GitHub Token is not properly sanitized from the debug logs

[favna]

Describe the issue

This was brought to my attention thanks to #514 <_< thankfully GitHub automatically revokes leaked tokens.

When running git cliff -c github --github-repo orhun/git-cliff --verbose --debug the token is logged twice, once at the end for the RemoteConfig but also near the start for the Opt object. The second one does get sanitized but the fist one does not.

To reproduce

Steps to reproduce the behavior:

1. Set GITHUB_TOKEN env var
2. Run with -c github --github-repo orhun/git-cliff --verbose --debug arguments
3. See the token in the logs

Expected behavior

The token is sanitized in both places so it's safe to be copy-pasted and send for issue reports.

Screenshots / Logs

git cliff -c github --github-repo favware/cliff-jumper --verbose --debug
 INFO  git_cliff > Using built-in configuration file: github
 TRACE git_cliff > Opt {
    help: None,
    version: None,
    verbose: 2,
    init: None,
    config: "github",
    workdir: None,
    repository: None,
    include_path: None,
    exclude_path: None,
    with_commit: None,
    skip_commit: None,
    prepend: None,
    output: None,
    tag: None,
    bump: false,
    bumped_version: false,
    body: None,
    latest: false,
    current: false,
    unreleased: false,
    topo_order: false,
    no_exec: false,
    context: false,
    strip: None,
    sort: Newest,
    range: None,
    github_token: Some(
        "LE TOKEN", <--- THIS IS NORMALLY AN UNSANITIZED GITHUB TOKEN, MANUALLY REDACTED FOR THIS ISSUE REPORT
    ),
    github_repo: Some(
        RemoteValue(
            Remote {
                owner: "favware",
                repo: "cliff-jumper",
                token: None,
            },
        ),
    ),
}
 TRACE git_cliff > Config {
    changelog: ChangelogConfig {
        header: None,
        body: Some(
            "## What's Changed\n\n{%- if version %} in {{ version }}{%- endif -%}\n{% for commit in commits %}\n  {% if commit.github.pr_title -%}\n    {%- set commit_message = commit.github.pr_title -%}\n  {%- else -%}\n    {%- set commit_message = commit.message -%}\n  {%- endif -%}\n  * {{ commit_message | split(pat=\"\n\") | first | trim }}{% if commit.github.username %} by @{{ commit.github.username }}{%- endif -%}\n    {% if commit.github.pr_number %} in [#{{ commit.github.pr_number }}]({{ self::remote_url() }}/pull/{{ commit.github.pr_number }}) {%- endif %}\n{%- endfor -%}\n\n{% if github.contributors | filter(attribute=\"is_first_time\", value=true) | length != 0 %}\n  {% raw %}\n{% endraw -%}\n  ## New Contributors\n{%- endif %}{% for contributor in github.contributors | filter(attribute=\"is_first_time\", value=true) %}\n  * @{{ contributor.username }} made their first contribution\n    {%- if contributor.pr_number %} in [#{{ contributor.pr_number }}]({{ self::remote_url() }}/pull/{{ contributor.pr_number }}) {%- endif %}\n{%- endfor -%}\n\n{% if version %}\n    {% if previous.version %}\n      **Full Changelog**: {{ self::remote_url() }}/compare/{{ previous.version }}...{{ version }}\n    {% endif %}\n{% else -%}\n  {% raw %}\n{% endraw %}\n{% endif %}\n\n{%- macro remote_url() -%}\n  https://github.com/{{ remote.github.owner }}/{{ remote.github.repo }}\n{%- endmacro -%}\n",
        ),
        footer: Some(
            "<!-- generated by git-cliff -->\n",
        ),
        trim: Some(
            true,
        ),
        postprocessors: Some(
            [],
        ),
    },
    git: GitConfig {
        conventional_commits: Some(
            false,
        ),
        filter_unconventional: Some(
            true,
        ),
        split_commits: Some(
            false,
        ),
        commit_preprocessors: Some(
            [
                TextProcessor {
                    pattern: Regex(
                        "\\((\\w+\\s)?#([0-9]+)\\)",
                    ),
                    replace: Some(
                        "",
                    ),
                    replace_command: None,
                },
            ],
        ),
        commit_parsers: None,
        protect_breaking_commits: Some(
            false,
        ),
        link_parsers: None,
        filter_commits: Some(
            false,
        ),
        tag_pattern: Some(
            Regex(
                "v[0-9].*",
            ),
        ),
        skip_tags: Some(
            Regex(
                "beta|alpha",
            ),
        ),
        ignore_tags: Some(
            Regex(
                "rc",
            ),
        ),
        topo_order: Some(
            false,
        ),
        sort_commits: Some(
            "newest",
        ),
        limit_commits: None,
    },
    remote: RemoteConfig {
        github: Remote {
            owner: "favware",
            repo: "cliff-jumper",
            token: Some(
                Secret([REDACTED alloc::string::String]),
            ),
        },
    },
}

Software information

• Operating system: Windows 11 10.0.22631
• Rust version: rustc 1.76.0 (07dca489a 2024-02-04)
• Project version: 2.0.4

Additional context

[orhun]

Thanks a lot for the report! I fixed this in be34949 - will cut a release soon.