summaryrefslogtreecommitdiff
path: root/t/t5541-http-push-smart.sh
diff options
context:
space:
mode:
authorJohannes Schindelin <johannes.schindelin@gmx.de>2020-06-04 20:08:29 (GMT)
committerJunio C Hamano <gitster@pobox.com>2020-06-04 20:20:21 (GMT)
commit46da295a77066994a663a47dc044f6c6fe582d26 (patch)
treef4b2161e2e1a58b54b68414ce556aede8a7e8832 /t/t5541-http-push-smart.sh
parent274b9cc25322d9ee79aa8e6d4e86f0ffe5ced925 (diff)
downloadgit-46da295a77066994a663a47dc044f6c6fe582d26.zip
git-46da295a77066994a663a47dc044f6c6fe582d26.tar.gz
git-46da295a77066994a663a47dc044f6c6fe582d26.tar.bz2
clone/fetch: anonymize URLs in the reflog
Even if we strongly discourage putting credentials into the URLs passed via the command-line, there _is_ support for that, and users _do_ do that. Let's scrub them before writing them to the reflog. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t5541-http-push-smart.sh')
-rwxr-xr-xt/t5541-http-push-smart.sh15
1 files changed, 15 insertions, 0 deletions
diff --git a/t/t5541-http-push-smart.sh b/t/t5541-http-push-smart.sh
index 23be8ce..2d60381 100755
--- a/t/t5541-http-push-smart.sh
+++ b/t/t5541-http-push-smart.sh
@@ -456,6 +456,21 @@ test_expect_success 'push status output scrubs password' '
grep "^To $HTTPD_URL/smart/test_repo.git" status
'
+test_expect_success 'clone/fetch scrubs password from reflogs' '
+ cd "$ROOT_PATH" &&
+ git clone "$HTTPD_URL_USER_PASS/smart/test_repo.git" \
+ reflog-test &&
+ cd reflog-test &&
+ test_commit prepare-for-force-fetch &&
+ git switch -c away &&
+ git fetch "$HTTPD_URL_USER_PASS/smart/test_repo.git" \
+ +master:master &&
+ # should have been scrubbed down to vanilla URL
+ git log -g master >reflog &&
+ grep "$HTTPD_URL" reflog &&
+ ! grep "$HTTPD_URL_USER_PASS" reflog
+'
+
test_expect_success 'colorize errors/hints' '
cd "$ROOT_PATH"/test_repo_clone &&
test_must_fail git -c color.transport=always -c color.advice=always \