Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-09-20 22:51:55 +00:00
Code Issues Projects Releases Packages Wiki Activity

Use url redaction in git (#1399)

Browse source 
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
This commit is contained in:
trufflesteeeve 2023-06-26 14:56:08 -04:00 committed by GitHub
parent 06f2d3a162
commit 11bff81def
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
pkg/sources/git/git.go
View file

@ -660,9 +660,7 @@ func stripPassword(u string) (string, error) {
return "", errors.WrapPrefix(err, "repo remote cannot be sanitized as URI", 0)
}
repoURL.User = nil
return repoURL.String(), nil
return repoURL.Redacted(), nil
}
// TryAdditionalBaseRefs looks for additional possible base refs for a repo and returns a hash if found.
@ -739,7 +737,7 @@ func PrepareRepoSinceCommit(ctx context.Context, uriString, commitHash string) (
var path string
switch {
case uri.User != nil:
ctx.Logger().V(1).Info("cloning repo with authentication", "uri", uri)
ctx.Logger().V(1).Info("cloning repo with authentication", "uri", uri.Redacted())
password, ok := uri.User.Password()
if !ok {
return "", true, fmt.Errorf("password must be included in Git repo URL when username is provided")
@ -777,7 +775,7 @@ func PrepareRepo(ctx context.Context, uriString string) (string, bool, error) {
remote = true
switch {
case uri.User != nil:
ctx.Logger().V(1).Info("cloning repo with authentication", "uri", uri)
ctx.Logger().V(1).Info("cloning repo with authentication", "uri", uri.Redacted())
password, ok := uri.User.Password()
if !ok {
return "", remote, fmt.Errorf("password must be included in Git repo URL when username is provided")