[llvm] Avoid exposing password and token from git repositories (PR #105220)
Tulio Magno Quites Machado Filho via llvm-commits
llvm-commits at lists.llvm.org
Tue Sep 10 06:25:20 PDT 2024
https://github.com/tuliom updated https://github.com/llvm/llvm-project/pull/105220
>From 0b7370329f0dc9da9f89287644c493f3fa4c9c60 Mon Sep 17 00:00:00 2001
From: Tulio Magno Quites Machado Filho <tuliom at redhat.com>
Date: Mon, 5 Aug 2024 14:29:11 -0300
Subject: [PATCH 1/5] Avoid exposing unknown git repositories
Restrict the URL that is exposed to the official LLVM repository at
Github in order to avoid exposing usernames, passwords or even private
URLS unintentionally.
Users willing to expose different Git repositories can continue to do so
by setting LLVM_FORCE_VC_REPOSITORY or CLANG_REPOSITORY_STRING.
---
llvm/cmake/modules/VersionFromVCS.cmake | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/llvm/cmake/modules/VersionFromVCS.cmake b/llvm/cmake/modules/VersionFromVCS.cmake
index 18edbeabe3e4b5..a0068c5f725517 100644
--- a/llvm/cmake/modules/VersionFromVCS.cmake
+++ b/llvm/cmake/modules/VersionFromVCS.cmake
@@ -39,8 +39,14 @@ function(get_source_info path revision repository)
OUTPUT_VARIABLE git_output
ERROR_QUIET)
if(git_result EQUAL 0)
- string(STRIP "${git_output}" git_output)
- set(${repository} ${git_output} PARENT_SCOPE)
+ # Avoid exposing sensitive data, e.g. usernames, passwords and
+ # private URLs.
+ string(FIND "${git_output}" "github.com/llvm/llvm-project" git_upstream)
+ if(git_upstream GREATER_EQUAL 0)
+ set(${repository} "https://github.com/llvm/llvm-project" PARENT_SCOPE)
+ else()
+ set(${repository} "forked repository" PARENT_SCOPE)
+ endif()
else()
set(${repository} ${path} PARENT_SCOPE)
endif()
>From 0d18a3c6515fcee3c785cd5463e9459ed455bdb6 Mon Sep 17 00:00:00 2001
From: Tulio Magno Quites Machado Filho <tuliom at redhat.com>
Date: Thu, 29 Aug 2024 09:28:28 -0300
Subject: [PATCH 2/5] fixup! Avoid exposing unknown git repositories
---
llvm/cmake/modules/VersionFromVCS.cmake | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/llvm/cmake/modules/VersionFromVCS.cmake b/llvm/cmake/modules/VersionFromVCS.cmake
index a0068c5f725517..5320960c41b5e2 100644
--- a/llvm/cmake/modules/VersionFromVCS.cmake
+++ b/llvm/cmake/modules/VersionFromVCS.cmake
@@ -41,11 +41,9 @@ function(get_source_info path revision repository)
if(git_result EQUAL 0)
# Avoid exposing sensitive data, e.g. usernames, passwords and
# private URLs.
- string(FIND "${git_output}" "github.com/llvm/llvm-project" git_upstream)
- if(git_upstream GREATER_EQUAL 0)
+ string(REGEX MATCH "github.com[/:]llvm/llvm-project" git_upstream "${git_output}")
+ if(git_upstream)
set(${repository} "https://github.com/llvm/llvm-project" PARENT_SCOPE)
- else()
- set(${repository} "forked repository" PARENT_SCOPE)
endif()
else()
set(${repository} ${path} PARENT_SCOPE)
>From be6a0441c9e07739b7793d05a462586b42b4245d Mon Sep 17 00:00:00 2001
From: Tulio Magno Quites Machado Filho <tuliom at redhat.com>
Date: Tue, 3 Sep 2024 18:40:18 -0300
Subject: [PATCH 3/5] fixup! Avoid exposing unknown git repositories
---
llvm/cmake/modules/VersionFromVCS.cmake | 29 ++++++++++++++++++++-----
1 file changed, 24 insertions(+), 5 deletions(-)
diff --git a/llvm/cmake/modules/VersionFromVCS.cmake b/llvm/cmake/modules/VersionFromVCS.cmake
index 5320960c41b5e2..1dab5427be8585 100644
--- a/llvm/cmake/modules/VersionFromVCS.cmake
+++ b/llvm/cmake/modules/VersionFromVCS.cmake
@@ -39,12 +39,31 @@ function(get_source_info path revision repository)
OUTPUT_VARIABLE git_output
ERROR_QUIET)
if(git_result EQUAL 0)
- # Avoid exposing sensitive data, e.g. usernames, passwords and
- # private URLs.
- string(REGEX MATCH "github.com[/:]llvm/llvm-project" git_upstream "${git_output}")
- if(git_upstream)
- set(${repository} "https://github.com/llvm/llvm-project" PARENT_SCOPE)
+ # Passwords or tokens should not be stored in the remote URL at the
+ # risk of being leaked. In case we find one, error out and teach the
+ # user the best practices.
+ string(REGEX MATCH "https?://[^/]*:[^/]*@.*"
+ http_password "${git_output}")
+ if(http_password)
+ message(SEND_ERROR "The remote URL has an embedded password. \
+Remove the password from the URL or use \
+`-DLLVM_FORCE_VC_REPOSITORY=<URL without password>` in order to avoid \
+leaking your password.")
endif()
+ # Github token formats are described at:
+ # https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github#githubs-token-formats
+ string(REGEX MATCH
+ "https?://(gh[pousr]|github_pat)_[^/]+ at github.com.*"
+ github_token "${git_output}")
+ if(github_token)
+ message(SEND_ERROR "The remote URL has an embedded Github Token. \
+Remove the token from the URL or use \
+`-DLLVM_FORCE_VC_REPOSITORY=<URL without token>` in order to avoid leaking \
+your token.")
+ endif()
+
+ string(STRIP "${git_output}" git_output)
+ set(${repository} ${git_output} PARENT_SCOPE)
else()
set(${repository} ${path} PARENT_SCOPE)
endif()
>From 20d6fe3805d30cb8077a042887430aea8b0af69c Mon Sep 17 00:00:00 2001
From: Tulio Magno Quites Machado Filho <tuliom at redhat.com>
Date: Wed, 4 Sep 2024 17:59:13 -0300
Subject: [PATCH 4/5] fixup! Avoid exposing unknown git repositories
---
llvm/cmake/modules/VersionFromVCS.cmake | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/llvm/cmake/modules/VersionFromVCS.cmake b/llvm/cmake/modules/VersionFromVCS.cmake
index 1dab5427be8585..f44d078875e07d 100644
--- a/llvm/cmake/modules/VersionFromVCS.cmake
+++ b/llvm/cmake/modules/VersionFromVCS.cmake
@@ -45,10 +45,11 @@ function(get_source_info path revision repository)
string(REGEX MATCH "https?://[^/]*:[^/]*@.*"
http_password "${git_output}")
if(http_password)
- message(SEND_ERROR "The remote URL has an embedded password. \
-Remove the password from the URL or use \
+ message(SEND_ERROR "The git remote repository URL has an embedded \
+password. Remove the password from the URL or use \
`-DLLVM_FORCE_VC_REPOSITORY=<URL without password>` in order to avoid \
-leaking your password.")
+leaking your password (see https://git-scm.com/docs/gitcredentials for \
+alternatives).")
endif()
# Github token formats are described at:
# https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github#githubs-token-formats
@@ -56,10 +57,10 @@ leaking your password.")
"https?://(gh[pousr]|github_pat)_[^/]+ at github.com.*"
github_token "${git_output}")
if(github_token)
- message(SEND_ERROR "The remote URL has an embedded Github Token. \
-Remove the token from the URL or use \
+ message(SEND_ERROR "The git remote repository URL has an embedded \
+Github Token. Remove the token from the URL or use \
`-DLLVM_FORCE_VC_REPOSITORY=<URL without token>` in order to avoid leaking \
-your token.")
+your token (see https://git-scm.com/docs/gitcredentials for alternatives).")
endif()
string(STRIP "${git_output}" git_output)
>From 0de9f98955a5e29f1bad398b3c56516bf443582e Mon Sep 17 00:00:00 2001
From: Tulio Magno Quites Machado Filho <tuliom at redhat.com>
Date: Tue, 10 Sep 2024 10:15:32 -0300
Subject: [PATCH 5/5] fixup! Avoid exposing unknown git repositories
---
llvm/cmake/modules/VersionFromVCS.cmake | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/llvm/cmake/modules/VersionFromVCS.cmake b/llvm/cmake/modules/VersionFromVCS.cmake
index f44d078875e07d..da42781d2ae39e 100644
--- a/llvm/cmake/modules/VersionFromVCS.cmake
+++ b/llvm/cmake/modules/VersionFromVCS.cmake
@@ -51,14 +51,14 @@ password. Remove the password from the URL or use \
leaking your password (see https://git-scm.com/docs/gitcredentials for \
alternatives).")
endif()
- # Github token formats are described at:
+ # GitHub token formats are described at:
# https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github#githubs-token-formats
string(REGEX MATCH
"https?://(gh[pousr]|github_pat)_[^/]+ at github.com.*"
github_token "${git_output}")
if(github_token)
message(SEND_ERROR "The git remote repository URL has an embedded \
-Github Token. Remove the token from the URL or use \
+GitHub Token. Remove the token from the URL or use \
`-DLLVM_FORCE_VC_REPOSITORY=<URL without token>` in order to avoid leaking \
your token (see https://git-scm.com/docs/gitcredentials for alternatives).")
endif()
More information about the llvm-commits
mailing list