19 = __commonJS({ var closePattern = /\\}/g; var commaPattern = /\\,/g; var periodPattern = /\\./g; + exports2.EXPANSION_MAX = 1e5; function numeric(str2) { return !isNaN(str2) ? parseInt(str2, 10) : str2.charCodeAt(0); } @@ -115013,14 +115015,15 @@ var require_commonjs19 = __commonJS({ parts.push.apply(parts, p); return parts; } - function expand2(str2) { + function expand2(str2, options = {}) { if (!str2) { return []; } + const { max = exports2.EXPANSION_MAX } = options; if (str2.slice(0, 2) === "{}") { str2 = "\\{\\}" + str2.slice(2); } - return expand_(escapeBraces(str2), true).map(unescapeBraces); + return expand_(escapeBraces(str2), max, true).map(unescapeBraces); } function embrace(str2) { return "{" + str2 + "}"; @@ -115034,15 +115037,15 @@ var require_commonjs19 = __commonJS({ function gte6(i, y) { return i >= y; } - function expand_(str2, isTop) { + function expand_(str2, max, isTop) { const expansions = []; const m = (0, balanced_match_1.balanced)("{", "}", str2); if (!m) return [str2]; const pre = m.pre; - const post = m.post.length ? expand_(m.post, false) : [""]; + const post = m.post.length ? expand_(m.post, max, false) : [""]; if (/\$$/.test(m.pre)) { - for (let k = 0; k < post.length; k++) { + for (let k = 0; k < post.length && k < max; k++) { const expansion = pre + "{" + m.body + "}" + post[k]; expansions.push(expansion); } @@ -115054,7 +115057,7 @@ var require_commonjs19 = __commonJS({ if (!isSequence && !isOptions) { if (m.post.match(/,(?!,).*\}/)) { str2 = m.pre + "{" + m.body + escClose + m.post; - return expand_(str2); + return expand_(str2, max, true); } return [str2]; } @@ -115064,7 +115067,7 @@ var require_commonjs19 = __commonJS({ } else { n = parseCommaParts(m.body); if (n.length === 1 && n[0] !== void 0) { - n = expand_(n[0], false).map(embrace); + n = expand_(n[0], max, false).map(embrace); if (n.length === 1) { return post.map((p) => m.pre + n[0] + p); } @@ -115110,11 +115113,11 @@ var require_commonjs19 = __commonJS({ } else { N = []; for (let j = 0; j < n.length; j++) { - N.push.apply(N, expand_(n[j], false)); + N.push.apply(N, expand_(n[j], max, false)); } } for (let j = 0; j < N.length; j++) { - for (let k = 0; k < post.length; k++) { + for (let k = 0; k < post.length && expansions.length < max; k++) { const expansion = pre + N[j] + post[k]; if (!isTop || isSequence || expansion) { expansions.push(expansion); diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 6d71adc593..9aa6dbf87a 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -114966,6 +114966,7 @@ var require_commonjs19 = __commonJS({ "node_modules/@isaacs/brace-expansion/dist/commonjs/index.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.EXPANSION_MAX = void 0; exports2.expand = expand2; var balanced_match_1 = require_commonjs18(); var escSlash = "\0SLASH" + Math.random() + "\0"; @@ -114983,6 +114984,7 @@ var require_commonjs19 = __commonJS({ var closePattern = /\\}/g; var commaPattern = /\\,/g; var periodPattern = /\\./g; + exports2.EXPANSION_MAX = 1e5; function numeric(str2) { return !isNaN(str2) ? parseInt(str2, 10) : str2.charCodeAt(0); } @@ -115013,14 +115015,15 @@ var require_commonjs19 = __commonJS({ parts.push.apply(parts, p); return parts; } - function expand2(str2) { + function expand2(str2, options = {}) { if (!str2) { return []; } + const { max = exports2.EXPANSION_MAX } = options; if (str2.slice(0, 2) === "{}") { str2 = "\\{\\}" + str2.slice(2); } - return expand_(escapeBraces(str2), true).map(unescapeBraces); + return expand_(escapeBraces(str2), max, true).map(unescapeBraces); } function embrace(str2) { return "{" + str2 + "}"; @@ -115034,15 +115037,15 @@ var require_commonjs19 = __commonJS({ function gte6(i, y) { return i >= y; } - function expand_(str2, isTop) { + function expand_(str2, max, isTop) { const expansions = []; const m = (0, balanced_match_1.balanced)("{", "}", str2); if (!m) return [str2]; const pre = m.pre; - const post = m.post.length ? expand_(m.post, false) : [""]; + const post = m.post.length ? expand_(m.post, max, false) : [""]; if (/\$$/.test(m.pre)) { - for (let k = 0; k < post.length; k++) { + for (let k = 0; k < post.length && k < max; k++) { const expansion = pre + "{" + m.body + "}" + post[k]; expansions.push(expansion); } @@ -115054,7 +115057,7 @@ var require_commonjs19 = __commonJS({ if (!isSequence && !isOptions) { if (m.post.match(/,(?!,).*\}/)) { str2 = m.pre + "{" + m.body + escClose + m.post; - return expand_(str2); + return expand_(str2, max, true); } return [str2]; } @@ -115064,7 +115067,7 @@ var require_commonjs19 = __commonJS({ } else { n = parseCommaParts(m.body); if (n.length === 1 && n[0] !== void 0) { - n = expand_(n[0], false).map(embrace); + n = expand_(n[0], max, false).map(embrace); if (n.length === 1) { return post.map((p) => m.pre + n[0] + p); } @@ -115110,11 +115113,11 @@ var require_commonjs19 = __commonJS({ } else { N = []; for (let j = 0; j < n.length; j++) { - N.push.apply(N, expand_(n[j], false)); + N.push.apply(N, expand_(n[j], max, false)); } } for (let j = 0; j < N.length; j++) { - for (let k = 0; k < post.length; k++) { + for (let k = 0; k < post.length && expansions.length < max; k++) { const expansion = pre + N[j] + post[k]; if (!isTop || isSequence || expansion) { expansions.push(expansion); diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index ff9a7932d7..331b4d2503 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -113593,6 +113593,7 @@ var require_commonjs19 = __commonJS({ "node_modules/@isaacs/brace-expansion/dist/commonjs/index.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.EXPANSION_MAX = void 0; exports2.expand = expand2; var balanced_match_1 = require_commonjs18(); var escSlash = "\0SLASH" + Math.random() + "\0"; @@ -113610,6 +113611,7 @@ var require_commonjs19 = __commonJS({ var closePattern = /\\}/g; var commaPattern = /\\,/g; var periodPattern = /\\./g; + exports2.EXPANSION_MAX = 1e5; function numeric(str2) { return !isNaN(str2) ? parseInt(str2, 10) : str2.charCodeAt(0); } @@ -113640,14 +113642,15 @@ var require_commonjs19 = __commonJS({ parts.push.apply(parts, p); return parts; } - function expand2(str2) { + function expand2(str2, options = {}) { if (!str2) { return []; } + const { max = exports2.EXPANSION_MAX } = options; if (str2.slice(0, 2) === "{}") { str2 = "\\{\\}" + str2.slice(2); } - return expand_(escapeBraces(str2), true).map(unescapeBraces); + return expand_(escapeBraces(str2), max, true).map(unescapeBraces); } function embrace(str2) { return "{" + str2 + "}"; @@ -113661,15 +113664,15 @@ var require_commonjs19 = __commonJS({ function gte6(i, y) { return i >= y; } - function expand_(str2, isTop) { + function expand_(str2, max, isTop) { const expansions = []; const m = (0, balanced_match_1.balanced)("{", "}", str2); if (!m) return [str2]; const pre = m.pre; - const post = m.post.length ? expand_(m.post, false) : [""]; + const post = m.post.length ? expand_(m.post, max, false) : [""]; if (/\$$/.test(m.pre)) { - for (let k = 0; k < post.length; k++) { + for (let k = 0; k < post.length && k < max; k++) { const expansion = pre + "{" + m.body + "}" + post[k]; expansions.push(expansion); } @@ -113681,7 +113684,7 @@ var require_commonjs19 = __commonJS({ if (!isSequence && !isOptions) { if (m.post.match(/,(?!,).*\}/)) { str2 = m.pre + "{" + m.body + escClose + m.post; - return expand_(str2); + return expand_(str2, max, true); } return [str2]; } @@ -113691,7 +113694,7 @@ var require_commonjs19 = __commonJS({ } else { n = parseCommaParts(m.body); if (n.length === 1 && n[0] !== void 0) { - n = expand_(n[0], false).map(embrace); + n = expand_(n[0], max, false).map(embrace); if (n.length === 1) { return post.map((p) => m.pre + n[0] + p); } @@ -113737,11 +113740,11 @@ var require_commonjs19 = __commonJS({ } else { N = []; for (let j = 0; j < n.length; j++) { - N.push.apply(N, expand_(n[j], false)); + N.push.apply(N, expand_(n[j], max, false)); } } for (let j = 0; j < N.length; j++) { - for (let k = 0; k < post.length; k++) { + for (let k = 0; k < post.length && expansions.length < max; k++) { const expansion = pre + N[j] + post[k]; if (!isTop || isSequence || expansion) { expansions.push(expansion); diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 2ecbe03483..9eb7356679 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -105876,6 +105876,7 @@ var require_commonjs19 = __commonJS({ "node_modules/@isaacs/brace-expansion/dist/commonjs/index.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.EXPANSION_MAX = void 0; exports2.expand = expand2; var balanced_match_1 = require_commonjs18(); var escSlash = "\0SLASH" + Math.random() + "\0"; @@ -105893,6 +105894,7 @@ var require_commonjs19 = __commonJS({ var closePattern = /\\}/g; var commaPattern = /\\,/g; var periodPattern = /\\./g; + exports2.EXPANSION_MAX = 1e5; function numeric(str2) { return !isNaN(str2) ? parseInt(str2, 10) : str2.charCodeAt(0); } @@ -105923,14 +105925,15 @@ var require_commonjs19 = __commonJS({ parts.push.apply(parts, p); return parts; } - function expand2(str2) { + function expand2(str2, options = {}) { if (!str2) { return []; } + const { max = exports2.EXPANSION_MAX } = options; if (str2.slice(0, 2) === "{}") { str2 = "\\{\\}" + str2.slice(2); } - return expand_(escapeBraces(str2), true).map(unescapeBraces); + return expand_(escapeBraces(str2), max, true).map(unescapeBraces); } function embrace(str2) { return "{" + str2 + "}"; @@ -105944,15 +105947,15 @@ var require_commonjs19 = __commonJS({ function gte6(i, y) { return i >= y; } - function expand_(str2, isTop) { + function expand_(str2, max, isTop) { const expansions = []; const m = (0, balanced_match_1.balanced)("{", "}", str2); if (!m) return [str2]; const pre = m.pre; - const post = m.post.length ? expand_(m.post, false) : [""]; + const post = m.post.length ? expand_(m.post, max, false) : [""]; if (/\$$/.test(m.pre)) { - for (let k = 0; k < post.length; k++) { + for (let k = 0; k < post.length && k < max; k++) { const expansion = pre + "{" + m.body + "}" + post[k]; expansions.push(expansion); } @@ -105964,7 +105967,7 @@ var require_commonjs19 = __commonJS({ if (!isSequence && !isOptions) { if (m.post.match(/,(?!,).*\}/)) { str2 = m.pre + "{" + m.body + escClose + m.post; - return expand_(str2); + return expand_(str2, max, true); } return [str2]; } @@ -105974,7 +105977,7 @@ var require_commonjs19 = __commonJS({ } else { n = parseCommaParts(m.body); if (n.length === 1 && n[0] !== void 0) { - n = expand_(n[0], false).map(embrace); + n = expand_(n[0], max, false).map(embrace); if (n.length === 1) { return post.map((p) => m.pre + n[0] + p); } @@ -106020,11 +106023,11 @@ var require_commonjs19 = __commonJS({ } else { N = []; for (let j = 0; j < n.length; j++) { - N.push.apply(N, expand_(n[j], false)); + N.push.apply(N, expand_(n[j], max, false)); } } for (let j = 0; j < N.length; j++) { - for (let k = 0; k < post.length; k++) { + for (let k = 0; k < post.length && expansions.length < max; k++) { const expansion = pre + N[j] + post[k]; if (!isTop || isSequence || expansion) { expansions.push(expansion); diff --git a/package-lock.json b/package-lock.json index 4b139002c0..8981e8aefc 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1500,9 +1500,9 @@ } }, "node_modules/@isaacs/brace-expansion": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.0.tgz", - "integrity": "sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.1.tgz", + "integrity": "sha512-WMz71T1JS624nWj2n2fnYAuPovhv7EUhk69R6i9dsVyzxt5eM3bjwvgk9L+APE1TRscGysAVMANkB0jh0LQZrQ==", "license": "MIT", "dependencies": { "@isaacs/balanced-match": "^4.0.1"