capistrano-syslog 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/lib/capistrano/syslog/version.rb +1 -1
  4. data/lib/capistrano/tasks/syslog.rake +24 -2
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 79bbd403c5e09b5f5bcd3014aaedc936bee3971a0a19184f9ca5e2322d21b594
4
- data.tar.gz: 826d8270e9d62d4aefb63a78ade7fa68164aafacec030c41b7e505ee00150db1
3
+ metadata.gz: 982ae54582f0cbcfd52549d7848028aeaa44ea4da954497c685486204038185a
4
+ data.tar.gz: 34c7c7b5938f58bd7e359f76929dcd4c810d982c65cf775312f957f5ad7e10d6
5
5
  SHA512:
6
- metadata.gz: 1e2fcd77605bced2a7bbcd47f889a957e64b451bf789d098edbdac5dd50065976eaf5cca1916ed22d4c22a3da4cd87a636d4d907208164f9e3e96e9686c1d4ad
7
- data.tar.gz: '096ec1965ac96f8e5c57423d35857e4557afc8c01f59bceab9211bbc13b3b9d387cacd6e783264525134399bf1a8a73cda38665da64c6c6a5b9aca2a0efa803b'
6
+ metadata.gz: afb3d0e99ce2ee03ef6ff806721087388c216afbfb0dea2ebf1c97106773e36a59a9a14e24f3725af4be8dc283a885527e83c4b3fbd01d6e31f58eaf029cd1dc
7
+ data.tar.gz: d33e6cc592068932478b805f9e55875a59980c07f3e2604d95d39a1d932aa83c6ff1430d9c9ef5f917fa36a49d728e546339f42dd91b629fb097f14e59ee346e
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ### 0.4.0
2
+
3
+ * security fix: mask user/password of repo_url to avoid lealking the credential (e.g. repo_url contains x-oauth-basic )
4
+
1
5
  ### 0.3.0
2
6
 
3
7
  * behavior change: only syslog on `release_roles`
data/lib/capistrano/syslog/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Capistrano
2
2
  module Syslog
3
- VERSION = '0.3.0'
3
+ VERSION = '0.4.0'
4
4
  end
5
5
  end
data/lib/capistrano/tasks/syslog.rake CHANGED
@@ -1,17 +1,39 @@
1
1
  namespace :syslog do
2
2
 
3
+ # @return [String]
4
+ def masked_repo_url
5
+ repo_url = fetch(:repo_url)
6
+ if repo_url.match(/\Ahttps/)
7
+
8
+ uri = URI.parse(repo_url)
9
+ if uri.password
10
+ uri.password = '***'
11
+ end
12
+
13
+ # user is also masked!
14
+ # e.g. https://password:x-oauth-basic@github.com/example/example.git'
15
+ if uri.user
16
+ uri.user = '***'
17
+ end
18
+ uri
19
+ else
20
+ repo_url
21
+ end
22
+ end
23
+
3
24
  set :tag, 'capistrano'
4
25
 
5
26
  set :starting_format, -> {
6
27
  "deploy starting repository:%s revision:%s" % [
7
- fetch(:repo_url),
28
+ masked_repo_url,
8
29
  fetch(:current_revision),
9
30
  ]
10
31
  }
11
32
 
12
33
  set :finishing_format, -> {
34
+ repo_url = fetch(:repo_url)
13
35
  "deploy finishing repository:%s revision:%s" % [
14
- fetch(:repo_url),
36
+ masked_repo_url,
15
37
  fetch(:current_revision),
16
38
  ]
17
39
  }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: capistrano-syslog
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - hiboma
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-02-02 00:00:00.000000000 Z
11
+ date: 2021-02-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: capistrano