Skip to content

Commit

Permalink
chore: remove auth info from logs
Browse files Browse the repository at this point in the history
  • Loading branch information
@claudiahdz
claudiahdz committed Jun 30, 2020
1 parent 479e45c commit a9857b8
Show file tree
Hide file tree
Showing 5 changed files with 40 additions and 5 deletions.
4 changes: 3 additions & 1 deletion bin/npm-cli.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
var npm = require('../lib/npm.js')
var npmconf = require('../lib/config/core.js')
var errorHandler = require('../lib/utils/error-handler.js')
var replaceInfo = require('../lib/utils/replace-info.js')

var configDefs = npmconf.defs
var shorthands = configDefs.shorthands
Expand All @@ -40,7 +41,8 @@
process.argv.splice(1, 1, 'npm', '-g')
}

log.verbose('cli', process.argv)
var args = replaceInfo(process.argv)
log.verbose('cli', args)

var conf = nopt(types, shorthands)
npm.argv = conf.argv.remain
Expand Down
9 changes: 6 additions & 3 deletions lib/fetch-package-metadata.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
const deprCheck = require('./utils/depr-check')
const path = require('path')
const log = require('npmlog')
const pacote = require('pacote')
const readPackageTree = require('read-package-tree')
const rimraf = require('rimraf')
const validate = require('aproba')
Expand All @@ -11,15 +12,17 @@ const npm = require('./npm')
let npmConfig
const npmlog = require('npmlog')
const limit = require('call-limit')
const tempFilename = require('./utils/temp-filename')
const pacote = require('pacote')
const tempFilename = require('./utils/temp-filename.js')
const replaceInfo = require('./utils/replace-info.js')
const isWindows = require('./utils/is-windows.js')

function andLogAndFinish (spec, tracker, done) {
validate('SOF|SZF|OOF|OZF', [spec, tracker, done])
return (er, pkg) => {
if (er) {
log.silly('fetchPackageMetaData', 'error for ' + String(spec), er.message)
er.message = replaceInfo(er.message)
var spc = replaceInfo(String(spec))
log.silly('fetchPackageMetaData', 'error for ' + spc, er.message)
if (tracker) tracker.finish()
}
return done(er, pkg)
Expand Down
5 changes: 4 additions & 1 deletion lib/utils/error-handler.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ var exitCode = 0
var rollbacks = npm.rollbacks
var chain = require('slide').chain
var errorMessage = require('./error-message.js')
var replaceInfo = require('./replace-info.js')
var stopMetrics = require('./metrics.js').stop

const cacheFile = require('./cache-file.js')
Expand Down Expand Up @@ -175,14 +176,16 @@ function errorHandler (er) {
].forEach(function (k) {
var v = er[k]
if (!v) return
v = replaceInfo(v)
log.verbose(k, v)
})

log.verbose('cwd', process.cwd())

var os = require('os')
var args = replaceInfo(process.argv)
log.verbose('', os.type() + ' ' + os.release())
log.verbose('argv', process.argv.map(JSON.stringify).join(' '))
log.verbose('argv', args.map(JSON.stringify).join(' '))
log.verbose('node', process.version)
log.verbose('npm ', 'v' + npm.version)

Expand Down
5 changes: 5 additions & 0 deletions lib/utils/error-message.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,17 @@ var npm = require('../npm.js')
var util = require('util')
var nameValidator = require('validate-npm-package-name')
var npmlog = require('npmlog')
var replaceInfo = require('./replace-info.js')

module.exports = errorMessage

function errorMessage (er) {
var short = []
var detail = []

er.message = replaceInfo(er.message)
er.stack = replaceInfo(er.stack)

switch (er.code) {
case 'ENOAUDIT':
short.push(['audit', er.message])
Expand Down
22 changes: 22 additions & 0 deletions lib/utils/replace-info.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
const URL = require('url')

// replaces auth info in an array
// of arguments or in a strings
function replaceInfo (arg) {
const isArray = Array.isArray(arg)
const isString = typeof arg === 'string'

if (!isArray && !isString) return arg

const args = isString ? arg.split(' ') : arg
const info = args.map(arg => {
try {
const url = new URL(arg)
return url.password === '' ? arg : arg.replace(url.password, '***')
} catch (e) { return arg }
})

return isString ? info.join(' ') : info
}

module.exports = replaceInfo

0 comments on commit a9857b8

Please sign in to comment.