Patch @azure/logger to address CodeQL violations

Bumps [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js), [@azure/ms-rest-js](https://github.com/Azure/ms-rest-js) and [@azure/core-http](https://github.com/Azure/azure-sdk-for-js). These dependencies needed to be updated together.

Updates `xml2js` from 0.4.23 to 0.5.0
- [Release notes](https://github.com/Leonidas-from-XIV/node-xml2js/releases)
- [Commits](https://github.com/Leonidas-from-XIV/node-xml2js/commits/0.5.0)

Updates `@azure/ms-rest-js` from 2.6.4 to 2.6.6
- [Release notes](https://github.com/Azure/ms-rest-js/releases)
- [Changelog](https://github.com/Azure/ms-rest-js/blob/master/Changelog.md)
- [Commits](https://github.com/Azure/ms-rest-js/commits)

Updates `@azure/core-http` from 3.0.0 to 3.0.1
- [Release notes](https://github.com/Azure/azure-sdk-for-js/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-js/blob/main/documentation/Changelog-for-next-generation.md)
- [Commits](https://github.com/Azure/azure-sdk-for-js/compare/@azure/core-http_3.0.0...@azure/core-http_3.0.1)

---
updated-dependencies:
- dependency-name: xml2js
  dependency-type: indirect
- dependency-name: "@azure/ms-rest-js"
  dependency-type: indirect
- dependency-name: "@azure/core-http"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/dependabot.yml

@@ -6,11 +6,14 @@ registries:
     username: dummy # Required by dependabot
     password: dummy # Required by dependabot
 updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
   - package-ecosystem: "npm"
     directory: "/"
     schedule:
       interval: "weekly"
-    open-pull-requests-limit: 10
     ignore:
       - dependency-name: "@types/node"
   - package-ecosystem: "gradle"

.github/workflow-samples/gradle-plugin/gradle/wrapper/gradle-wrapper.properties

@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=1b6b558be93f29438d3df94b7dfee02e794b94d9aca4611a92cdb79b6b88e909
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.0.1-bin.zip
+distributionSha256Sum=ff7bf6a86f09b9b2c40bb8f48b25fc19cf2b2664fd1d220cd7ab833ec758d0d7
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.0.2-bin.zip
 networkTimeout=10000
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

.github/workflow-samples/groovy-dsl/gradle/wrapper/gradle-wrapper.properties

@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=1b6b558be93f29438d3df94b7dfee02e794b94d9aca4611a92cdb79b6b88e909
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.0.1-bin.zip
+distributionSha256Sum=ff7bf6a86f09b9b2c40bb8f48b25fc19cf2b2664fd1d220cd7ab833ec758d0d7
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.0.2-bin.zip
 networkTimeout=10000
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

.github/workflow-samples/groovy-dsl/settings.gradle

@@ -1,6 +1,6 @@
 plugins {
-    id "com.gradle.enterprise" version "3.12.3"
-    id "com.gradle.common-custom-user-data-gradle-plugin" version "1.8.2"
+    id "com.gradle.enterprise" version "3.12.6"
+    id "com.gradle.common-custom-user-data-gradle-plugin" version "1.10"
 }
 
 gradleEnterprise {

.github/workflow-samples/java-toolchain/gradle/wrapper/gradle-wrapper.properties

@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=1b6b558be93f29438d3df94b7dfee02e794b94d9aca4611a92cdb79b6b88e909
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.0.1-bin.zip
+distributionSha256Sum=ff7bf6a86f09b9b2c40bb8f48b25fc19cf2b2664fd1d220cd7ab833ec758d0d7
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.0.2-bin.zip
 networkTimeout=10000
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

.github/workflow-samples/kotlin-dsl/gradle/wrapper/gradle-wrapper.properties

@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=1b6b558be93f29438d3df94b7dfee02e794b94d9aca4611a92cdb79b6b88e909
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.0.1-bin.zip
+distributionSha256Sum=ff7bf6a86f09b9b2c40bb8f48b25fc19cf2b2664fd1d220cd7ab833ec758d0d7
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.0.2-bin.zip
 networkTimeout=10000
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

.github/workflow-samples/kotlin-dsl/settings.gradle.kts

@@ -1,6 +1,6 @@
 plugins {
-    id("com.gradle.enterprise") version "3.12.3"
-    id("com.gradle.common-custom-user-data-gradle-plugin") version "1.8.2"
+    id("com.gradle.enterprise") version "3.12.6"
+    id("com.gradle.common-custom-user-data-gradle-plugin") version "1.10"
 }
 
 gradleEnterprise {

.github/workflow-samples/no-wrapper-gradle-5/build.gradle

@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.build-scan" version "3.12.3" 
+    id "com.gradle.build-scan" version "3.12.6" 
 }
 
 gradleEnterprise {

.github/workflow-samples/no-wrapper/settings.gradle

@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.enterprise" version "3.12.3"
+    id "com.gradle.enterprise" version "3.12.6"
 }
 
 gradleEnterprise {

.github/workflows/ci-dependency-review.yml

@@ -17,4 +17,4 @@ jobs:
       - name: 'Checkout Repository'
         uses: actions/checkout@v3
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v2
+        uses: actions/dependency-review-action@v3

.github/workflows/ci-quick-check.yml

@@ -22,7 +22,7 @@ jobs:
     - name: Configure Gradle as default for unit test
       uses: ./
       with:
-        gradle-version: 7.6
+        gradle-version: 7.6.1
     - name: Run tests
       run: |
         npm install

.tool-versions

@@ -1,2 +1,3 @@
 # Configuration file for asdf version manager
-nodejs 16.18.1
+nodejs 16.18.1
+gradle 7.6.1

package.json

@@ -26,29 +26,29 @@
   ],
   "license": "MIT",
   "dependencies": {
-    "@actions/cache": "3.1.3",
+    "@actions/cache": "3.2.1",
     "@actions/core": "1.10.0",
     "@actions/exec": "1.1.1",
     "@actions/github": "5.1.1",
     "@actions/glob": "0.4.0",
-    "@actions/http-client": "2.0.1",
+    "@actions/http-client": "2.1.0",
     "@actions/tool-cache": "2.0.1",
     "string-argv": "0.3.1"
   },
   "devDependencies": {
-    "@types/jest": "28.1.7",
     "@types/node": "16.11.21",
+    "@types/jest": "29.5.0",
     "@types/unzipper": "0.10.5",
-    "@typescript-eslint/parser": "5.52.0",
+    "@typescript-eslint/parser": "5.58.0",
     "@vercel/ncc": "0.36.1",
-    "eslint": "8.34.0",
-    "eslint-plugin-github": "4.6.0",
+    "eslint": "8.38.0",
+    "eslint-plugin-github": "4.7.0",
     "eslint-plugin-jest": "27.2.1",
-    "jest": "28.1.3",
+    "jest": "29.5.0",
     "js-yaml": "4.1.0", 
     "patch-package": "6.5.1",
-    "prettier": "2.8.4",
-    "ts-jest": "28.0.8",
-    "typescript": "4.9.5"
+    "prettier": "2.8.7",
+    "ts-jest": "29.1.0",
+    "typescript": "5.0.4"
   }
 }

patches/@actions+cache+3.2.1.patch

@@ -26,23 +26,12 @@ index 4658366..b796e58 100644
 +    constructor(key: string, size?: number);
 +}
 diff --git a/node_modules/@actions/cache/lib/cache.js b/node_modules/@actions/cache/lib/cache.js
-index 0fa9df3..5f0b173 100644
+index 9d636aa..a176bd7 100644
 --- a/node_modules/@actions/cache/lib/cache.js
 +++ b/node_modules/@actions/cache/lib/cache.js
-@@ -97,26 +97,18 @@ function restoreCache(paths, primaryKey, restoreKeys, options, enableCrossOsArch
-             }
-             archivePath = path.join(yield utils.createTempDirectory(), utils.getCacheFileName(compressionMethod));
-             core.debug(`Archive Path: ${archivePath}`);
-+            const restoredEntry = new CacheEntry(cacheEntry.cacheKey);
-             // Download the cache from the cache entry
-             yield cacheHttpClient.downloadCache(cacheEntry.archiveLocation, archivePath, options);
-             if (core.isDebug()) {
-                 yield tar_1.listTar(archivePath, compressionMethod);
-             }
-             const archiveFileSize = utils.getArchiveFileSizeInBytes(archivePath);
-+            restoredEntry.size = archiveFileSize;
+@@ -127,18 +127,21 @@ function restoreCache(paths, primaryKey, restoreKeys, options, enableCrossOsArch
              core.info(`Cache Size: ~${Math.round(archiveFileSize / (1024 * 1024))} MB (${archiveFileSize} B)`);
-             yield tar_1.extractTar(archivePath, compressionMethod);
+             yield (0, tar_1.extractTar)(archivePath, compressionMethod);
              core.info('Cache restored successfully');
 -            return cacheEntry.cacheKey;
 -        }
@@ -55,29 +44,31 @@ index 0fa9df3..5f0b173 100644
 -                // Supress all non-validation cache related errors because caching should be optional
 -                core.warning(`Failed to restore: ${error.message}`);
 -            }
-+            return restoredEntry;
++
++            // PATCHED - Return more inforamtion about restored entry
++            return new CacheEntry(cacheEntry.cacheKey, archiveFileSize);;
          }
++        // PATCHED - propagate errors
++        // catch (error) {
++        //     const typedError = error;
++        //     if (typedError.name === ValidationError.name) {
++        //         throw error;
++        //     }
++        //     else {
++        //         // Supress all non-validation cache related errors because caching should be optional
++        //         core.warning(`Failed to restore: ${error.message}`);
++        //     }
++        // }
          finally {
              // Try to delete the archive to save space
-@@ -156,6 +148,7 @@ function saveCache(paths, key, options, enableCrossOsArchive = false) {
-         const archiveFolder = yield utils.createTempDirectory();
-         const archivePath = path.join(archiveFolder, utils.getCacheFileName(compressionMethod));
-         core.debug(`Archive Path: ${archivePath}`);
-+        const savedEntry = new CacheEntry(key);
-         try {
-             yield tar_1.createTar(archiveFolder, cachePaths, compressionMethod);
-             if (core.isDebug()) {
-@@ -163,6 +156,7 @@ function saveCache(paths, key, options, enableCrossOsArchive = false) {
+             try {
+@@ -206,19 +209,23 @@ function saveCache(paths, key, options, enableCrossOsArchive = false) {
              }
-             const fileSizeLimit = 10 * 1024 * 1024 * 1024; // 10GB per repo limit
-             const archiveFileSize = utils.getArchiveFileSizeInBytes(archivePath);
-+            savedEntry.size = archiveFileSize;
-             core.debug(`File Size: ${archiveFileSize}`);
-             // For GHES, this check will take place in ReserveCache API with enterprise file size limit
-             if (archiveFileSize > fileSizeLimit && !utils.isGhes()) {
-@@ -186,18 +180,6 @@ function saveCache(paths, key, options, enableCrossOsArchive = false) {
              core.debug(`Saving Cache (ID: ${cacheId})`);
              yield cacheHttpClient.saveCache(cacheId, archivePath, options);
++
++            // PATCHED - Return more inforamtion about saved entry
++            return new CacheEntry(key, archiveFileSize);
          }
 -        catch (error) {
 -            const typedError = error;
@@ -91,15 +82,23 @@ index 0fa9df3..5f0b173 100644
 -                core.warning(`Failed to save: ${typedError.message}`);
 -            }
 -        }
++        // PATCHED - propagate errors
++        // catch (error) {
++        //     const typedError = error;
++        //     if (typedError.name === ValidationError.name) {
++        //         throw error;
++        //     }
++        //     else if (typedError.name === ReserveCacheError.name) {
++        //         core.info(`Failed to save: ${typedError.message}`);
++        //     }
++        //     else {
++        //         core.warning(`Failed to save: ${typedError.message}`);
++        //     }
++        // }
          finally {
              // Try to delete the archive to save space
              try {
-@@ -207,8 +189,15 @@ function saveCache(paths, key, options, enableCrossOsArchive = false) {
-                 core.debug(`Failed to delete archive: ${error}`);
-             }
-         }
--        return cacheId;
-+        return savedEntry;
+@@ -232,4 +239,11 @@ function saveCache(paths, key, options, enableCrossOsArchive = false) {
      });
  }
  exports.saveCache = saveCache;

patches/@azure+logger+1.0.4.patch

@@ -1,8 +1,18 @@
-# Patch removes logging of the AZURE_LOG_LEVEL env var value
-# This logging triggers a high severity Warning from CodeQL, which can prevent organizational users from adopting the action.
-
+diff --git a/node_modules/@azure/logger/dist-esm/src/debug.js b/node_modules/@azure/logger/dist-esm/src/debug.js
+index d202779..30e8313 100644
+--- a/node_modules/@azure/logger/dist-esm/src/debug.js
++++ b/node_modules/@azure/logger/dist-esm/src/debug.js
+@@ -7,7 +7,7 @@ let enabledNamespaces = [];
+ let skippedNamespaces = [];
+ const debuggers = [];
+ if (debugEnvVariable) {
+-    enable(debugEnvVariable);
++    // enable(debugEnvVariable);
+ }
+ const debugObj = Object.assign((namespace) => {
+     return createDebugger(namespace);
 diff --git a/node_modules/@azure/logger/dist-esm/src/index.js b/node_modules/@azure/logger/dist-esm/src/index.js
-index 116b59e..cf87f3c 100644
+index cc25720..2925db5 100644
 --- a/node_modules/@azure/logger/dist-esm/src/index.js
 +++ b/node_modules/@azure/logger/dist-esm/src/index.js
 @@ -20,7 +20,7 @@ if (logLevelFromEnv) {
@@ -15,10 +25,19 @@ index 116b59e..cf87f3c 100644
  }
  /**
 diff --git a/node_modules/@azure/logger/dist/index.js b/node_modules/@azure/logger/dist/index.js
-index 327fbdb..4432d73 100644
+index 81e97c3..a415e2f 100644
 --- a/node_modules/@azure/logger/dist/index.js
 +++ b/node_modules/@azure/logger/dist/index.js
-@@ -122,7 +122,7 @@ if (logLevelFromEnv) {
+@@ -21,7 +21,7 @@ let enabledNamespaces = [];
+ let skippedNamespaces = [];
+ const debuggers = [];
+ if (debugEnvVariable) {
+-    enable(debugEnvVariable);
++    // enable(debugEnvVariable);
+ }
+ const debugObj = Object.assign((namespace) => {
+     return createDebugger(namespace);
+@@ -125,7 +125,7 @@ if (logLevelFromEnv) {
          setLogLevel(logLevelFromEnv);
      }
      else {

src/cache-cleaner.ts

@@ -48,7 +48,7 @@ export class CacheCleaner {
     }
 
     private async ageAllFiles(fileName = '*'): Promise<void> {
-        core.debug(`Aging all files in Gradle User Homee with name ${fileName}`)
+        core.debug(`Aging all files in Gradle User Home with name ${fileName}`)
         await this.setUtimes(`${this.gradleUserHome}/**/${fileName}`, new Date(0))
     }
 

test/init-scripts/settings.gradle

@@ -1,6 +1,6 @@
 plugins {
-    id "com.gradle.enterprise" version "3.12.3"
-    id "com.gradle.common-custom-user-data-gradle-plugin" version "1.8.2"
+    id "com.gradle.enterprise" version "3.12.6"
+    id "com.gradle.common-custom-user-data-gradle-plugin" version "1.10"
 }
 
 gradleEnterprise {

test/init-scripts/src/test/groovy/com/gradle/gradlebuildaction/BaseInitScriptTest.groovy

@@ -21,9 +21,9 @@ class BaseInitScriptTest extends Specification {
     static final TestGradleVersion GRADLE_4_X = new TestGradleVersion(GradleVersion.version('4.10.3'), 7, 10)
     static final TestGradleVersion GRADLE_5_X = new TestGradleVersion(GradleVersion.version('5.6.4'), 8, 12)
     static final TestGradleVersion GRADLE_6_NO_BUILD_SERVICE = new TestGradleVersion(GradleVersion.version('6.5.1'), 8, 14)
-    static final TestGradleVersion GRADLE_6_X = new TestGradleVersion(GradleVersion.version('6.9.3'), 8, 15)
-    static final TestGradleVersion GRADLE_7_X = new TestGradleVersion(GradleVersion.version('7.6'), 8, 19)
-    static final TestGradleVersion GRADLE_8_X = new TestGradleVersion(GradleVersion.version('8.0.1'), 8, 19)
+    static final TestGradleVersion GRADLE_6_X = new TestGradleVersion(GradleVersion.version('6.9.4'), 8, 15)
+    static final TestGradleVersion GRADLE_7_X = new TestGradleVersion(GradleVersion.version('7.6.1'), 8, 19)
+    static final TestGradleVersion GRADLE_8_X = new TestGradleVersion(GradleVersion.version('8.0.2'), 8, 19)
 
     static final List<TestGradleVersion> ALL_VERSIONS = [
         GRADLE_3_X, // First version where TestKit supports environment variables
@@ -134,7 +134,7 @@ class BaseInitScriptTest extends Specification {
         } else {
             """
               plugins {
-                id 'com.gradle.enterprise' version '3.12.3'
+                id 'com.gradle.enterprise' version '3.12.6'
               }
               gradleEnterprise {
                 server = '$mockScansServer.address'
@@ -160,7 +160,7 @@ class BaseInitScriptTest extends Specification {
         } else if (gradleVersion < GradleVersion.version('6.0')) {
             """
               plugins {
-                id 'com.gradle.build-scan' version '3.12.3'
+                id 'com.gradle.build-scan' version '3.12.6'
               }
               gradleEnterprise {
                 server = '$mockScansServer.address'

test/jest/cache-cleanup.test.ts

@@ -49,7 +49,7 @@ test('will cleanup unused gradle versions', async () => {
 
     const gradle733 = path.resolve(gradleUserHome, "caches/7.3.3")
     const wrapper733 = path.resolve(gradleUserHome, "wrapper/dists/gradle-7.3.3-bin")
-    const gradleCurrent = path.resolve(gradleUserHome, "caches/7.6")
+    const gradleCurrent = path.resolve(gradleUserHome, "caches/7.6.1")
 
     expect(fs.existsSync(gradle733)).toBe(true)
     expect(fs.existsSync(wrapper733)).toBe(true)