From 9b66d97a33c362e81a8ecd5b70eac106a533a9a2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicol=C3=A1s=20Georger?= <info@sredevops.cl>
Date: Fri, 15 Mar 2024 17:24:17 -0300
Subject: [PATCH] Update Node.js version and fix header removal in redirect

---
 .github/workflows/test.yml | 6 +++---
 action.yml                 | 2 +-
 dist/index.js              | 5 ++++-
 package.json               | 4 ++--
 4 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index af0df95..b7cc7f8 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -9,11 +9,11 @@ on:
 jobs:
   lint:
     runs-on: ubuntu-latest
-    if: github.event_name == 'push' || (github.event_name == 'pull_request' && !startsWith(github.head_ref, 'renovate/'))
+    if: github.event_name == 'push' || (github.event_name == 'pull_request' && !startsWith(github.head_ref, 'renovate/')) || github.event_name == 'workflow_dispatch'
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version: 20
       - run: yarn
       - run: yarn lint
diff --git a/action.yml b/action.yml
index 4ad8e1f..0e54ef3 100644
--- a/action.yml
+++ b/action.yml
@@ -23,5 +23,5 @@ inputs:
     description: 'A custom directory to zip when a theme is in a subdirectory'
     required: false
 runs:
-  using: 'node16'
+  using: 'node20'
   main: 'dist/index.js'
diff --git a/dist/index.js b/dist/index.js
index 95ae851..8285f0b 100644
--- a/dist/index.js
+++ b/dist/index.js
@@ -5966,7 +5966,7 @@ RedirectableRequest.prototype._processResponse = function (response) {
      redirectUrl.protocol !== "https:" ||
      redirectUrl.host !== currentHost &&
      !isSubdomain(redirectUrl.host, currentHost)) {
-    removeMatchingHeaders(/^(?:authorization|cookie)$/i, this._options.headers);
+    removeMatchingHeaders(/^(?:(?:proxy-)?authorization|cookie)$/i, this._options.headers);
   }
 
   // Evaluate the beforeRedirect callback
@@ -25559,6 +25559,9 @@ function httpRedirectFetch (fetchParams, response) {
     // https://fetch.spec.whatwg.org/#cors-non-wildcard-request-header-name
     request.headersList.delete('authorization')
 
+    // https://fetch.spec.whatwg.org/#authentication-entries
+    request.headersList.delete('proxy-authorization', true)
+
     // "Cookie" and "Host" are forbidden request-headers, which undici doesn't implement.
     request.headersList.delete('cookie')
     request.headersList.delete('host')
diff --git a/package.json b/package.json
index d1e807c..868866d 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "action-deploy-theme-fork",
-  "version": "1.6.6",
-  "repository": "git@github.com:sredevopsdev/action-deploy-theme.git",
+  "version": "1.7.0",
+  "repository": "git@github.com:sredevopsorg/action-deploy-theme.git",
   "author": "Ghost Foundation",
   "license": "MIT",
   "main": "index.js",