Skip to content

Fix code scanning alert no. 7: Incomplete string escaping or encoding #1136

Fix code scanning alert no. 7: Incomplete string escaping or encoding

Fix code scanning alert no. 7: Incomplete string escaping or encoding #1136

name: Test and Release
# Run this job on all pushes and pull requests
# as well as tags with a semantic version
on:
push:
branches:
- "*"
tags:
# normal versions
- "v[0-9]+.[0-9]+.[0-9]+"
# pre-releases
- "v[0-9]+.[0-9]+.[0-9]+-**"
pull_request: {}
jobs:
# Performs quick checks before the expensive test runs
check-and-lint:
if: contains(github.event.head_commit.message, '[skip ci]') == false
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [18.x]
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- name: Install Dependencies
run: npm ci
- name: Lint source code
run: npm run lint
- name: Test package files
run: npm run test:package
# Runs adapter tests on all supported node versions and OSes
adapter-tests:
if: contains(github.event.head_commit.message, '[skip ci]') == false
needs: [check-and-lint]
runs-on: ${{ matrix.os }}
strategy:
matrix:
node-version: [18.x, 20.x, 22.x]
os: [ubuntu-latest, windows-latest, macos-latest]
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- name: Install Dependencies
run: npm ci
- name: Run unit tests
run: npm run test:unit
- name: Run integration tests (unix only)
if: startsWith(runner.OS, 'windows') == false
run: DEBUG=testing:* npm run test:integration
- name: Run integration tests (windows only)
if: startsWith(runner.OS, 'windows')
run: set DEBUG=testing:* & npm run test:integration
# Deploys the final package to NPM
deploy:
needs: [adapter-tests]
# Trigger this step only when a commit on any branch is tagged with a version number
if: |
contains(github.event.head_commit.message, '[skip ci]') == false &&
github.event_name == 'push' &&
startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [14.x]
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- name: Extract the version and commit body from the tag
id: extract_release
# The body may be multiline, therefore newlines and % need to be escaped
run: |
VERSION="${{ github.ref }}"
VERSION=${VERSION##*/v}
echo "::set-output name=VERSION::$VERSION"
BODY=$(git show -s --format=%b)
BODY="${BODY//'%'/'%25'}"
BODY="${BODY//$'\n'/'%0A'}"
BODY="${BODY//$'\r'/'%0D'}"
echo "::set-output name=BODY::$BODY"
- name: Publish package to npm
run: |
npm config set //registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}
npm whoami
npm publish
- name: Create Github Release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.AUTOMERGER }}
with:
tag_name: ${{ github.ref }}
release_name: Release v${{ steps.extract_release.outputs.VERSION }}
draft: false
# Prerelease versions create prereleases on Github
prerelease: ${{ contains(steps.extract_release.outputs.VERSION, '-') }}
body: ${{ steps.extract_release.outputs.BODY }}
- name: Notify Sentry.io about the release
run: |
npm i -g @sentry/cli
export SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}
export SENTRY_URL=https://sentry.iobroker.net
export SENTRY_ORG=iobroker
export SENTRY_PROJECT=iobroker-wled
export SENTRY_VERSION=iobroker.wled@${{ steps.extract_release.outputs.VERSION }}
sentry-cli releases new $SENTRY_VERSION
sentry-cli releases finalize $SENTRY_VERSION
# Add the following line BEFORE finalize if repositories are connected in Sentry
# sentry-cli releases set-commits $SENTRY_VERSION --auto
# Add the following line BEFORE finalize if sourcemap uploads are needed
# sentry-cli releases files $SENTRY_VERSION upload-sourcemaps build/