Merge pull request #497 from RaphHaddad/issue-378

filtering passwords at logging level issue #378

Author: JakeGinnivan

GitVersionCore.Tests/GitVersionCore.Tests.csproj

@@ -99,6 +99,7 @@
     <Compile Include="Helpers\Constants.cs" />
     <Compile Include="InformationalVersionBuilderTests.cs" />
     <Compile Include="JsonVersionBuilderTests.cs" />
+    <Compile Include="LoggerTest.cs" />
     <Compile Include="Mocks\MockBranch.cs" />
     <Compile Include="Mocks\MockBranchCollection.cs" />
     <Compile Include="Mocks\MockCommit.cs" />
@@ -145,9 +146,7 @@
     <Content Include="FodyWeavers.xml" />
     <Content Include="JsonVersionBuilderTests.Json.approved.txt" />
   </ItemGroup>
-  <ItemGroup>
-    <Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" />
-  </ItemGroup>
+  <ItemGroup />
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <PropertyGroup>
     <PostBuildEvent>

GitVersionCore.Tests/LoggerTest.cs

@@ -0,0 +1,39 @@
+using NUnit.Framework;
+using System;
+using GitVersion;
+namespace GitVersionCore.Tests
+{
+    [TestFixture]
+    public class LoggerTest
+    {
+        [Test]
+        [TestCase("http")]
+        [TestCase("https")]
+        public void LoggerObscuresPassword(string protocol)
+        {
+            const string username = "username%40domain.com";
+            const string password = "password";
+            var s = string.Empty;
+            Action<string> action = info => { s = info; };
+            Logger.SetLoggers(action, action, action);
+
+            Logger.WriteInfo(string.Format("{0}://{1}:{2}@workspace.visualstudio.com/DefaultCollection/_git/CAS",protocol,username,password));
+
+            Assert.IsFalse(s.Contains(password));
+        }
+
+        [Test]
+        public void UsernameWithoutPassword()
+        {
+            var s = string.Empty;
+            Action<string> action = info => { s = info; };
+            Logger.SetLoggers(action, action, action);
+
+            const string repoUrl = "http://[email protected]/DefaultCollection/_git/CAS";
+            Logger.WriteInfo(repoUrl);
+
+            Assert.IsTrue(s.Contains(repoUrl));
+        }
+
+    }
+}

GitVersionCore/Logger.cs

@@ -2,6 +2,7 @@ namespace GitVersion
 {
     using System;
     using System.Globalization;
+    using System.Text.RegularExpressions;
 
     public static class Logger
     {
@@ -28,11 +29,22 @@ public static IDisposable IndentLog(string operationDescription)
             });
         }
 
+        static Action<string> ObscurePassword(Action<string> info)
+        {
+            Action<string> logAction = s =>
+            {
+                var rgx = new Regex("(https?://)(.+)(:.+@)");
+                s = rgx.Replace(s, "$1$2:*******@");
+                info(s);
+            };
+            return logAction;
+        }
+
         public static void SetLoggers(Action<string> info, Action<string> warn, Action<string> error)
         {
-            WriteInfo = LogMessage(info, "INFO");
-            WriteWarning = LogMessage(warn, "WARN");
-            WriteError = LogMessage(error, "ERROR");
+            WriteInfo = LogMessage(ObscurePassword(info), "INFO");
+            WriteWarning = LogMessage(ObscurePassword(warn), "WARN");
+            WriteError = LogMessage(ObscurePassword(error), "ERROR");
         }
 
         static Action<string> LogMessage(Action<string> logAction, string level)