From 6dbfdcd00f190b79f24a7c231137fb5eea52bc95 Mon Sep 17 00:00:00 2001
From: Tarek BOCHKATI <tarek.bouchkati@gmail.com>
Date: Mon, 2 Nov 2020 16:31:27 +0100
Subject: [PATCH] GitHub/WorkFlow: fix for CVE-2020-15228

According the CVE-2020-15228 documented in:
 - https://github.com/advisories/GHSA-mfwh-5m23-j46w
 - https://nvd.nist.gov/vuln/detail/CVE-2020-15228

the `set-env` commands will be disabled in the near future
and should be replaced by:
    echo "FOO=BAR" >> $GITHUB_ENV

idem for `add-path`, should be replaced by:
    echo "/path/to/add" >> $GITHUB_PATH

Change-Id: I725c9ccd861a0d1580ac22491b6d716ec65973d1
Signed-off-by: Tarek BOCHKATI <tarek.bouchkati@gmail.com>
Reviewed-on: http://openocd.zylin.com/5866
Tested-by: jenkins
Reviewed-by: Antonio Borneo <borneo.antonio@gmail.com>
---
 .github/workflows/snapshot.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml
index 123ee66bd..e9a95ffb5 100644
--- a/.github/workflows/snapshot.yml
+++ b/.github/workflows/snapshot.yml
@@ -24,7 +24,7 @@ jobs:
           mkdir -p $DL_DIR && cd $DL_DIR
           wget "https://github.com/libusb/libusb/releases/download/v${LIBUSB1_VER}/libusb-${LIBUSB1_VER}.tar.bz2"
           tar -xjf libusb-${LIBUSB1_VER}.tar.bz2
-          echo "::set-env name=LIBUSB1_SRC::$PWD/libusb-${LIBUSB1_VER}"
+          echo "LIBUSB1_SRC=$PWD/libusb-${LIBUSB1_VER}" >> $GITHUB_ENV
       - name: Prepare hidapi
         env:
           HIDAPI_VER: 0.9.0
@@ -34,7 +34,7 @@ jobs:
           tar -xzf hidapi-${HIDAPI_VER}.tar.gz
           cd hidapi-hidapi-${HIDAPI_VER}
           ./bootstrap
-          echo "::set-env name=HIDAPI_SRC::$PWD"
+          echo "HIDAPI_SRC=$PWD" >> $GITHUB_ENV
       - name: Prepare libftdi
         env:
           LIBFTDI_VER: 1.4
@@ -42,7 +42,7 @@ jobs:
           mkdir -p $DL_DIR && cd $DL_DIR
           wget "http://www.intra2net.com/en/developer/libftdi/download/libftdi1-${LIBFTDI_VER}.tar.bz2"
           tar -xjf libftdi1-${LIBFTDI_VER}.tar.bz2
-          echo "::set-env name=LIBFTDI_SRC::$PWD/libftdi1-${LIBFTDI_VER}"
+          echo "LIBFTDI_SRC=$PWD/libftdi1-${LIBFTDI_VER}" >> $GITHUB_ENV
       - name: Prepare capstone
         env:
           CAPSTONE_VER: 4.0.2
@@ -78,8 +78,8 @@ jobs:
           # prepare the artifact
           ARTIFACT="openocd-${OPENOCD_TAG}-${HOST}.tar.gz"
           tar -czf $ARTIFACT *
-          echo "::set-env name=ARTIFACT_NAME::$ARTIFACT"
-          echo "::set-env name=ARTIFACT_PATH::$PWD/$ARTIFACT"
+          echo "ARTIFACT_NAME=$ARTIFACT" >> $GITHUB_ENV
+          echo "ARTIFACT_PATH=$PWD/$ARTIFACT" >> $GITHUB_ENV
       - name: Publish OpenOCD packaged for windows
         uses: actions/upload-artifact@v1
         with: