Merge pull request #944 from docker/dependabot/npm_and_yarn/flatted-3.4.2

build(deps): bump flatted from 3.3.3 to 3.4.2

.github/workflows/codeql.yml

@@ -5,46 +5,41 @@ on:
     branches:
       - 'master'
       - 'releases/v*'
-    paths:
-      - '.github/workflows/codeql.yml'
-      - 'dist/**'
-      - 'src/**'
   pull_request:
-    paths:
-      - '.github/workflows/codeql.yml'
-      - 'dist/**'
-      - 'src/**'
 
 permissions:
   actions: read
   contents: read
   security-events: write
 
+env:
+  NODE_VERSION: "24"
+
 jobs:
   analyze:
     runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        language:
-          - javascript-typescript
     steps:
       -
         name: Checkout
         uses: actions/checkout@v6
+      -
+        name: Enable corepack
+        run: |
+          corepack enable
+          yarn --version
+      -
+        name: Set up Node
+        uses: actions/setup-node@v6
+        with:
+          node-version: ${{ env.NODE_VERSION }}
       -
         name: Initialize CodeQL
         uses: github/codeql-action/init@v4
         with:
-          languages: ${{ matrix.language }}
+          languages: javascript-typescript
-          config: |
+          build-mode: none
-            paths:
-              - src
-      -
-        name: Autobuild
-        uses: github/codeql-action/autobuild@v4
       -
         name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v4
         with:
-          category: "/language:${{matrix.language}}"
+          category: "/language:javascript-typescript"

.github/workflows/update-dist.yml

@@ -14,7 +14,7 @@ jobs:
       -
         name: GitHub auth token from GitHub App
         id: docker-read-app
-        uses: actions/create-github-app-token@v2
+        uses: actions/create-github-app-token@v3
         with:
           app-id: ${{ secrets.GHACTIONS_REPO_WRITE_APP_ID }}
           private-key: ${{ secrets.GHACTIONS_REPO_WRITE_APP_PRIVATE_KEY }}

__tests__/context.test.ts

@@ -1,6 +1,17 @@
-import {expect, test} from 'vitest';
+import {afterEach, expect, test} from 'vitest';
+import * as path from 'path';
 
-import {getInputs} from '../src/context.js';
+import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx.js';
+
+import {getAuthList, getInputs} from '../src/context.js';
+
+afterEach(() => {
+  for (const key of Object.keys(process.env)) {
+    if (key.startsWith('INPUT_')) {
+      delete process.env[key];
+    }
+  }
+});
 
 test('with password and username getInputs does not throw error', async () => {
   process.env['INPUT_USERNAME'] = 'dbowie';
@@ -10,3 +21,15 @@ test('with password and username getInputs does not throw error', async () => {
     getInputs();
   }).not.toThrow();
 });
+
+test('getAuthList uses the default Docker Hub registry when computing scoped config dir', async () => {
+  process.env['INPUT_USERNAME'] = 'dbowie';
+  process.env['INPUT_PASSWORD'] = 'groundcontrol';
+  process.env['INPUT_SCOPE'] = 'myscope';
+  process.env['INPUT_LOGOUT'] = 'false';
+  const [auth] = getAuthList(getInputs());
+  expect(auth).toMatchObject({
+    registry: 'docker.io',
+    configDir: path.join(Buildx.configDir, 'config', 'registry-1.docker.io', 'myscope')
+  });
+});

__tests__/docker.test.ts

@@ -1,15 +1,10 @@
 import {expect, test, vi} from 'vitest';
-import * as path from 'path';
 
 import {Docker} from '@docker/actions-toolkit/lib/docker/docker.js';
 
 import {loginStandard, logout} from '../src/docker.js';
 
-process.env['RUNNER_TEMP'] = path.join(__dirname, 'runner');
-
 test('loginStandard calls exec', async () => {
-  // eslint-disable-next-line @typescript-eslint/ban-ts-comment
-  // @ts-ignore
   const execSpy = vi.spyOn(Docker, 'getExecOutput').mockImplementation(async () => {
     return {
       exitCode: expect.any(Number),
@@ -38,8 +33,6 @@ test('loginStandard calls exec', async () => {
 });
 
 test('logout calls exec', async () => {
-  // eslint-disable-next-line @typescript-eslint/ban-ts-comment
-  // @ts-ignore
   const execSpy = vi.spyOn(Docker, 'getExecOutput').mockImplementation(async () => {
     return {
       exitCode: expect.any(Number),

src/context.ts

@@ -42,24 +42,26 @@ export function getAuthList(inputs: Inputs): Array<Auth> {
   }
   let auths: Array<Auth> = [];
   if (!inputs.registryAuth) {
+    const registry = inputs.registry || 'docker.io';
     auths.push({
-      registry: inputs.registry || 'docker.io',
+      registry,
       username: inputs.username,
       password: inputs.password,
       scope: inputs.scope,
       ecr: inputs.ecr || 'auto',
-      configDir: scopeToConfigDir(inputs.registry, inputs.scope)
+      configDir: scopeToConfigDir(registry, inputs.scope)
     });
   } else {
     auths = (yaml.load(inputs.registryAuth) as Array<Auth>).map(auth => {
       core.setSecret(auth.password); // redacted in workflow logs
+      const registry = auth.registry || 'docker.io';
       return {
-        registry: auth.registry || 'docker.io',
+        registry,
         username: auth.username,
         password: auth.password,
         scope: auth.scope,
         ecr: auth.ecr || 'auto',
-        configDir: scopeToConfigDir(auth.registry || 'docker.io', auth.scope)
+        configDir: scopeToConfigDir(registry, auth.scope)
       };
     });
   }

yarn.lock

@@ -3639,9 +3639,9 @@ __metadata:
   linkType: hard
 
 "flatted@npm:^3.2.9":
-  version: 3.3.3
+  version: 3.4.2
-  resolution: "flatted@npm:3.3.3"
+  resolution: "flatted@npm:3.4.2"
-  checksum: 10/8c96c02fbeadcf4e8ffd0fa24983241e27698b0781295622591fc13585e2f226609d95e422bcf2ef044146ffacb6b68b1f20871454eddf75ab3caa6ee5f4a1fe
+  checksum: 10/a9e78fe5c2c1fcd98209a015ccee3a6caa953e01729778e83c1fe92e68601a63e1e69cd4e573010ca99eaf585a581b80ccf1018b99283e6cbc2117bcba1e030f
   languageName: node
   linkType: hard