From: "Johannes Schindelin via GitGitGadget" <gitgitgadget@gmail.com>
To: git@vger.kernel.org
Cc: Johannes Schindelin <johannes.schindelin@gmx.de>
Subject: [PATCH 0/4] Redact unsafe URLs in the Trace2 output
Date: Wed, 22 Nov 2023 19:18:33 +0000 [thread overview]
Message-ID: <pull.1616.git.1700680717.gitgitgadget@gmail.com> (raw)
The Trace2 output can contain secrets when a user issues a Git command with
sensitive information in the command-line. A typical (if highly discouraged)
example is: git clone https://user:password@host.com/.
With this PR, the Trace2 output redacts passwords in such URLs by default.
This series also includes a commit to temporarily disable leak checking on
t0210,t0211 because the tests uncover other unrelated bugs in Git.
These patches were integrated into Microsoft's fork of Git, as
https://github.com/microsoft/git/pull/616, and have been cooking there ever
since.
Jeff Hostetler (3):
trace2: fix signature of trace2_def_param() macro
t0211: test URL redacting in PERF format
t0212: test URL redacting in EVENT format
Johannes Schindelin (1):
trace2: redact passwords from https:// URLs by default
t/helper/test-trace2.c | 55 ++++++++++++++++++
t/t0210-trace2-normal.sh | 20 ++++++-
t/t0211-trace2-perf.sh | 21 ++++++-
t/t0212-trace2-event.sh | 40 +++++++++++++
trace2.c | 120 ++++++++++++++++++++++++++++++++++++++-
trace2.h | 4 +-
6 files changed, 253 insertions(+), 7 deletions(-)
base-commit: 564d0252ca632e0264ed670534a51d18a689ef5d
Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-1616%2Fdscho%2Ftrace2-redact-credentials-in-https-urls-v1
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-1616/dscho/trace2-redact-credentials-in-https-urls-v1
Pull-Request: https://github.com/gitgitgadget/git/pull/1616
--
gitgitgadget
next reply other threads:[~2023-11-22 19:18 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-22 19:18 Johannes Schindelin via GitGitGadget [this message]
2023-11-22 19:18 ` [PATCH 1/4] trace2: fix signature of trace2_def_param() macro Jeff Hostetler via GitGitGadget
2023-11-23 6:10 ` Junio C Hamano
2023-11-22 19:18 ` [PATCH 2/4] trace2: redact passwords from https:// URLs by default Johannes Schindelin via GitGitGadget
2023-11-23 18:59 ` Elijah Newren
2023-11-27 21:50 ` Jeff King
2023-11-22 19:18 ` [PATCH 3/4] t0211: test URL redacting in PERF format Jeff Hostetler via GitGitGadget
2023-11-22 19:18 ` [PATCH 4/4] t0212: test URL redacting in EVENT format Jeff Hostetler via GitGitGadget
2023-11-23 19:08 ` [PATCH 0/4] Redact unsafe URLs in the Trace2 output Elijah Newren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=pull.1616.git.1700680717.gitgitgadget@gmail.com \
--to=gitgitgadget@gmail.com \
--cc=git@vger.kernel.org \
--cc=johannes.schindelin@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).