capistrano-syslog 0.3.0 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 79bbd403c5e09b5f5bcd3014aaedc936bee3971a0a19184f9ca5e2322d21b594
4
- data.tar.gz: 826d8270e9d62d4aefb63a78ade7fa68164aafacec030c41b7e505ee00150db1
3
+ metadata.gz: 982ae54582f0cbcfd52549d7848028aeaa44ea4da954497c685486204038185a
4
+ data.tar.gz: 34c7c7b5938f58bd7e359f76929dcd4c810d982c65cf775312f957f5ad7e10d6
5
5
  SHA512:
6
- metadata.gz: 1e2fcd77605bced2a7bbcd47f889a957e64b451bf789d098edbdac5dd50065976eaf5cca1916ed22d4c22a3da4cd87a636d4d907208164f9e3e96e9686c1d4ad
7
- data.tar.gz: '096ec1965ac96f8e5c57423d35857e4557afc8c01f59bceab9211bbc13b3b9d387cacd6e783264525134399bf1a8a73cda38665da64c6c6a5b9aca2a0efa803b'
6
+ metadata.gz: afb3d0e99ce2ee03ef6ff806721087388c216afbfb0dea2ebf1c97106773e36a59a9a14e24f3725af4be8dc283a885527e83c4b3fbd01d6e31f58eaf029cd1dc
7
+ data.tar.gz: d33e6cc592068932478b805f9e55875a59980c07f3e2604d95d39a1d932aa83c6ff1430d9c9ef5f917fa36a49d728e546339f42dd91b629fb097f14e59ee346e
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ### 0.4.0
2
+
3
+ * security fix: mask user/password of repo_url to avoid lealking the credential (e.g. repo_url contains x-oauth-basic )
4
+
1
5
  ### 0.3.0
2
6
 
3
7
  * behavior change: only syslog on `release_roles`
@@ -1,5 +1,5 @@
1
1
  module Capistrano
2
2
  module Syslog
3
- VERSION = '0.3.0'
3
+ VERSION = '0.4.0'
4
4
  end
5
5
  end
@@ -1,17 +1,39 @@
1
1
  namespace :syslog do
2
2
 
3
+ # @return [String]
4
+ def masked_repo_url
5
+ repo_url = fetch(:repo_url)
6
+ if repo_url.match(/\Ahttps/)
7
+
8
+ uri = URI.parse(repo_url)
9
+ if uri.password
10
+ uri.password = '***'
11
+ end
12
+
13
+ # user is also masked!
14
+ # e.g. https://password:x-oauth-basic@github.com/example/example.git'
15
+ if uri.user
16
+ uri.user = '***'
17
+ end
18
+ uri
19
+ else
20
+ repo_url
21
+ end
22
+ end
23
+
3
24
  set :tag, 'capistrano'
4
25
 
5
26
  set :starting_format, -> {
6
27
  "deploy starting repository:%s revision:%s" % [
7
- fetch(:repo_url),
28
+ masked_repo_url,
8
29
  fetch(:current_revision),
9
30
  ]
10
31
  }
11
32
 
12
33
  set :finishing_format, -> {
34
+ repo_url = fetch(:repo_url)
13
35
  "deploy finishing repository:%s revision:%s" % [
14
- fetch(:repo_url),
36
+ masked_repo_url,
15
37
  fetch(:current_revision),
16
38
  ]
17
39
  }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: capistrano-syslog
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - hiboma
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-02-02 00:00:00.000000000 Z
11
+ date: 2021-02-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: capistrano