@@ -56,41 +56,43 @@ test("scanArtifactsForTokens handles files without tokens", async (t) => {
5656}
5757} ) ;
5858
59- test ( "scanArtifactsForTokens finds token in debug artifacts" , async ( t ) => {
60- t . timeout ( os . platform ( ) === "win32" ?30000 :10000 ) ; // 30 seconds on Windows, 10 seconds on other platforms
61- const messages :LoggedMessage [ ] = [ ] ;
62- const logger = getRecordingLogger ( messages , { logToConsole :false } ) ;
63- // The zip here is a regression test based on
64- // https://github.com/github/codeql-action/security/advisories/GHSA-vqf5-2xx6-9wfm
65- const testZip = path . join (
66- __dirname ,
67- ".." ,
68- "src" ,
69- "testdata" ,
70- "debug-artifacts-with-fake-token.zip" ,
71- ) ;
59+ if ( os . platform ( ) !== "win32" ) {
60+ test ( "scanArtifactsForTokens finds token in debug artifacts" , async ( t ) => {
61+ t . timeout ( 15000 ) ; // 15 seconds
62+ const messages :LoggedMessage [ ] = [ ] ;
63+ const logger = getRecordingLogger ( messages , { logToConsole :false } ) ;
64+ // The zip here is a regression test based on
65+ // https://github.com/github/codeql-action/security/advisories/GHSA-vqf5-2xx6-9wfm
66+ const testZip = path . join (
67+ __dirname ,
68+ ".." ,
69+ "src" ,
70+ "testdata" ,
71+ "debug-artifacts-with-fake-token.zip" ,
72+ ) ;
7273
73- // This zip file contains a nested structure with a fake token in:
74- // my-db-java-partial.zip/trap/java/invocations/kotlin.9017231652989744319.trap
75- const error = await t . throwsAsync (
76- async ( ) => await scanArtifactsForTokens ( [ testZip ] , logger ) ,
77- ) ;
74+ // This zip file contains a nested structure with a fake token in:
75+ // my-db-java-partial.zip/trap/java/invocations/kotlin.9017231652989744319.trap
76+ const error = await t . throwsAsync (
77+ async ( ) => await scanArtifactsForTokens ( [ testZip ] , logger ) ,
78+ ) ;
7879
79- t . regex (
80- error ?. message || "" ,
81- / F o u n d .* p o t e n t i a l G i t H u b t o k e n / ,
82- "Should detect token in nested zip" ,
83- ) ;
84- t . regex (
85- error ?. message || "" ,
86- / k o t l i n \. 9 0 1 7 2 3 1 6 5 2 9 8 9 7 4 4 3 1 9 \. t r a p / ,
87- "Should report the .trap file containing the token" ,
88- ) ;
80+ t . regex (
81+ error ?. message || "" ,
82+ / F o u n d .* p o t e n t i a l G i t H u b t o k e n / ,
83+ "Should detect token in nested zip" ,
84+ ) ;
85+ t . regex (
86+ error ?. message || "" ,
87+ / k o t l i n \. 9 0 1 7 2 3 1 6 5 2 9 8 9 7 4 4 3 1 9 \. t r a p / ,
88+ "Should report the .trap file containing the token" ,
89+ ) ;
8990
90- const logOutput = messages . map ( ( msg ) => msg . message ) . join ( "\n" ) ;
91- t . regex (
92- logOutput ,
93- / ^ E x t r a c t i n g g z f i l e : * \. g z $ / m,
94- "Logs should show that .gz files were extracted" ,
95- ) ;
96- } ) ;
91+ const logOutput = messages . map ( ( msg ) => msg . message ) . join ( "\n" ) ;
92+ t . regex (
93+ logOutput ,
94+ / ^ E x t r a c t i n g g z f i l e : * \. g z $ / m,
95+ "Logs should show that .gz files were extracted" ,
96+ ) ;
97+ } ) ;
98+ }