Fix API key leak

[ricardobranco777]

Fix for #187

$ pytest --ro-functional
...
============================================================================== 114 passed in 128.24s (0:02:08) ===============================================================================

[juliogonzalez]

For the record...

With test.py being:

import os
import logging
from bugzilla import Bugzilla
from bugzilla.exceptions import BugzillaError
from requests.exceptions import RequestException

URL = os.getenv("URL", "https://bugzilla.suse.coma")
USER = os.getenv("USER", "test")
API_KEY = "MYAPIKEY"

try:
    client = Bugzilla(URL, force_rest=True, user=USER, api_key=API_KEY)
except (BugzillaError, RequestException) as exc:
    error = exc
    logging.error("%s", exc)

(bugzilla.suse.coma does not exist)

Before

$ python3 test.py 
ERROR:root:HTTPSConnectionPool(host='bugzilla.suse.coma', port=443): Max retries exceeded with url: /rest/version?Bugzilla_api_key=MYAPIKEY (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f54f87912b0>: Failed to establish a new connection: [Errno -2] Name or service not known',))

After

python3 test.py 
ERROR:root:HTTPSConnectionPool(host='bugzilla.suse.coma', port=443): Max retries exceeded with url: /rest/version?Bugzilla_api_key= (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f395ab9a8d0>: Failed to establish a new connection: [Errno -2] Name or service not known',))

[codecov]

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (a890ad0) 100.00% compared to head (95ac3ca) 100.00%.

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #188   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           12        12           
  Lines         2195      2195           
=========================================
  Hits          2195      2195           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[ricardobranco777]

Patch included in openSUSE's python-bugzilla:

https://build.opensuse.org/package/view_file/devel:languages:python/python-bugzilla/188-fix-api-key-leak.diff?expand=1

[crazyscientist]

@ricardobranco777 Thank you, the changes look good to me 👍 Would you care to add a tiny unittest, too?

[crazyscientist]

@crobinso: For the record, pylint does not complain, either:

$ ./setup.py pylint
running pylint
running pycodestyle
running pylint

[crazyscientist]

And RW tests passed, too:

$ pytest --rw-functional
[...]
=== 86 passed in 236.10s (0:03:56) ===

[crobinso]

Thank you for reporting + fixing this!

[ricardobranco777]

This fix didn't make it to the last release.

[crobinso]

@ricardobranco777 there hasn't been a release since this code was committed. (release coming soon hopefully)

However .git currently regressed here due to other changes that happened in the mean time. I sent a PR to fix this again (and add test coverage to be sure) #203