From 8911146d3f0577bedc36111fa4ebf4c049be281f Mon Sep 17 00:00:00 2001 From: rootiest Date: Mon, 8 Jun 2026 22:26:00 -0400 Subject: [PATCH] fix(sponge): guard set -q value[1] before string length to handle unset vars --- conf.d/sponge_privacy.fish | 7 ++++--- functions/sponge_filter_secrets.fish | 5 ++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/conf.d/sponge_privacy.fish b/conf.d/sponge_privacy.fish index f57da80..e3929f4 100644 --- a/conf.d/sponge_privacy.fish +++ b/conf.d/sponge_privacy.fish @@ -89,10 +89,11 @@ function __sponge_register_secret_values --on-event fish_prompt '(?i)(?:TOKEN|PASSWORD|PASSWD|SECRET|API[_-]KEY|PRIVATE[_-]KEY|ACCESS[_-]KEY|AUTH[_-]KEY|CREDENTIAL|KOPIA_PASSWORD)') for var in $sensitive_vars - # Take only the first element — array vars yield multiple values which - # would make `test (string length ...)` receive too many arguments. + # Take only the first element — array vars yield multiple values. set -l value $$var[1] - # Skip empty, short, or path-like values + # If the var is unset or holds an empty list, value has no elements; + # set -q catches that before string length receives zero arguments. + set -q value[1]; or continue test (string length -- $value) -gt 8; or continue string match --quiet --regex '^[/~]' -- $value; and continue set -a secret_values (string escape --style=regex -- $value) diff --git a/functions/sponge_filter_secrets.fish b/functions/sponge_filter_secrets.fish index fd4d171..66ffa76 100644 --- a/functions/sponge_filter_secrets.fish +++ b/functions/sponge_filter_secrets.fish @@ -37,8 +37,11 @@ function sponge_filter_secrets --argument-names command for var in $sensitive_vars # Take only the first element — array vars yield multiple values set -l value $$var[1] + # Guard before string length: if var is unset, value is an empty list + # and string length receives zero arguments, breaking test. + set -q value[1]; or continue - # Skip empty, short, or path-like values — not real credentials + # Skip short or path-like values — not real credentials test (string length -- $value) -gt 8; or continue string match --quiet --regex '^[/~]' -- $value; and continue