Redact credentials from URLs before returning errors#2091
Merged
tonistiigi merged 1 commit intomoby:masterfrom Apr 28, 2021
Merged
Redact credentials from URLs before returning errors#2091tonistiigi merged 1 commit intomoby:masterfrom
tonistiigi merged 1 commit intomoby:masterfrom
Conversation
alexcb
force-pushed
the
redact-credentials-from-remote-url-errors
branch
from
e1b94fc to
2d02185
Compare
tonistiigi
reviewed
Apr 28, 2021
Member
tonistiigi
left a comment
tonistiigi
left a comment
There was a problem hiding this comment.
I guess we should also remove it from the cache key to avoid plaintext attacks.
Collaborator
Author
|
My motivation was to remove the password from any errors that might show up in error logs. I only see the |
tonistiigi
reviewed
Apr 28, 2021
Member
Ah yes. I don't remember my own code anymore. |
alexcb
force-pushed
the
redact-credentials-from-remote-url-errors
branch
from
2d02185 to
322a63c
Compare
this is to prevent errors such as
failed to fetch remote https://user:password@github.com/user/private-repo-failure.git: exit status 128
from leaking the password; now it will be displayed like:
failed to fetch remote https://user:xxxxx@non-existant-host/user/private-repo.git: exit status 128
Signed-off-by: Alex Couture-Beil <alex@earthly.dev>
alexcb
force-pushed
the
redact-credentials-from-remote-url-errors
branch
from
322a63c to
5d2fd7e
Compare
tonistiigi
approved these changes
Apr 28, 2021
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
this is to prevent errors such as
from leaking the password; now it will be displayed like:
Signed-off-by: Alex Couture-Beil alex@earthly.dev