Don't leak GitHub tokens during network failures

If git is unable to resolve the repo address (which includes the token), it will print a message to stderr with the path to the repo, thus leaking the token. Avoid doing this, and also suppress stdout to be extra careful.
servo · Oct 4, 2016 · 630b523 · 630b523
1 parent 76a8bd9
commit 630b523
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/etc/ci/update_brew.sh b/etc/ci/update_brew.sh
@@ -16,7 +16,6 @@ PACKAGENAME=$(basename ${PACKAGEPATH})
 REGEX="s/servo-.*\([0-9]\{4\}\)-\([0-9]\{2\}\)-\([0-9]\{2\}\).tar.gz/\1.\2.\3/p"
 VERSION=$(echo ${PACKAGENAME}| sed -n "${REGEX}")
 SHA=$(shasum -a 256 ${PACKAGEPATH} | sed -e 's/ .*//')
-GIT="https://${TOKEN}@github.com/servo/homebrew-servo.git"
 
 # See upload_nightly.sh
 PACKAGEURL="https://download.servo.org/nightly/macbrew/${PACKAGENAME}"
@@ -31,7 +30,7 @@ cd ${TMP_DIR}
 echo ${TMP_DIR}
 
 echo "Cloning"
-git clone ${GIT}
+git clone https://github.com/servo/homebrew-servo.git
 cd homebrew-servo
 
 # Not using "/" as it's used in PACKAGEURL
@@ -43,5 +42,7 @@ cat ${SCRIPTDIR}/servo-binary-formula.rb.in | sed \
 git add ./Formula/servo-bin.rb
 git commit -m "Version bump: ${VERSION}"
 
-git push -q ${GIT} master
+git push -qf \
+    "https://${TOKEN}@github.com/servo/homebrew-servo.git" master \
+    >/dev/null 2>&1
 rm -rf ${TMP_DIR}
diff --git a/etc/ci/upload_docs.sh b/etc/ci/upload_docs.sh
@@ -27,4 +27,6 @@ cp apis.html ../../target/doc/servo/
 cd ../..
 
 ghp-import -n target/doc
-git push -qf "https://${TOKEN}@github.com/servo/doc.servo.org.git" gh-pages
+git push -qf \
+    "https://${TOKEN}@github.com/servo/doc.servo.org.git" gh-pages \
+    >/dev/null 2>&1