azure-pipelines-tasks-artifacts-common - npm Package Compare versions

Comparing version 2.241.1 to 2.242.0

package.json

 {
     "name": "azure-pipelines-tasks-artifacts-common",
-    "version": "2.241.1",
+    "version": "2.242.0",
     "description": "Azure Artifacts common code (for new authentication tasks)",
@@ -18,3 +18,3 @@ "scripts": {
         "@types/node": "^16.11.39",
-        "azure-devops-node-api": "12.0.0",
+        "azure-devops-node-api": "14.0.1",
         "azure-pipelines-task-lib": "^4.13.0",
@@ -21,0 +21,0 @@ "fs-extra": "8.1.0",

webapi.d.ts

@@ -6,2 +6,1 @@ import * as api from 'azure-devops-node-api';
 export declare function getSystemAccessToken(): string;
-export declare function getFederatedToken(connectedServiceName: string): Promise<string>;

webapi.js

 "use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getFederatedToken = exports.getSystemAccessToken = exports.getWebApiWithProxy = void 0;
-const Q = require("q");
+exports.getSystemAccessToken = exports.getWebApiWithProxy = void 0;
 const path = require("path");
 const api = require("azure-devops-node-api");
-const azure_devops_node_api_1 = require("azure-devops-node-api");
 const tl = require("azure-pipelines-task-lib/task");
@@ -43,46 +32,1 @@ tl.setResourcePath(path.join(__dirname, 'module.json'), true);
 exports.getSystemAccessToken = getSystemAccessToken;
-function getFederatedToken(connectedServiceName) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const projectId = tl.getVariable("System.TeamProjectId");
-        const hub = tl.getVariable("System.HostType");
-        const planId = tl.getVariable('System.PlanId');
-        const jobId = tl.getVariable('System.JobId');
-        let uri = tl.getVariable("System.CollectionUri");
-        if (!uri) {
-            uri = tl.getVariable("System.TeamFoundationServerUri");
-        }
-        const token = getSystemAccessToken();
-        const authHandler = azure_devops_node_api_1.getHandlerFromToken(token);
-        const connection = new azure_devops_node_api_1.WebApi(uri, authHandler);
-        const oidc_token = yield initOIDCToken(connection, projectId, hub, planId, jobId, connectedServiceName, 0, 2000);
-        tl.setSecret(oidc_token);
-        return oidc_token;
-    });
-}
-exports.getFederatedToken = getFederatedToken;
-function initOIDCToken(connection, projectId, hub, planId, jobId, serviceConnectionId, retryCount, timeToWait) {
-    var deferred = Q.defer();
-    connection.getTaskApi().then((taskApi) => {
-        taskApi.createOidcToken({}, projectId, hub, planId, jobId, serviceConnectionId).then((response) => {
-            if (response != null) {
-                tl.debug('Got OIDC token');
-                deferred.resolve(response.oidcToken);
-            }
-            else if (response.oidcToken == null) {
-                if (retryCount < 3) {
-                    let waitedTime = timeToWait;
-                    retryCount += 1;
-                    setTimeout(() => {
-                        deferred.resolve(initOIDCToken(connection, projectId, hub, planId, jobId, serviceConnectionId, retryCount, waitedTime));
-                    }, waitedTime);
-                }
-                else {
-                    deferred.reject(tl.loc('CouldNotFetchAccessTokenforAAD'));
-                }
-            }
-        }, (error) => {
-            deferred.reject(tl.loc('CouldNotFetchAccessTokenforAAD') + " " + error);
-        });
-    });
-    return deferred.promise;
-}

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

1

decreased by-50%

Worsened metrics

Total package byte prevSize

103597

decreased by-7.28%

Number of package files

40

decreased by-4.76%

Lines of code

1392

decreased by-9.14%

Dependency changes

• + Addedazure-devops-node-api@14.0.1(transitive)

• + Addeddes.js@1.1.0(transitive)

• + Addedjs-md4@0.3.2(transitive)

• + Addedminimalistic-assert@1.0.1(transitive)

• + Addedtyped-rest-client@2.1.0(transitive)

• - Removedazure-devops-node-api@12.0.0(transitive)

• - Removedtyped-rest-client@1.8.11(transitive)

• Updatedazure-devops-node-api@14.0.1