threadlines 0.2.17 → 0.2.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/git/diff.js +17 -1
- package/package.json +1 -1
package/dist/git/diff.js
CHANGED
|
@@ -26,6 +26,21 @@ const child_process_1 = require("child_process");
|
|
|
26
26
|
* @param repoRoot - Path to the repository root
|
|
27
27
|
* @returns Repository URL (e.g., "https://github.com/user/repo.git")
|
|
28
28
|
*/
|
|
29
|
+
/**
|
|
30
|
+
* Sanitize a git remote URL by removing embedded credentials.
|
|
31
|
+
*
|
|
32
|
+
* CI environments often embed tokens in the remote URL for authentication:
|
|
33
|
+
* - GitLab CI: https://gitlab-ci-token:TOKEN@gitlab.com/user/repo
|
|
34
|
+
* - GitHub Actions: https://x-access-token:TOKEN@github.com/user/repo
|
|
35
|
+
*
|
|
36
|
+
* This function strips credentials to prevent token exposure in logs/UI.
|
|
37
|
+
*/
|
|
38
|
+
function sanitizeRepoUrl(url) {
|
|
39
|
+
// Handle HTTPS URLs with credentials: https://user:pass@host/path
|
|
40
|
+
// The regex matches: protocol://anything@host/path and removes "anything@"
|
|
41
|
+
const sanitized = url.replace(/^(https?:\/\/)([^@]+@)/, '$1');
|
|
42
|
+
return sanitized;
|
|
43
|
+
}
|
|
29
44
|
async function getRepoUrl(repoRoot) {
|
|
30
45
|
try {
|
|
31
46
|
const url = (0, child_process_1.execSync)('git remote get-url origin', {
|
|
@@ -35,7 +50,8 @@ async function getRepoUrl(repoRoot) {
|
|
|
35
50
|
if (!url) {
|
|
36
51
|
throw new Error('Empty URL returned');
|
|
37
52
|
}
|
|
38
|
-
|
|
53
|
+
// Remove embedded credentials (CI tokens) from the URL
|
|
54
|
+
return sanitizeRepoUrl(url);
|
|
39
55
|
}
|
|
40
56
|
catch (error) {
|
|
41
57
|
const message = error instanceof Error ? error.message : String(error);
|