diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 4620a731..10ea2a69 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -6,6 +6,9 @@ updates: interval: daily commit-message: prefix: '' + ignore: + # https://github.com/taiki-e/install-action/pull/831#issuecomment-2650284580 + - dependency-name: ureq labels: [] - package-ecosystem: github-actions directory: / diff --git a/tools/codegen/Cargo.toml b/tools/codegen/Cargo.toml index efe46584..f5e57e00 100644 --- a/tools/codegen/Cargo.toml +++ b/tools/codegen/Cargo.toml @@ -18,7 +18,7 @@ spdx = "0.10" tar = "0.4" toml_edit = { version = "0.22", default-features = false, features = ["parse", "serde"] } # TODO: call curl command instead of using ureq? -ureq = { version = "3", features = ["json"] } +ureq = { version = "2", features = ["json"] } [lints] workspace = true diff --git a/tools/codegen/src/main.rs b/tools/codegen/src/main.rs index 1d101b1e..c8c998b7 100644 --- a/tools/codegen/src/main.rs +++ b/tools/codegen/src/main.rs @@ -19,7 +19,6 @@ use install_action_internal_codegen::{ }; use sha2::{Digest as _, Sha256}; use spdx::expression::{ExprNode, ExpressionReq, Operator}; -use ureq::http::header; fn main() -> Result<()> { let args: Vec<_> = env::args().skip(1).collect(); @@ -53,7 +52,7 @@ fn main() -> Result<()> { eprintln!("downloading metadata from https://api.github.com/repos/{repo}"); let repo_info: github::RepoMetadata = - download(&format!("https://api.github.com/repos/{repo}"))?.body_mut().read_json()?; + download(&format!("https://api.github.com/repos/{repo}"))?.into_json()?; eprintln!("downloading releases from https://api.github.com/repos/{repo}/releases"); let mut releases: github::Releases = vec![]; @@ -64,8 +63,7 @@ fn main() -> Result<()> { let mut r: github::Releases = download(&format!( "https://api.github.com/repos/{repo}/releases?per_page={per_page}&page={page}" ))? - .body_mut() - .read_json()?; + .into_json()?; // If version_req is latest, it is usually sufficient to look at the latest 100 releases. if r.len() < per_page || version_req.is_some_and(|req| req == "latest") { releases.append(&mut r); @@ -100,13 +98,11 @@ fn main() -> Result<()> { if let Some(crate_name) = &base_info.rust_crate { eprintln!("downloading crate info from https://crates.io/api/v1/crates/{crate_name}"); let info = download(&format!("https://crates.io/api/v1/crates/{crate_name}"))? - .body_mut() - .read_json::()?; + .into_json::()?; let latest_version = &info.versions[0].num; crates_io_version_detail = Some( download(&format!("https://crates.io/api/v1/crates/{crate_name}/{latest_version}"))? - .body_mut() - .read_json::()? + .into_json::()? .version, ); @@ -296,13 +292,8 @@ fn main() -> Result<()> { Path::new(&url).file_name().unwrap().to_str().unwrap() )); let response = download(&url)?; - let etag = response - .headers() - .get("etag") - .expect("binary should have an etag") - .to_str() - .unwrap() - .replace('\"', ""); + let etag = + response.header("etag").expect("binary should have an etag").replace('\"', ""); if let Some(ManifestRef::Real(ref manifest)) = existing_manifest { if let Some(entry) = manifest.download_info.get(&platform) { @@ -321,7 +312,7 @@ fn main() -> Result<()> { eprintln!("already downloaded"); fs::File::open(download_cache)?.read_to_end(&mut buf)?; // Not buffered because it is read at once. } else { - response.into_body().into_reader().read_to_end(&mut buf)?; + response.into_reader().read_to_end(&mut buf)?; eprintln!("download complete"); fs::write(download_cache, &buf)?; } @@ -344,7 +335,7 @@ fn main() -> Result<()> { eprintln!("already downloaded"); minisign_verify::Signature::from_file(sig_download_cache)? } else { - let buf = download(&url)?.body_mut().read_to_string()?; + let buf = download(&url)?.into_string()?; eprintln!("download complete"); fs::write(sig_download_cache, &buf)?; minisign_verify::Signature::decode(&buf)? @@ -362,7 +353,7 @@ fn main() -> Result<()> { if crate_download_cache.is_file() { eprintln!("already downloaded"); } else { - download(&url)?.into_body().into_reader().read_to_end(&mut buf2)?; + download(&url)?.into_reader().read_to_end(&mut buf2)?; let hash = Sha256::digest(&buf2); if format!("{hash:x}") != v.checksum { bail!("checksum mismatch for {url}"); @@ -699,7 +690,7 @@ static GITHUB_TOKENS: LazyLock = LazyLock::new(|| { } }); -fn download(url: &str) -> Result> { +fn download(url: &str) -> Result { let mut token = GITHUB_TOKENS.get(url); let mut retry = 0; let mut retry_time = 0; @@ -711,7 +702,7 @@ fn download(url: &str) -> Result> { loop { let mut req = ureq::get(url); if let Some(token) = &token { - req = req.header(header::AUTHORIZATION, &format!("Bearer {token}")); + req = req.set("Authorization", &format!("Bearer {token}")); } match req.call() { Ok(res) => return Ok(res), @@ -747,12 +738,12 @@ fn github_head(url: &str) -> Result<()> { loop { let mut req = ureq::head(url); if let Some(token) = &token { - req = req.header(header::AUTHORIZATION, &format!("Bearer {token}")); + req = req.set("Authorization", &format!("Bearer {token}")); } match req.call() { Ok(_) => return Ok(()), // rate limit - Err(e @ ureq::Error::StatusCode(403)) => last_error = Some(e), + Err(e @ ureq::Error::Status(403, _)) => last_error = Some(e), Err(e) => return Err(e.into()), } retry_time += 1;