Skip to content
Snippets Groups Projects
Commit a6094049 authored by Rhys Arkins's avatar Rhys Arkins
Browse files

fix: log redacted auth details if npm lookup fails

parent 8ca30e5b
Branches
Tags
No related merge requests found
......@@ -31,6 +31,16 @@ function resetCache() {
resetMemCache();
}
function maskToken(token) {
// istanbul ignore if
if (!token) {
return token;
}
return `${token.substring(0, 2)}${new Array(token.length - 3).join(
'*'
)}${token.slice(-2)}`;
}
function setNpmrc(input, exposeEnv = false) {
logger.debug('setNpmrc()');
if (input) {
......@@ -39,10 +49,7 @@ function setNpmrc(input, exposeEnv = false) {
// istanbul ignore if
if (npmrc && npmrc[tokenKey]) {
const token = npmrc[tokenKey];
const maskedToken = `${token.substring(0, 2)}${new Array(
token.length - 3
).join('*')}${token.slice(-2)}`;
logger.debug(`Setting authToken to ${maskedToken}`);
logger.debug(`Setting authToken to ${maskToken(token)}`);
}
if (!exposeEnv) {
return;
......@@ -150,7 +157,14 @@ async function getDependency(name, retries = 5) {
} catch (err) {
if (err.statusCode === 401 || err.statusCode === 403) {
logger.info(
{ err, statusCode: err.statusCode, name },
{
pkgUrl,
authInfoType: authInfo ? authInfo.type : undefined,
authInfoToken: authInfo ? maskToken(authInfo.token) : undefined,
err,
statusCode: err.statusCode,
name,
},
`Dependency lookup failure: unauthorized`
);
return null;
......
......@@ -187,6 +187,7 @@ describe('api/npm', () => {
expect(res).toMatchSnapshot();
});
it('should cache package info from npm', async () => {
npm.setNpmrc('//registry.npmjs.org/:_authToken=abcdefghijklmnopqrstuvwxyz');
nock('https://registry.npmjs.org')
.get('/foobar')
.reply(200, npmResponse);
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment