[llvm] Avoid exposing password and token from git repositories (PR #105220)
Tulio Magno Quites Machado Filho via llvm-commits
llvm-commits at lists.llvm.org
Wed Sep 4 14:00:14 PDT 2024
================
@@ -39,6 +39,29 @@ function(get_source_info path revision repository)
OUTPUT_VARIABLE git_output
ERROR_QUIET)
if(git_result EQUAL 0)
+ # Passwords or tokens should not be stored in the remote URL at the
+ # risk of being leaked. In case we find one, error out and teach the
+ # user the best practices.
+ string(REGEX MATCH "https?://[^/]*:[^/]*@.*"
+ http_password "${git_output}")
+ if(http_password)
+ message(SEND_ERROR "The remote URL has an embedded password. \
----------------
tuliom wrote:
Great suggestions! I integrated them in my latest update.
Thanks!
https://github.com/llvm/llvm-project/pull/105220
More information about the llvm-commits
mailing list