diff options
| author | Luke Karrys <luke@lukekarrys.com> | 2021-12-09 01:39:19 +0300 |
|---|---|---|
| committer | nlf <quitlahok@gmail.com> | 2021-12-09 02:28:35 +0300 |
| commit | e605b128c87620aae843cdbd8f35cc614da3f8a2 (patch) | |
| tree | d2b4e8811696a6548a788debd5b31a947a4df6d4 /lib | |
| parent | 9e9a76a21d3b8649b7debfaf0782433cbd8179b3 (diff) | |
fix: redact all private keys from config output
PR-URL: https://github.com/npm/cli/pull/4142
Credit: @lukekarrys
Close: #4142
Reviewed-by: @wraithgar
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/commands/config.js | 14 | ||||
| -rw-r--r-- | lib/utils/exit-handler.js | 1 |
2 files changed, 13 insertions, 2 deletions
diff --git a/lib/commands/config.js b/lib/commands/config.js index eb1d570c6..6553a2662 100644 --- a/lib/commands/config.js +++ b/lib/commands/config.js @@ -28,7 +28,17 @@ const keyValues = args => { return kv } -const publicVar = k => !/^(\/\/[^:]+:)?_/.test(k) +const publicVar = k => { + // _password + if (k.startsWith('_')) { + return false + } + // //localhost:8080/:_password + if (k.startsWith('//') && k.includes(':_')) { + return false + } + return true +} const BaseCommand = require('../base-command.js') class Config extends BaseCommand { @@ -147,7 +157,7 @@ class Config extends BaseCommand { const out = [] for (const key of keys) { if (!publicVar(key)) { - throw `The ${key} option is protected, and cannot be retrieved in this way` + throw new Error(`The ${key} option is protected, and cannot be retrieved in this way`) } const pref = keys.length > 1 ? `${key}=` : '' diff --git a/lib/utils/exit-handler.js b/lib/utils/exit-handler.js index 324346624..22c774101 100644 --- a/lib/utils/exit-handler.js +++ b/lib/utils/exit-handler.js @@ -116,6 +116,7 @@ const exitHandler = err => { exitCode = err.code noLogMessage = true } else if (typeof err === 'string') { + // XXX: we should stop throwing strings log.error('', err) noLogMessage = true } else if (!(err instanceof Error)) { |