diff options
| author | Daniel Niknam <mhmd.niknam@gmail.com> | 2021-08-22 01:33:21 +1000 |
|---|---|---|
| committer | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2021-08-31 19:06:14 +0900 |
| commit | 31c2e6c08eccf77ec24126b9c77a910a4e543293 (patch) | |
| tree | 6f732471f7b5bf27a2de763b4802859b9f481ea0 /test | |
| parent | b41802421ac7e790a98ed59be67631687fc5808f (diff) | |
[rubygems/rubygems] Using `Gem::PrintableUri` in `Gem::Commands::InstallCommand` class
The `x.source.uri` could be a source URI with a credential. Using `Gem::PrintableUri` to make sure we are redacting sensitive information from it.
https://github.com/rubygems/rubygems/commit/8755ee0aaa
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
Diffstat (limited to 'test')
| -rw-r--r-- | test/rubygems/test_gem_commands_install_command.rb | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/test/rubygems/test_gem_commands_install_command.rb b/test/rubygems/test_gem_commands_install_command.rb index 48ac040d0e..535180983b 100644 --- a/test/rubygems/test_gem_commands_install_command.rb +++ b/test/rubygems/test_gem_commands_install_command.rb @@ -1067,6 +1067,31 @@ ERROR: Possible alternatives: non_existent_with_hint assert_equal x, e end + def test_redact_credentials_from_uri_on_warning + spec_fetcher do |fetcher| + fetcher.download 'a', 2 + end + + Gem.sources << "http://username:SECURE_TOKEN@nonexistent.example" + + @cmd.options[:args] = %w[a] + + use_ui @ui do + assert_raise Gem::MockGemUi::SystemExitException, @ui.error do + @cmd.execute + end + end + + assert_equal %w[a-2], @cmd.installed_specs.map {|spec| spec.full_name } + + assert_match "1 gem installed", @ui.output + + e = @ui.error + + x = "WARNING: Unable to pull data from 'http://username:REDACTED@nonexistent.example': no data for http://username:REDACTED@nonexistent.example/specs.4.8.gz (http://username:REDACTED@nonexistent.example/specs.4.8.gz)\n" + assert_equal x, e + end + def test_execute_uses_from_a_gemdeps spec_fetcher do |fetcher| fetcher.gem 'a', 2 |