chore(PI-5928): deprecated lab_api_url due to api consolidation

README.md

@@ -11,6 +11,12 @@ The `nowsecure-action` delivers fast, accurate, automated security analysis of i
 - Show alerts inside of GitHub issues
 - And more!
 
+## Configuration
+
+All sub-actions accept an `api_url` input (default: `https://api.nowsecure.com`) that controls the single API endpoint used for all requests — both binary uploads and GraphQL queries.
+
+The `lab_api_url` input is accepted for backward compatibility but is **ignored**. If you have it set in an existing workflow, it can be safely removed.
+
 ## Documentation
 
 To configure the action, see our [documentation](./docs).

convert-sarif/action.yml

@@ -21,8 +21,9 @@ inputs:
     default: "https://api.nowsecure.com"
   lab_api_url:
     required: false
-    description: "NowSecure Lab API endpoint."
+    description: "Deprecated. No longer used; all requests go through api_url."
     default: "https://lab-api.nowsecure.com"
+    deprecationMessage: "lab_api_url is deprecated and ignored. All requests now use api_url."
   lab_url:
     required: false
     description: "NowSecure webserver URL."

create-issues/action.yml

@@ -14,8 +14,9 @@ inputs:
     default: "https://api.nowsecure.com"
   lab_api_url:
     required: false
-    description: "NowSecure Lab API endpoint."
+    description: "Deprecated. No longer used; all requests go through api_url."
     default: "https://lab-api.nowsecure.com"
+    deprecationMessage: "lab_api_url is deprecated and ignored. All requests now use api_url."
   lab_url:
     required: false
     description: "NowSecure webserver URL."

dist/nowsecure-convert-sarif/index.js

@@ -53366,15 +53366,14 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
     if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
     return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
 };
-var _NowSecure_client, _NowSecure_apiUrl, _NowSecure_labApiUrl;
+var _NowSecure_client, _NowSecure_apiUrl;
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.NowSecure = exports.DEFAULT_LAB_UI_URL = exports.DEFAULT_LAB_API_URL = exports.DEFAULT_API_URL = exports.USER_AGENT = void 0;
+exports.NowSecure = exports.DEFAULT_LAB_UI_URL = exports.DEFAULT_API_URL = exports.USER_AGENT = void 0;
 const http = __importStar(__nccwpck_require__(6255));
 const nowsecure_version_1 = __nccwpck_require__(1328);
 const utils_1 = __nccwpck_require__(6252);
 exports.USER_AGENT = `NowSecure GitHub Action/${nowsecure_version_1.version}`;
 exports.DEFAULT_API_URL = "https://api.nowsecure.com";
-exports.DEFAULT_LAB_API_URL = "https://lab-api.nowsecure.com";
 exports.DEFAULT_LAB_UI_URL = "https://app.nowsecure.com";
 /**
  * GraphQL request to check if baseline limit has been reached.
@@ -53482,18 +53481,15 @@ const platformGql = (reportId) => `{
   }
 }`;
 class NowSecure {
-    constructor(platformOrToken, apiUrl = exports.DEFAULT_API_URL, labApiUrl = exports.DEFAULT_LAB_API_URL) {
+    constructor(platformOrToken, apiUrl = exports.DEFAULT_API_URL) {
         _NowSecure_client.set(this, void 0);
         _NowSecure_apiUrl.set(this, void 0);
-        _NowSecure_labApiUrl.set(this, void 0);
         let platformToken;
         if (typeof platformOrToken == "object") {
             platformToken = platformOrToken.token;
             apiUrl = platformOrToken.apiUrl;
-            labApiUrl = platformOrToken.labApiUrl;
         }
         __classPrivateFieldSet(this, _NowSecure_apiUrl, apiUrl, "f");
-        __classPrivateFieldSet(this, _NowSecure_labApiUrl, labApiUrl, "f");
         __classPrivateFieldSet(this, _NowSecure_client, new http.HttpClient(exports.USER_AGENT, undefined, {
             allowRetries: true,
             maxRetries: 3,
@@ -53567,7 +53563,7 @@ class NowSecure {
                         throw new Error(`Unknown analysis type "${analysisType}"`);
                 }
             }
-            const url = `${__classPrivateFieldGet(this, _NowSecure_labApiUrl, "f")}/build/?${params.join("&")}`;
+            const url = `${__classPrivateFieldGet(this, _NowSecure_apiUrl, "f")}/build/?${params.join("&")}`;
             const r = yield __classPrivateFieldGet(this, _NowSecure_client, "f").sendStream("POST", url, stream, {});
             if (r.message.statusCode !== 200) {
                 throw new Error(`Application upload failed with status ${r.message.statusCode}`);
@@ -53596,7 +53592,7 @@ class NowSecure {
     }
 }
 exports.NowSecure = NowSecure;
-_NowSecure_client = new WeakMap(), _NowSecure_apiUrl = new WeakMap(), _NowSecure_labApiUrl = new WeakMap();
+_NowSecure_client = new WeakMap(), _NowSecure_apiUrl = new WeakMap();
 
 
 /***/ }),
@@ -54502,17 +54498,14 @@ class PlatformConfig {
     constructor(
     /** API token */
     token, 
-    /** GraphQL server */
+    /** API endpoint */
     apiUrl = nowsecure_client_1.DEFAULT_API_URL, 
-    /** REST API (uploads) */
-    labApiUrl = nowsecure_client_1.DEFAULT_LAB_API_URL, 
     /** UI address */
     labUrl = nowsecure_client_1.DEFAULT_LAB_UI_URL, 
     /** UI type */
     rainier = true) {
         this.token = token;
         this.apiUrl = apiUrl;
-        this.labApiUrl = labApiUrl;
         this.labUrl = labUrl;
         this.rainier = rainier;
     }
@@ -54549,7 +54542,7 @@ function platformConfig() {
             throw new errors_1.ValueError('lab_type must be either "rainier" or "classic"');
         }
     }
-    return new PlatformConfig(core.getInput("platform_token"), core.getInput("api_url"), core.getInput("lab_api_url"), labUrl, rainier);
+    return new PlatformConfig(core.getInput("platform_token"), core.getInput("api_url"), labUrl, rainier);
 }
 exports.platformConfig = platformConfig;
 function outputToDependencies(report, context, githubCorrelator) {

dist/nowsecure-create-issues/index.js

@@ -61768,15 +61768,14 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
     if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
     return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
 };
-var _NowSecure_client, _NowSecure_apiUrl, _NowSecure_labApiUrl;
+var _NowSecure_client, _NowSecure_apiUrl;
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.NowSecure = exports.DEFAULT_LAB_UI_URL = exports.DEFAULT_LAB_API_URL = exports.DEFAULT_API_URL = exports.USER_AGENT = void 0;
+exports.NowSecure = exports.DEFAULT_LAB_UI_URL = exports.DEFAULT_API_URL = exports.USER_AGENT = void 0;
 const http = __importStar(__nccwpck_require__(6255));
 const nowsecure_version_1 = __nccwpck_require__(1328);
 const utils_1 = __nccwpck_require__(6252);
 exports.USER_AGENT = `NowSecure GitHub Action/${nowsecure_version_1.version}`;
 exports.DEFAULT_API_URL = "https://api.nowsecure.com";
-exports.DEFAULT_LAB_API_URL = "https://lab-api.nowsecure.com";
 exports.DEFAULT_LAB_UI_URL = "https://app.nowsecure.com";
 /**
  * GraphQL request to check if baseline limit has been reached.
@@ -61884,18 +61883,15 @@ const platformGql = (reportId) => `{
   }
 }`;
 class NowSecure {
-    constructor(platformOrToken, apiUrl = exports.DEFAULT_API_URL, labApiUrl = exports.DEFAULT_LAB_API_URL) {
+    constructor(platformOrToken, apiUrl = exports.DEFAULT_API_URL) {
         _NowSecure_client.set(this, void 0);
         _NowSecure_apiUrl.set(this, void 0);
-        _NowSecure_labApiUrl.set(this, void 0);
         let platformToken;
         if (typeof platformOrToken == "object") {
             platformToken = platformOrToken.token;
             apiUrl = platformOrToken.apiUrl;
-            labApiUrl = platformOrToken.labApiUrl;
         }
         __classPrivateFieldSet(this, _NowSecure_apiUrl, apiUrl, "f");
-        __classPrivateFieldSet(this, _NowSecure_labApiUrl, labApiUrl, "f");
         __classPrivateFieldSet(this, _NowSecure_client, new http.HttpClient(exports.USER_AGENT, undefined, {
             allowRetries: true,
             maxRetries: 3,
@@ -61969,7 +61965,7 @@ class NowSecure {
                         throw new Error(`Unknown analysis type "${analysisType}"`);
                 }
             }
-            const url = `${__classPrivateFieldGet(this, _NowSecure_labApiUrl, "f")}/build/?${params.join("&")}`;
+            const url = `${__classPrivateFieldGet(this, _NowSecure_apiUrl, "f")}/build/?${params.join("&")}`;
             const r = yield __classPrivateFieldGet(this, _NowSecure_client, "f").sendStream("POST", url, stream, {});
             if (r.message.statusCode !== 200) {
                 throw new Error(`Application upload failed with status ${r.message.statusCode}`);
@@ -61998,7 +61994,7 @@ class NowSecure {
     }
 }
 exports.NowSecure = NowSecure;
-_NowSecure_client = new WeakMap(), _NowSecure_apiUrl = new WeakMap(), _NowSecure_labApiUrl = new WeakMap();
+_NowSecure_client = new WeakMap(), _NowSecure_apiUrl = new WeakMap();
 
 
 /***/ }),
@@ -62959,17 +62955,14 @@ class PlatformConfig {
     constructor(
     /** API token */
     token, 
-    /** GraphQL server */
+    /** API endpoint */
     apiUrl = nowsecure_client_1.DEFAULT_API_URL, 
-    /** REST API (uploads) */
-    labApiUrl = nowsecure_client_1.DEFAULT_LAB_API_URL, 
     /** UI address */
     labUrl = nowsecure_client_1.DEFAULT_LAB_UI_URL, 
     /** UI type */
     rainier = true) {
         this.token = token;
         this.apiUrl = apiUrl;
-        this.labApiUrl = labApiUrl;
         this.labUrl = labUrl;
         this.rainier = rainier;
     }
@@ -63006,7 +62999,7 @@ function platformConfig() {
             throw new errors_1.ValueError('lab_type must be either "rainier" or "classic"');
         }
     }
-    return new PlatformConfig(core.getInput("platform_token"), core.getInput("api_url"), core.getInput("lab_api_url"), labUrl, rainier);
+    return new PlatformConfig(core.getInput("platform_token"), core.getInput("api_url"), labUrl, rainier);
 }
 exports.platformConfig = platformConfig;
 function outputToDependencies(report, context, githubCorrelator) {

dist/nowsecure-upload-app/index.js

@@ -53366,15 +53366,14 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
     if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
     return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
 };
-var _NowSecure_client, _NowSecure_apiUrl, _NowSecure_labApiUrl;
+var _NowSecure_client, _NowSecure_apiUrl;
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.NowSecure = exports.DEFAULT_LAB_UI_URL = exports.DEFAULT_LAB_API_URL = exports.DEFAULT_API_URL = exports.USER_AGENT = void 0;
+exports.NowSecure = exports.DEFAULT_LAB_UI_URL = exports.DEFAULT_API_URL = exports.USER_AGENT = void 0;
 const http = __importStar(__nccwpck_require__(6255));
 const nowsecure_version_1 = __nccwpck_require__(1328);
 const utils_1 = __nccwpck_require__(6252);
 exports.USER_AGENT = `NowSecure GitHub Action/${nowsecure_version_1.version}`;
 exports.DEFAULT_API_URL = "https://api.nowsecure.com";
-exports.DEFAULT_LAB_API_URL = "https://lab-api.nowsecure.com";
 exports.DEFAULT_LAB_UI_URL = "https://app.nowsecure.com";
 /**
  * GraphQL request to check if baseline limit has been reached.
@@ -53482,18 +53481,15 @@ const platformGql = (reportId) => `{
   }
 }`;
 class NowSecure {
-    constructor(platformOrToken, apiUrl = exports.DEFAULT_API_URL, labApiUrl = exports.DEFAULT_LAB_API_URL) {
+    constructor(platformOrToken, apiUrl = exports.DEFAULT_API_URL) {
         _NowSecure_client.set(this, void 0);
         _NowSecure_apiUrl.set(this, void 0);
-        _NowSecure_labApiUrl.set(this, void 0);
         let platformToken;
         if (typeof platformOrToken == "object") {
             platformToken = platformOrToken.token;
             apiUrl = platformOrToken.apiUrl;
-            labApiUrl = platformOrToken.labApiUrl;
         }
         __classPrivateFieldSet(this, _NowSecure_apiUrl, apiUrl, "f");
-        __classPrivateFieldSet(this, _NowSecure_labApiUrl, labApiUrl, "f");
         __classPrivateFieldSet(this, _NowSecure_client, new http.HttpClient(exports.USER_AGENT, undefined, {
             allowRetries: true,
             maxRetries: 3,
@@ -53567,7 +53563,7 @@ class NowSecure {
                         throw new Error(`Unknown analysis type "${analysisType}"`);
                 }
             }
-            const url = `${__classPrivateFieldGet(this, _NowSecure_labApiUrl, "f")}/build/?${params.join("&")}`;
+            const url = `${__classPrivateFieldGet(this, _NowSecure_apiUrl, "f")}/build/?${params.join("&")}`;
             const r = yield __classPrivateFieldGet(this, _NowSecure_client, "f").sendStream("POST", url, stream, {});
             if (r.message.statusCode !== 200) {
                 throw new Error(`Application upload failed with status ${r.message.statusCode}`);
@@ -53596,7 +53592,7 @@ class NowSecure {
     }
 }
 exports.NowSecure = NowSecure;
-_NowSecure_client = new WeakMap(), _NowSecure_apiUrl = new WeakMap(), _NowSecure_labApiUrl = new WeakMap();
+_NowSecure_client = new WeakMap(), _NowSecure_apiUrl = new WeakMap();
 
 
 /***/ }),
@@ -54155,17 +54151,14 @@ class PlatformConfig {
     constructor(
     /** API token */
     token, 
-    /** GraphQL server */
+    /** API endpoint */
     apiUrl = nowsecure_client_1.DEFAULT_API_URL, 
-    /** REST API (uploads) */
-    labApiUrl = nowsecure_client_1.DEFAULT_LAB_API_URL, 
     /** UI address */
     labUrl = nowsecure_client_1.DEFAULT_LAB_UI_URL, 
     /** UI type */
     rainier = true) {
         this.token = token;
         this.apiUrl = apiUrl;
-        this.labApiUrl = labApiUrl;
         this.labUrl = labUrl;
         this.rainier = rainier;
     }
@@ -54202,7 +54195,7 @@ function platformConfig() {
             throw new errors_1.ValueError('lab_type must be either "rainier" or "classic"');
         }
     }
-    return new PlatformConfig(core.getInput("platform_token"), core.getInput("api_url"), core.getInput("lab_api_url"), labUrl, rainier);
+    return new PlatformConfig(core.getInput("platform_token"), core.getInput("api_url"), labUrl, rainier);
 }
 exports.platformConfig = platformConfig;
 function outputToDependencies(report, context, githubCorrelator) {

src/nowsecure-client.ts

@@ -14,7 +14,6 @@ import { PlatformConfig, sleep } from "./utils";
 
 export const USER_AGENT = `NowSecure GitHub Action/${version}`;
 export const DEFAULT_API_URL = "https://api.nowsecure.com";
-export const DEFAULT_LAB_API_URL = "https://lab-api.nowsecure.com";
 export const DEFAULT_LAB_UI_URL = "https://app.nowsecure.com";
 
 /**
@@ -127,24 +126,20 @@ const platformGql = (reportId: string): string => `{
 export class NowSecure {
   #client: http.HttpClient;
   #apiUrl: string;
-  #labApiUrl: string;
 
   constructor(platform: PlatformConfig);
-  constructor(platformToken: string, apiUrl?: string, labApiUrl?: string);
+  constructor(platformToken: string, apiUrl?: string);
   constructor(
     platformOrToken: string | PlatformConfig,
-    apiUrl: string = DEFAULT_API_URL,
-    labApiUrl: string = DEFAULT_LAB_API_URL
+    apiUrl: string = DEFAULT_API_URL
   ) {
     let platformToken: string;
     if (typeof platformOrToken == "object") {
       platformToken = platformOrToken.token;
       apiUrl = platformOrToken.apiUrl;
-      labApiUrl = platformOrToken.labApiUrl;
     }
 
     this.#apiUrl = apiUrl;
-    this.#labApiUrl = labApiUrl;
     this.#client = new http.HttpClient(USER_AGENT, undefined, {
       allowRetries: true,
       maxRetries: 3,
@@ -229,7 +224,7 @@ export class NowSecure {
       }
     }
 
-    const url = `${this.#labApiUrl}/build/?${params.join("&")}`;
+    const url = `${this.#apiUrl}/build/?${params.join("&")}`;
     const r = await this.#client.sendStream("POST", url, stream, {});
 
     if (r.message.statusCode !== 200) {

src/utils/action-utils.ts

@@ -17,7 +17,6 @@ import { Filter, KeyParams } from "./config-types";
 import { ValueError } from "./errors";
 import {
   DEFAULT_API_URL,
-  DEFAULT_LAB_API_URL,
   DEFAULT_LAB_UI_URL,
 } from "../nowsecure-client";
 import type { Context } from "@actions/github/lib/context";
@@ -36,10 +35,8 @@ export class PlatformConfig {
   constructor(
     /** API token */
     public token: string,
-    /** GraphQL server */
+    /** API endpoint */
     public apiUrl: string = DEFAULT_API_URL,
-    /** REST API (uploads) */
-    public labApiUrl: string = DEFAULT_LAB_API_URL,
     /** UI address */
     public labUrl: string = DEFAULT_LAB_UI_URL,
     /** UI type */
@@ -88,7 +85,6 @@ export function platformConfig(): PlatformConfig {
   return new PlatformConfig(
     core.getInput("platform_token"),
     core.getInput("api_url"),
-    core.getInput("lab_api_url"),
     labUrl,
     rainier
   );

upload-app/action.yml

@@ -11,8 +11,9 @@ inputs:
     default: "https://api.nowsecure.com"
   lab_api_url:
     required: false
-    description: "NowSecure Lab API endpoint."
+    description: "Deprecated. No longer used; all requests go through api_url."
     default: "https://lab-api.nowsecure.com"
+    deprecationMessage: "lab_api_url is deprecated and ignored. All requests now use api_url."
   app_file:
     required: true
     description: "Application binary to scan on NowSecure Platform. Must be an Android or iOS application."