Hide security-sensitive strings in VCS command log messages #6890
Conversation
cjerdonek
added
C: vcs
cjerdonek
force-pushed
the
vcs-hidden-text
branch
3 times, most recently
from
a93a8f7
to
b9d70a6
Compare
cjerdonek
force-pushed
the
vcs-hidden-text
branch
from
b9d70a6
to
03eedab
Compare
cjerdonek
force-pushed
the
vcs-hidden-text
branch
from
9d7f6e3
to
5ffc930
Compare
|
PR updated. Thanks again for the thorough review, @chrahunt. 🙏 |
|
PR updated. I also implemented |
|
Thanks again for the thoughtful reviews, @chrahunt and @pradyunsg! |
| # Also, we don't apply str() to arguments that aren't HiddenText since | ||
| # this can trigger a UnicodeDecodeError in Python 2 if the argument | ||
| # has type unicode and includes a non-ascii character. (The type | ||
| # checker doesn't ensure the annotations are correct in all cases.) |
There was a problem hiding this comment.
Reg the type-checker: I think we're supposed to use mypy.Text for things that would be unicode on Python 2.
There was a problem hiding this comment.
This is supposed to always be str (if everything is working correctly), but because our type-checking isn't 100%, it's possible something of unicode type can slip through the cracks (e.g. because of # type: ignore comments at some of our annotations). One example is the _get_win_folder_with_ctypes() function in appdirs.py that is annotated with str but returns unicode in Python 2. In cases that slip through the cracks, the point was not to force a crash if we don't need to..
|
This PR looks great @cjerdonek! ^>^ |
lock
bot
added
the
auto-locked
This PR adds a new
HiddenTextclass to wrap sensitive strings and starts using them in the VCS modules to protect (1) URL's containing potential auth info, and (2) passwords that can be included in VCS command-line arguments. This finishes the work started in PR #6862.