fix(gitextractor): sanitize git tokens (#7767) (#7768)

Co-authored-by: Lynwee <1507509064@qq.com>
apache · Jul 19, 2024 · 87f5965 · 87f5965
1 parent fe611ee
commit 87f5965
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/backend/plugins/gitextractor/parser/clone_gitcli.go b/backend/plugins/gitextractor/parser/clone_gitcli.go
@@ -231,7 +231,22 @@ func (g *GitcliCloner) execCommand(cmd *exec.Cmd) errors.Error {
 			strings.Contains(outputString, "fatal: the remote end hung up unexpectedly") {
 			return ErrNoData
 		}
-		return errors.Default.New(fmt.Sprintf("git cmd %v in %s failed: %s", cmd.Args, cmd.Dir, outputString))
+		return errors.Default.New(fmt.Sprintf("git cmd %v in %s failed: %s", sanitizeArgs(cmd.Args), cmd.Dir, outputString))
 	}
 	return nil
 }
+
+func sanitizeArgs(args []string) []string {
+	var ret []string
+	for _, arg := range args {
+		u, err := url.Parse(arg)
+		if err == nil && u != nil && u.User != nil {
+			password, ok := u.User.Password()
+			if ok {
+				arg = strings.Replace(arg, password, strings.Repeat("*", len(password)), -1)
+			}
+		}
+		ret = append(ret, arg)
+	}
+	return ret
+}