mhoffrog commented on code in PR #237:
URL: https://github.com/apache/maven-scm/pull/237#discussion_r2030806878
##########
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/AnonymousCommandLine.java:
##########
@@ -29,25 +27,14 @@
*/
public class AnonymousCommandLine extends Commandline {
- public static final String PASSWORD_PLACE_HOLDER = "********";
-
- private Pattern passwordPattern = Pattern.compile("^.*:(.*)@.*$");
-
/**
* Provides an anonymous output to mask password. Considering URL of type :
*
<<protocol>>://<<user>>:<<password>>@
* <<host_definition>>
*/
@Override
public String toString() {
- String output = super.toString();
- final Matcher passwordMatcher = passwordPattern.matcher(output);
- if (passwordMatcher.find()) {
Review Comment:
@michael-o This is the place where the find() did have been taken from - did
not want to touch this.
##########
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-git-commons/src/main/java/org/apache/maven/scm/provider/git/util/GitUtil.java:
##########
@@ -77,4 +86,24 @@ public static void setSettingsDirectory(File directory) {
public static File getSettingsFile() {
return new File(settingsDirectory, GIT_SETTINGS_FILENAME);
}
+
+ /**
+ * Provides an anonymous output to mask password. Considering URL of type :
+ *
<<protocol>>://<<user>>:<<password>>@
+ * <<host_definition>>
+ *
+ * @param urlWithCredentials
+ * @return urlWithCredentials but password masked with stars
+ */
+ public static String maskPasswordInUrl(String urlWithCredentials) {
+ String output = urlWithCredentials;
+ final Matcher passwordMatcher =
PASSWORD_IN_URL_PATTERN.matcher(output);
+ if (passwordMatcher.find()) {
+ // clear password with delimiters
+ final String clearPasswordWithDelimiters =
passwordMatcher.group(1);
+ // to be replaced in output by stars with delimiters
Review Comment:
This phrasing is being used at
[ScmResult.java](https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-api/src/main/java/org/apache/maven/scm/ScmResult.java#L117)
as well. Did keep this for consistency. Shall we update it everywhere to
asterisks then?
##########
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-git-commons/src/main/java/org/apache/maven/scm/provider/git/util/GitUtil.java:
##########
@@ -77,4 +86,24 @@ public static void setSettingsDirectory(File directory) {
public static File getSettingsFile() {
return new File(settingsDirectory, GIT_SETTINGS_FILENAME);
}
+
+ /**
+ * Provides an anonymous output to mask password. Considering URL of type :
+ *
<<protocol>>://<<user>>:<<password>>@
+ * <<host_definition>>
+ *
+ * @param urlWithCredentials
+ * @return urlWithCredentials but password masked with stars
+ */
+ public static String maskPasswordInUrl(String urlWithCredentials) {
+ String output = urlWithCredentials;
+ final Matcher passwordMatcher =
PASSWORD_IN_URL_PATTERN.matcher(output);
+ if (passwordMatcher.find()) {
Review Comment:
That code was taken 1:1 from
[AnonymousCommandLine.java](https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/AnonymousCommandLine.java#L45)
- did not want to touch this - see comment below.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
