From 90673e4f66fed79ec4d9ccf0247333b01dc3b444 Mon Sep 17 00:00:00 2001
From: Ayesh Karunaratne <ayesh@aye.sh>
Date: Thu, 20 Oct 2022 16:28:51 +0530
Subject: [PATCH] Update URL masking patterns for new GitHub fine-grained PATs

Updates GitHub Personal Access Token regex pattern to detect new [fine-grained PATs](https://github.blog/changelog/2022-10-18-introducing-fine-grained-personal-access-tokens/)
---
 src/Composer/Util/Url.php            | 2 +-
 tests/Composer/Test/Util/UrlTest.php | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Composer/Util/Url.php b/src/Composer/Util/Url.php
index 2372bbfc3..040d17db0 100644
--- a/src/Composer/Util/Url.php
+++ b/src/Composer/Util/Url.php
@@ -111,7 +111,7 @@ class Url
 
         $url = Preg::replaceCallback('{^(?P<prefix>[a-z0-9]+://)?(?P<user>[^:/\s@]+):(?P<password>[^@\s/]+)@}i', static function ($m): string {
             // if the username looks like a long (12char+) hex string, or a modern github token (e.g. ghp_xxx) we obfuscate that
-            if (Preg::isMatch('{^([a-f0-9]{12,}|gh[a-z]_[a-zA-Z0-9_]+)$}', $m['user'])) {
+            if (Preg::isMatch('{^([a-f0-9]{12,}|gh[a-z]_[a-zA-Z0-9_]+|github_pat_[a-zA-Z0-9_]+)$}', $m['user'])) {
                 return $m['prefix'].'***:***@';
             }
 
diff --git a/tests/Composer/Test/Util/UrlTest.php b/tests/Composer/Test/Util/UrlTest.php
index 7b1b4bc3a..267b1c1bd 100644
--- a/tests/Composer/Test/Util/UrlTest.php
+++ b/tests/Composer/Test/Util/UrlTest.php
@@ -82,6 +82,7 @@ class UrlTest extends TestCase
             ['https://example.org/foo/bar?access_token=***', 'https://example.org/foo/bar?access_token=abcdef'],
             ['https://example.org/foo/bar?foo=bar&access_token=***', 'https://example.org/foo/bar?foo=bar&access_token=abcdef'],
             ['https://***:***@github.com/acme/repo', 'https://ghp_1234567890abcdefghijklmnopqrstuvwxyzAB:x-oauth-basic@github.com/acme/repo'],
+            ['https://***:***@github.com/acme/repo', 'https://github_pat_1234567890abcdefghijkl_1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVW:x-oauth-basic@github.com/acme/repo'],
             // without scheme
             ['foo:***@example.org/', 'foo:bar@example.org/'],
             ['foo@example.org/', 'foo@example.org/'],