From 6b62f98d3c38c7b90c9b9e2fc8aec3ca41e0f3d9 Mon Sep 17 00:00:00 2001 From: Markus Staab Date: Tue, 2 Nov 2021 11:43:34 +0100 Subject: [PATCH] GithubActionError: escape more special chars (#10243) --- src/Composer/Console/GithubActionError.php | 33 ++++++++++++++++++++-- 1 file changed, 30 insertions(+), 3 deletions(-) diff --git a/src/Composer/Console/GithubActionError.php b/src/Composer/Console/GithubActionError.php index c9e34717c..ef33ae003 100644 --- a/src/Composer/Console/GithubActionError.php +++ b/src/Composer/Console/GithubActionError.php @@ -36,9 +36,8 @@ final class GithubActionError public function emit($message, $file = null, $line = null) { if (getenv('GITHUB_ACTIONS') && !getenv('COMPOSER_TESTS_ARE_RUNNING')) { - // newlines need to be encoded - // see https://github.com/actions/starter-workflows/issues/68#issuecomment-581479448 - $message = str_replace("\n", '%0A', $message); + $message = $this->escapeData($message); + $file = $this->escapeProperty($file); if ($file && $line) { $this->io->write("::error file=". $file .",line=". $line ."::". $message); @@ -49,4 +48,32 @@ final class GithubActionError } } } + + /** + * @param string $data + * @return string + */ + private function escapeData($data) { + // see https://github.com/actions/toolkit/blob/4f7fb6513a355689f69f0849edeb369a4dc81729/packages/core/src/command.ts#L80-L85 + $data = str_replace("%", '%25', $data); + $data = str_replace("\r", '%0D', $data); + $data = str_replace("\n", '%0A', $data); + + return $data; + } + + /** + * @param string $property + * @return string + */ + private function escapeProperty($property) { + // see https://github.com/actions/toolkit/blob/4f7fb6513a355689f69f0849edeb369a4dc81729/packages/core/src/command.ts#L87-L94 + $property = str_replace("%", '%25', $property); + $property = str_replace("\r", '%0D', $property); + $property = str_replace("\n", '%0A', $property); + $property = str_replace(":", '%3A', $property); + $property = str_replace(",", '%2C', $property); + + return $property; + } }