public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Update URL masking patterns for new GitHub fine-grained PATs 

Updates GitHub Personal Access Token regex pattern to detect new [fine-grained PATs](https://github.blog/changelog/2022-10-18-introducing-fine-grained-personal-access-tokens/)
pull/11316/head
Ayesh Karunaratne 2022-10-20 16:28:51 +05:30 committed by Jordi Boggiano
parent 8a8c50c3a6
commit b067e96021
No known key found for this signature in database
GPG Key ID: 7BBD42C429EC80BC
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Composer/Util/Url.php
View File

@ -116,7 +116,7 @@ class Url
$url = Preg::replaceCallback('{^(?P<prefix>[a-z0-9]+://)?(?P<user>[^:/\s@]+):(?P<password>[^@\s/]+)@}i', function ($m) { $url = Preg::replaceCallback('{^(?P<prefix>[a-z0-9]+://)?(?P<user>[^:/\s@]+):(?P<password>[^@\s/]+)@}i', function ($m) {
// if the username looks like a long (12char+) hex string, or a modern github token (e.g. ghp_xxx) we obfuscate that // if the username looks like a long (12char+) hex string, or a modern github token (e.g. ghp_xxx) we obfuscate that
if (Preg::isMatch('{^([a-f0-9]{12,}|gh[a-z]_[a-zA-Z0-9_]+)$}', $m['user'])) { if (Preg::isMatch('{^([a-f0-9]{12,}|gh[a-z]_[a-zA-Z0-9_]+|github_pat_[a-zA-Z0-9_]+)$}', $m['user'])) {
return $m['prefix'].'***:***@'; return $m['prefix'].'***:***@';
} }

1
tests/Composer/Test/Util/UrlTest.php
View File

@ -87,6 +87,7 @@ class UrlTest extends TestCase
array('https://example.org/foo/bar?access_token=***', 'https://example.org/foo/bar?access_token=abcdef'), array('https://example.org/foo/bar?access_token=***', 'https://example.org/foo/bar?access_token=abcdef'),
array('https://example.org/foo/bar?foo=bar&access_token=***', 'https://example.org/foo/bar?foo=bar&access_token=abcdef'), array('https://example.org/foo/bar?foo=bar&access_token=***', 'https://example.org/foo/bar?foo=bar&access_token=abcdef'),
array('https://***:***@github.com/acme/repo', 'https://ghp_1234567890abcdefghijklmnopqrstuvwxyzAB:x-oauth-basic@github.com/acme/repo'), array('https://***:***@github.com/acme/repo', 'https://ghp_1234567890abcdefghijklmnopqrstuvwxyzAB:x-oauth-basic@github.com/acme/repo'),
array('https://***:***@github.com/acme/repo', 'https://github_pat_1234567890abcdefghijkl_1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVW:x-oauth-basic@github.com/acme/repo'),
// without scheme // without scheme
array('foo:***@example.org/', 'foo:bar@example.org/'), array('foo:***@example.org/', 'foo:bar@example.org/'),
array('foo@example.org/', 'foo@example.org/'), array('foo@example.org/', 'foo@example.org/'),