Skip to content

feat: hide secrets in yarn config commands#1228

Merged
arcanis merged 4 commits into
yarnpkg:masterfrom
paul-soporan:feat/hide-secrets
Apr 22, 2020
Merged

feat: hide secrets in yarn config commands#1228
arcanis merged 4 commits into
yarnpkg:masterfrom
paul-soporan:feat/hide-secrets

Conversation

@paul-soporan
Copy link
Copy Markdown
Member

@paul-soporan paul-soporan commented Apr 21, 2020

What's the problem this PR addresses?

  1. Nested secrets aren't hidden in the output of the yarn config command (e. g. npmScopes.scope.npmAuthToken) by the existing implementation.
  2. No secrets are hidden in the output of the yarn config set command.

How did you fix it?

I created a new hideSecrets function that recursively hides secrets and a new getSecret method on the Configuration class that returns a configuration value with all secrets hidden.

I replaced the existing implementation with the new configuration.getSecret method.

arcanis
arcanis reviewed Apr 21, 2020
View reviewed changes
Copy link
Copy Markdown
Member

@arcanis arcanis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Can you also add a test?

Comment thread packages/yarnpkg-core/sources/Configuration.ts Outdated
arcanis
arcanis reviewed Apr 22, 2020
View reviewed changes
Comment thread packages/yarnpkg-core/tests/Configuration.test.ts
});

const firstToken = configuration.getForDisplay(`npmAuthToken`);
const secondToken = configuration.getForDisplay(`npmScopes`).get(`myScope`).get(`npmAuthToken`);
Copy link
Copy Markdown
Member

@arcanis arcanis Apr 22, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While keeping a unit test here is fine, I tend to prefer integration tests.

The reason for that is that because they are typically wider in scope, they also test behaviours closer from what real-life users will experience. For example, while you did test that getForDisplay works, you didn't test that it actually gets used by yarn config get. As a result, it's quite possible for someone to make an accidental regression during a refactoring.

Food for thought πŸ™‚

@arcanis arcanis merged commit 4daea78 into yarnpkg:master Apr 22, 2020
@paul-soporan paul-soporan deleted the feat/hide-secrets branch April 22, 2020 20:30
@jayjay7984 jayjay7984 mentioned this pull request Nov 4, 2022
Open
@jayjay7984 jayjay7984 mentioned this pull request Dec 25, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arcanis arcanis arcanis left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@paul-soporan @arcanis