[rubygems/rubygems] Correctly redact credentials when using x-oauth-basic

https://github.com/rubygems/rubygems/commit/290b6ab078
author: Matt Larraz <mlarraz@users.noreply.github.com> 2021-08-19 16:12:04 -0400
committer: Hiroshi SHIBATA <hsbt@ruby-lang.org> 2021-08-31 19:06:14 +0900
commit: 2aed061384f68b10d8a4a973009512cb57999c63 (patch)
tree: f1998566e5a0031a4f30e4884f76b6a2d243b687 /lib/bundler/settings.rb
parent: f212b9d4f2eb7f94359778d0ec5f3e38f2d90461 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/bundler/settings.rb b/lib/bundler/settings.rb
index abf7db21b4..450f57e3d3 100644
--- a/lib/bundler/settings.rb
+++ b/lib/bundler/settings.rb
@@ -419,7 +419,15 @@ module Bundler
       elsif is_credential(key)
         "[REDACTED]"
       elsif is_userinfo(converted)
-        converted.gsub(/:.*$/, ":[REDACTED]")
+        username, pass = converted.split(":")
+
+        if pass == "x-oauth-basic"
+          username = "[REDACTED]"
+        else
+          pass = "[REDACTED]"
+        end
+
+        [username, pass].join(":")
       else
         converted
       end
author	Matt Larraz <mlarraz@users.noreply.github.com>	2021-08-19 16:12:04 -0400
committer	Hiroshi SHIBATA <hsbt@ruby-lang.org>	2021-08-31 19:06:14 +0900
commit	2aed061384f68b10d8a4a973009512cb57999c63 (patch)
tree	f1998566e5a0031a4f30e4884f76b6a2d243b687 /lib/bundler/settings.rb
parent	f212b9d4f2eb7f94359778d0ec5f3e38f2d90461 (diff)