fix(manager/bundler): Escape special characters in bundler usernames (#32229)

Co-authored-by: Rhys Arkins <rhys@arkins.net>

fix(manager/bundler): Escape special characters in bundler usernames (#32229)
6560beda · John Andrews · GitHub · 7aa63f6d · 6560beda · 6560beda
Unverified Commit 6560beda authored 5 months ago by John Andrews Committed by GitHub 5 months ago
--- a/lib/modules/manager/bundler/host-rules.spec.ts
+++ b/lib/modules/manager/bundler/host-rules.spec.ts
@@ -28,6 +28,15 @@ describe('modules/manager/bundler/host-rules', () => {
        }),
      ).toBe('token');
    });
+    it('escapes special characters in the username but not the password', () => {
+      expect(
+        getAuthenticationHeaderValue({
+          username: 'test@example.com',
+          password: 'p@ssword',
+        }),
+      ).toBe('test%40example.com:p@ssword');
+    });
  });
  describe('findAllAuthenticatable()', () => {

--- a/lib/modules/manager/bundler/host-rules.ts
+++ b/lib/modules/manager/bundler/host-rules.ts
@@ -18,8 +18,9 @@ export function findAllAuthenticatable({
 export function getAuthenticationHeaderValue(hostRule: HostRule): string {
  if (hostRule.username) {
+    const username = encodeURIComponent(hostRule.username);
    // TODO: types (#22198)
-    return `${hostRule.username}:${hostRule.password!}`;
+    return `${username}:${hostRule.password!}`;
  }
  // TODO: types (#22198)