supress secret from logs if it appears multiple times (JamesIves#415)

tjenkinson · web-flow · commit 41aadfb60fc5 · 2020-09-12T17:05:57.000-04:00
diff --git a/__tests__/util.test.ts b/__tests__/util.test.ts
@@ -148,9 +148,9 @@ describe('util', () => {
           silent: false
         }
 
-        const string = `This is an error message! It contains ${action.accessToken} and ${action.gitHubToken} and ${action.repositoryPath}`
+        const string = `This is an error message! It contains ${action.accessToken} and ${action.gitHubToken} and ${action.repositoryPath} and ${action.accessToken} again!`
         expect(suppressSensitiveInformation(string, action)).toBe(
-          'This is an error message! It contains *** and *** and ***'
+          'This is an error message! It contains *** and *** and *** and *** again!'
         )
       })
 
diff --git a/src/util.ts b/src/util.ts
@@ -1,6 +1,9 @@
 import {isDebug} from '@actions/core'
 import {ActionInterface} from './constants'
 
+const replaceAll = (input: string, find: string, replace: string): string =>
+  input.split(find).join(replace)
+
 /* Utility function that checks to see if a value is undefined or not. */
 export const isNullOrUndefined = (value: any): boolean =>
   typeof value === 'undefined' || value === null || value === ''
@@ -64,16 +67,14 @@ export const suppressSensitiveInformation = (
     return value
   }
 
-  if (action.accessToken) {
-    value = value.replace(action.accessToken, '***')
-  }
-
-  if (action.gitHubToken) {
-    value = value.replace(action.gitHubToken, '***')
-  }
+  const orderedByLength = ([
+    action.accessToken,
+    action.gitHubToken,
+    action.repositoryPath
+  ].filter(Boolean) as string[]).sort((a, b) => b.length - a.length)
 
-  if (action.repositoryPath) {
-    value = value.replace(action.repositoryPath, '***')
+  for (const find of orderedByLength) {
+    value = replaceAll(value, find, '***')
   }
 
   return value

Original file line number	Diff line number	Diff line change
`@@ -148,9 +148,9 @@ describe('util', () => {`
`148`	`148`	`silent: false`
`149`	`149`	`}`
`150`	`150`
`151`		- const string = `This is an error message! It contains ${action.accessToken} and ${action.gitHubToken} and ${action.repositoryPath}`
	`151`	+ const string = `This is an error message! It contains ${action.accessToken} and ${action.gitHubToken} and ${action.repositoryPath} and ${action.accessToken} again!`
`152`	`152`	`expect(suppressSensitiveInformation(string, action)).toBe(`
`153`		`- 'This is an error message! It contains * and * and ***'`
	`153`	`+ 'This is an error message! It contains * and * and * and * again!'`
`154`	`154`	`)`
`155`	`155`	`})`
`156`	`156`