[GitHub] maven-scm pull request: Resolves critical security bug SCM-811

2016-05-27 Thread eddiewebb
Github user eddiewebb commented on a diff in the pull request: https://github.com/apache/maven-scm/pull/45#discussion_r64888411 --- Diff: maven-scm-api/src/test/java/org/apache/maven/scm/ScmResultTest.java --- @@ -0,0 +1,47 @@ +package org.apache.maven.scm

[GitHub] maven-scm pull request: Resolves critical security bug SCM-811

2016-05-27 Thread eddiewebb
Github user eddiewebb commented on a diff in the pull request: https://github.com/apache/maven-scm/pull/45#discussion_r64887559 --- Diff: maven-scm-api/src/test/java/org/apache/maven/scm/ScmResultTest.java --- @@ -0,0 +1,47 @@ +package org.apache.maven.scm

[GitHub] maven-scm pull request: #resolves SCM-817 by encoding password bef...

2016-05-25 Thread eddiewebb
Github user eddiewebb commented on the pull request: https://github.com/apache/maven-scm/pull/44#issuecomment-221606935 @olamy @rodrigc @msperisen - I also submitted https://github.com/apache/maven-scm/pull/45 around the same time for similar issue with native git client. --- If

[GitHub] maven-scm pull request: Resolves critical security bug SCM-811

2016-02-06 Thread eddiewebb
GitHub user eddiewebb opened a pull request: https://github.com/apache/maven-scm/pull/45 Resolves critical security bug SCM-811 This PR addresses https://issues.apache.org/jira/browse/SCM-811 by allowing the shared ScmResult in the api module to mask known patterns. Covers SVN and

[GitHub] maven-scm pull request: #resolves SCM-817 by encoding password bef...

2016-02-05 Thread eddiewebb
GitHub user eddiewebb opened a pull request: https://github.com/apache/maven-scm/pull/44 #resolves SCM-817 by encoding password before replace This resolves https://issues.apache.org/jira/browse/SCM-817 by encoding the password before trying to match against the pre-encoded URL