Update Node.js version and fix header removal in redirect

sredevopsorg · Mar 15, 2024 · 9b66d97 · 9b66d97
1 parent b9dd2bf
commit 9b66d97
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 7 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -9,11 +9,11 @@ on:
 jobs:
   lint:
     runs-on: ubuntu-latest
-    if: github.event_name == 'push' || (github.event_name == 'pull_request' && !startsWith(github.head_ref, 'renovate/'))
+    if: github.event_name == 'push' || (github.event_name == 'pull_request' && !startsWith(github.head_ref, 'renovate/')) || github.event_name == 'workflow_dispatch'
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version: 20
       - run: yarn
       - run: yarn lint
diff --git a/action.yml b/action.yml
@@ -23,5 +23,5 @@ inputs:
     description: 'A custom directory to zip when a theme is in a subdirectory'
     required: false
 runs:
-  using: 'node16'
+  using: 'node20'
   main: 'dist/index.js'
diff --git a/dist/index.js b/dist/index.js
@@ -5966,7 +5966,7 @@ RedirectableRequest.prototype._processResponse = function (response) {
      redirectUrl.protocol !== "https:" ||
      redirectUrl.host !== currentHost &&
      !isSubdomain(redirectUrl.host, currentHost)) {
-    removeMatchingHeaders(/^(?:authorization|cookie)$/i, this._options.headers);
+    removeMatchingHeaders(/^(?:(?:proxy-)?authorization|cookie)$/i, this._options.headers);
   }
 
   // Evaluate the beforeRedirect callback
@@ -25559,6 +25559,9 @@ function httpRedirectFetch (fetchParams, response) {
     // https://fetch.spec.whatwg.org/#cors-non-wildcard-request-header-name
     request.headersList.delete('authorization')
 
+    // https://fetch.spec.whatwg.org/#authentication-entries
+    request.headersList.delete('proxy-authorization', true)
+
     // "Cookie" and "Host" are forbidden request-headers, which undici doesn't implement.
     request.headersList.delete('cookie')
     request.headersList.delete('host')

diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "action-deploy-theme-fork",
-  "version": "1.6.6",
-  "repository": "[email protected]:sredevopsdev/action-deploy-theme.git",
+  "version": "1.7.0",
+  "repository": "[email protected]:sredevopsorg/action-deploy-theme.git",
   "author": "Ghost Foundation",
   "license": "MIT",
   "main": "index.js",