public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Merge branch '2.2' into main

pull/10435/head
Jordi Boggiano 2022-01-05 15:45:18 +01:00
parent b96c419ee5 c2cdc3eb71
commit 3a27cb2e91
No known key found for this signature in database
GPG Key ID: 7BBD42C429EC80BC
1 changed files with 29 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
src/Composer/Util/ProcessExecutor.php
View File

@ -102,18 +102,7 @@ class ProcessExecutor
*/ */
private function doExecute($command, $cwd, $tty, &$output = null) private function doExecute($command, $cwd, $tty, &$output = null)
{ {
if ($this->io && $this->io->isDebug()) { $this->outputCommandRun($command, $cwd, false);
$safeCommand = Preg::replaceCallback('{://(?P<user>[^:/\s]+):(?P<password>[^@\s/]+)@}i', function ($m) {
// if the username looks like a long (12char+) hex string, or a modern github token (e.g. ghp_xxx) we obfuscate that
if (Preg::isMatch('{^([a-f0-9]{12,}|gh[a-z]_[a-zA-Z0-9_]+)$}', $m['user'])) {
return '://***:***@';
}
return '://'.$m['user'].':***@';
}, $command);
$safeCommand = Preg::replace("{--password (.*[^\\\\]\') }", '--password \'***\' ', $safeCommand);
$this->io->writeError('Executing command ('.($cwd ?: 'CWD').'): '.$safeCommand);
}
$this->captureOutput = func_num_args() > 3; $this->captureOutput = func_num_args() > 3;
$this->errorOutput = ''; $this->errorOutput = '';
@ -230,17 +219,7 @@ class ProcessExecutor
$command = $job['command']; $command = $job['command'];
$cwd = $job['cwd']; $cwd = $job['cwd'];
if ($this->io && $this->io->isDebug()) { $this->outputCommandRun($command, $cwd, true);
$safeCommand = Preg::replaceCallback('{://(?P<user>[^:/\s]+):(?P<password>[^@\s/]+)@}i', function ($m) {
if (Preg::isMatch('{^[a-f0-9]{12,}$}', $m['user'])) {
return '://***:***@';
}
return '://'.$m['user'].':***@';
}, $command);
$safeCommand = Preg::replace("{--password (.*[^\\\\]\') }", '--password \'***\' ', $safeCommand);
$this->io->writeError('Executing async command ('.($cwd ?: 'CWD').'): '.$safeCommand);
}
try { try {
$process = Process::fromShellCommandline($command, $cwd, null, null, static::getTimeout()); $process = Process::fromShellCommandline($command, $cwd, null, null, static::getTimeout());
@ -407,6 +386,33 @@ class ProcessExecutor
return self::escapeArgument($argument); return self::escapeArgument($argument);
} }
/**
* @param string $command
* @param ?string $cwd
* @param bool $async
* @return void
*/
private function outputCommandRun($command, $cwd, $async)
{
if (null === $this->io || !$this->io->isDebug()) {
return;
}
$safeCommand = Preg::replaceCallback('{://(?P<user>[^:/\s]+):(?P<password>[^@\s/]+)@}i', function ($m) {
// if the username looks like a long (12char+) hex string, or a modern github token (e.g. ghp_xxx) we obfuscate that
if (Preg::isMatch('{^([a-f0-9]{12,}|gh[a-z]_[a-zA-Z0-9_]+)$}', $m['user'])) {
return '://***:***@';
}
if (Preg::isMatch('{^[a-f0-9]{12,}$}', $m['user'])) {
return '://***:***@';
}
return '://'.$m['user'].':***@';
}, $command);
$safeCommand = Preg::replace("{--password (.*[^\\\\]\') }", '--password \'***\' ', $safeCommand);
$this->io->writeError('Executing'.($async ? ' async' : '').' command ('.($cwd ?: 'CWD').'): '.$safeCommand);
}
/** /**
* Escapes a string to be used as a shell argument for Symfony Process. * Escapes a string to be used as a shell argument for Symfony Process.
* *