From: Robin Rosenberg <robin.rosenberg@dewire.com>
To: "Shawn O. Pearce" <spearce@spearce.org>
Cc: Marek Zawirski <marek.zawirski@gmail.com>, git@vger.kernel.org
Subject: Re: [JGIT PATCH 2/5] Don't display passwords on the console in fetch/push output
Date: Thu, 10 Jul 2008 20:56:43 +0200 [thread overview]
Message-ID: <200807102056.43912.robin.rosenberg@dewire.com> (raw)
In-Reply-To: <1215670403-19191-3-git-send-email-spearce@spearce.org>
torsdagen den 10 juli 2008 08.13.20 skrev Shawn O. Pearce:
> When we show the URI we just fetched or pushed against there may
> be a user password embedded in that URI, as saved in the user's
> .git/config file. We shouldn't display that in public to prying
> eyes so nulling it out will give us a copy of the URI without that
> field in it.
>
> Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
> ---
> .../src/org/spearce/jgit/pgm/Fetch.java | 2 +-
> .../src/org/spearce/jgit/pgm/Push.java | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/org.spearce.jgit/src/org/spearce/jgit/pgm/Fetch.java b/org.spearce.jgit/src/org/spearce/jgit/pgm/Fetch.java
> index c9c997e..36a0592 100644
> --- a/org.spearce.jgit/src/org/spearce/jgit/pgm/Fetch.java
> +++ b/org.spearce.jgit/src/org/spearce/jgit/pgm/Fetch.java
> @@ -71,7 +71,7 @@ class Fetch extends TextBuiltin {
> return;
>
> out.print("From ");
> - out.print(tn.getURI());
> + out.print(tn.getURI().setPass(null));
We did this a while ago. Sort of patching broken stuff instead of fixing what's broken, thus we should make URIIsh.toiString
not display the password.
-- robin
next prev parent reply other threads:[~2008-07-10 19:06 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-10 6:13 [JGIT PATCH 0/5] Yet another round of transport fixes Shawn O. Pearce
2008-07-10 6:13 ` [JGIT PATCH 1/5] Include a progress meter for large uploads to Amazon S3 Shawn O. Pearce
2008-07-10 6:13 ` [JGIT PATCH 2/5] Don't display passwords on the console in fetch/push output Shawn O. Pearce
2008-07-10 6:13 ` [JGIT PATCH 3/5] Reuse the same SSH connection when automatically fetching tags Shawn O. Pearce
2008-07-10 6:13 ` [JGIT PATCH 4/5] Report remote SSH execution errors during push via TransportException Shawn O. Pearce
2008-07-10 6:13 ` [JGIT PATCH 5/5] Explicitly capture the stderr from a failed SSH fetch or push Shawn O. Pearce
2008-07-10 18:56 ` Robin Rosenberg [this message]
2008-07-10 20:17 ` [JGIT PATCH 2/5] Don't display passwords on the console in fetch/push output Robin Rosenberg
2008-07-10 22:25 ` Johannes Schindelin
2008-07-10 22:42 ` Robin Rosenberg
2008-07-11 3:20 ` Shawn O. Pearce
2008-07-11 8:30 ` Robin Rosenberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200807102056.43912.robin.rosenberg@dewire.com \
--to=robin.rosenberg@dewire.com \
--cc=git@vger.kernel.org \
--cc=marek.zawirski@gmail.com \
--cc=spearce@spearce.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.