From f7968d136276607115907267b3be89c3ff9acd03 Mon Sep 17 00:00:00 2001
From: Michael Mercier <michael.mercier@ryax.tech>
Date: Mon, 15 Mar 2021 17:54:48 +0100
Subject: Put remove password in the utils and use it also in cmd.execute

---
 git/util.py | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'git/util.py')

diff --git a/git/util.py b/git/util.py
index 04c96789..e9d183d9 100644
--- a/git/util.py
+++ b/git/util.py
@@ -16,6 +16,7 @@ import stat
 from sys import maxsize
 import time
 from unittest import SkipTest
+from urllib.parse import urlsplit, urlunsplit
 
 from gitdb.util import (# NOQA @IgnorePep8
     make_sha,
@@ -338,6 +339,33 @@ def expand_path(p, expand_vars=True):
     except Exception:
         return None
 
+
+def remove_password_if_present(cmdline):
+    """
+    Parse any command line argument and if on of the element is an URL with a
+    password, replace it by stars.  If nothing found just returns a copy of the
+    command line as-is.
+
+    This should be used for every log line that print a command line.
+    """
+    redacted_cmdline = []
+    for to_parse in cmdline:
+        try:
+            url = urlsplit(to_parse)
+            # Remove password from the URL if present
+            if url.password is None:
+                raise ValueError()
+
+            edited_url = url._replace(
+                netloc=url.netloc.replace(url.password, "*****"))
+            redacted_cmdline.append(urlunsplit(edited_url))
+        except ValueError:
+            redacted_cmdline.append(to_parse)
+            # This is not a valid URL
+            pass
+    return redacted_cmdline
+
+
 #} END utilities
 
 #{ Classes
-- 
cgit v1.2.1


From 50cbafc690e5692a16148dbde9de680be70ddbd1 Mon Sep 17 00:00:00 2001
From: Michael Mercier <michael.mercier@ryax.tech>
Date: Mon, 15 Mar 2021 18:39:26 +0100
Subject: Add more test and remove password also from error logs

---
 git/util.py | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

(limited to 'git/util.py')

diff --git a/git/util.py b/git/util.py
index e9d183d9..80985df4 100644
--- a/git/util.py
+++ b/git/util.py
@@ -343,13 +343,13 @@ def expand_path(p, expand_vars=True):
 def remove_password_if_present(cmdline):
     """
     Parse any command line argument and if on of the element is an URL with a
-    password, replace it by stars.  If nothing found just returns a copy of the
-    command line as-is.
+    password, replace it by stars (in-place).
+
+    If nothing found just returns the command line as-is.
 
     This should be used for every log line that print a command line.
     """
-    redacted_cmdline = []
-    for to_parse in cmdline:
+    for index, to_parse in enumerate(cmdline):
         try:
             url = urlsplit(to_parse)
             # Remove password from the URL if present
@@ -358,12 +358,11 @@ def remove_password_if_present(cmdline):
 
             edited_url = url._replace(
                 netloc=url.netloc.replace(url.password, "*****"))
-            redacted_cmdline.append(urlunsplit(edited_url))
+            cmdline[index] = urlunsplit(edited_url)
         except ValueError:
-            redacted_cmdline.append(to_parse)
             # This is not a valid URL
             pass
-    return redacted_cmdline
+    return cmdline
 
 
 #} END utilities
-- 
cgit v1.2.1


From ffddedf5467df993b7a42fbd15afacb901bca6d7 Mon Sep 17 00:00:00 2001
From: Michael Mercier <michael.mercier@ryax.tech>
Date: Tue, 16 Mar 2021 10:00:51 +0100
Subject: Use copy and not inplace remove password + working case test

---
 git/util.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'git/util.py')

diff --git a/git/util.py b/git/util.py
index 80985df4..907c6998 100644
--- a/git/util.py
+++ b/git/util.py
@@ -349,7 +349,9 @@ def remove_password_if_present(cmdline):
 
     This should be used for every log line that print a command line.
     """
+    new_cmdline = []
     for index, to_parse in enumerate(cmdline):
+        new_cmdline.append(to_parse)
         try:
             url = urlsplit(to_parse)
             # Remove password from the URL if present
@@ -358,11 +360,11 @@ def remove_password_if_present(cmdline):
 
             edited_url = url._replace(
                 netloc=url.netloc.replace(url.password, "*****"))
-            cmdline[index] = urlunsplit(edited_url)
+            new_cmdline[index] = urlunsplit(edited_url)
         except ValueError:
             # This is not a valid URL
             pass
-    return cmdline
+    return new_cmdline
 
 
 #} END utilities
-- 
cgit v1.2.1


From d283c83c43f5e52a1a14e55b35ffe85a780615d8 Mon Sep 17 00:00:00 2001
From: Michael Mercier <michael.mercier@ryax.tech>
Date: Thu, 18 Mar 2021 17:01:43 +0100
Subject: Use continue instead of raising error

---
 git/util.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'git/util.py')

diff --git a/git/util.py b/git/util.py
index 907c6998..d0aec5ae 100644
--- a/git/util.py
+++ b/git/util.py
@@ -356,14 +356,14 @@ def remove_password_if_present(cmdline):
             url = urlsplit(to_parse)
             # Remove password from the URL if present
             if url.password is None:
-                raise ValueError()
+                continue
 
             edited_url = url._replace(
                 netloc=url.netloc.replace(url.password, "*****"))
             new_cmdline[index] = urlunsplit(edited_url)
         except ValueError:
             # This is not a valid URL
-            pass
+            continue
     return new_cmdline
 
 
-- 
cgit v1.2.1