Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sanitize repo URLs to avoid adding access tokens to CLDF data #5

Closed
xrotwang opened this issue Nov 24, 2021 · 0 comments
Closed

Sanitize repo URLs to avoid adding access tokens to CLDF data #5

xrotwang opened this issue Nov 24, 2021 · 0 comments
Assignees
@xrotwang

Comments

@xrotwang
Copy link
Contributor

Here

cldfcatalog/src/cldfcatalog/repository.py

Lines 59 to 74 in 7e7411e

def url(self):
"""
:return: The URL of the remote called `origin` - if it is set, else `None`.
Note: Since computing the remote may require a `git` call, and we assume the origin will
not change, we cache the result.
"""
if self._url is None:
try:
url = self.repo.remotes.origin.url
if url.endswith('.git'):
url = url[:-4]
self._url = url
except AttributeError: # pragma: no cover
pass
return self._url

we should remove any auth credentials to avoid adding sensitive info to CLDF data, e.g. when a repos has been cloned with a URL including auth info.
@xrotwang xrotwang self-assigned this Nov 24, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xrotwang xrotwang

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@xrotwang