fix(sponge): guard set -q value[1] before string length to handle unset vars
This commit is contained in:
@@ -89,10 +89,11 @@ function __sponge_register_secret_values --on-event fish_prompt
|
||||
'(?i)(?:TOKEN|PASSWORD|PASSWD|SECRET|API[_-]KEY|PRIVATE[_-]KEY|ACCESS[_-]KEY|AUTH[_-]KEY|CREDENTIAL|KOPIA_PASSWORD)')
|
||||
|
||||
for var in $sensitive_vars
|
||||
# Take only the first element — array vars yield multiple values which
|
||||
# would make `test (string length ...)` receive too many arguments.
|
||||
# Take only the first element — array vars yield multiple values.
|
||||
set -l value $$var[1]
|
||||
# Skip empty, short, or path-like values
|
||||
# If the var is unset or holds an empty list, value has no elements;
|
||||
# set -q catches that before string length receives zero arguments.
|
||||
set -q value[1]; or continue
|
||||
test (string length -- $value) -gt 8; or continue
|
||||
string match --quiet --regex '^[/~]' -- $value; and continue
|
||||
set -a secret_values (string escape --style=regex -- $value)
|
||||
|
||||
@@ -37,8 +37,11 @@ function sponge_filter_secrets --argument-names command
|
||||
for var in $sensitive_vars
|
||||
# Take only the first element — array vars yield multiple values
|
||||
set -l value $$var[1]
|
||||
# Guard before string length: if var is unset, value is an empty list
|
||||
# and string length receives zero arguments, breaking test.
|
||||
set -q value[1]; or continue
|
||||
|
||||
# Skip empty, short, or path-like values — not real credentials
|
||||
# Skip short or path-like values — not real credentials
|
||||
test (string length -- $value) -gt 8; or continue
|
||||
string match --quiet --regex '^[/~]' -- $value; and continue
|
||||
|
||||
|
||||
Reference in New Issue
Block a user