[spark] branch branch-3.0 updated: [SPARK-34327][BUILD] Strip passwords from inlining into build information while releasing

Tue, 02 Feb 2021 22:04:08 -0800 

This is an automated email from the ASF dual-hosted git repository.

gurwls223 pushed a commit to branch branch-3.0
in repository https://gitbox.apache.org/repos/asf/spark.git


The following commit(s) were added to refs/heads/branch-3.0 by this push:
     new 602caba  [SPARK-34327][BUILD] Strip passwords from inlining into build 
information while releasing
602caba is described below

commit 602caba35c0d370a925e20fd43b68e9259e71d21
Author: Prashant Sharma <prash...@in.ibm.com>
AuthorDate: Wed Feb 3 15:02:35 2021 +0900

    [SPARK-34327][BUILD] Strip passwords from inlining into build information 
while releasing
    
    ### What changes were proposed in this pull request?
    
    Strip passwords from getting inlined into build information, inadvertently.
    
    ` https://user:passdomain/foo -> https://domain/foo`
    
    ### Why are the changes needed?
    This can be a serious security issue, esp. during a release.
    
    ### Does this PR introduce _any_ user-facing change?
    
    No.
    
    ### How was this patch tested?
    
    Tested by executing the following command on both Mac OSX and Ubuntu.
    
    ```
    echo url=$(git config --get remote.origin.url |  sed 
's|https://\(.*\)\(.*\)|https://\2|')
    ```
    
    Closes #31436 from ScrapCodes/strip_pass.
    
    Authored-by: Prashant Sharma <prash...@in.ibm.com>
    Signed-off-by: HyukjinKwon <gurwls...@apache.org>
    (cherry picked from commit 89bf2afb3337a44f34009a36cae16dd0ff86b353)
    Signed-off-by: HyukjinKwon <gurwls...@apache.org>
---
 build/spark-build-info | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/spark-build-info b/build/spark-build-info
index ad0ec67..eb0e3d7 100755
--- a/build/spark-build-info
+++ b/build/spark-build-info
@@ -32,7 +32,7 @@ echo_build_properties() {
   echo revision=$(git rev-parse HEAD)
   echo branch=$(git rev-parse --abbrev-ref HEAD)
   echo date=$(date -u +%Y-%m-%dT%H:%M:%SZ)
-  echo url=$(git config --get remote.origin.url)
+  echo url=$(git config --get remote.origin.url |  sed 
's|https://\(.*\)@\(.*\)|https://\2|')
 }
 
 echo_build_properties $2 > "$SPARK_BUILD_INFO"


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org
For additional commands, e-mail: commits-h...@spark.apache.org

Reply via email to