fix: hide sensitive info for Buffer and undefined

lib/hide-sensitive.js

@@ -1,11 +1,8 @@
 const {escapeRegExp} = require('lodash');
 
-const regexp = new RegExp(
+const toReplace = Object.keys(process.env).filter(envVar => /token|password|credential|secret|private/i.test(envVar));
-  Object.keys(process.env)
+const regexp = new RegExp(toReplace.map(envVar => escapeRegExp(process.env[envVar])).join('|'), 'g');
-    .filter(envVar => /token|password|credential|secret|private/i.test(envVar))
-    .map(envVar => escapeRegExp(process.env[envVar]))
-    .join('|'),
-  'g'
-);
 
-module.exports = output => output.replace(regexp, '[secure]');
+module.exports = output => {
+  return output && toReplace.length > 0 ? output.toString().replace(regexp, '[secure]') : output;
+};

test/hide-sensitive.test.js

@@ -32,3 +32,11 @@ test.serial('Escape regexp special characters', t => {
     'https://user:[secure]@host.com'
   );
 });
+
+test.serial('Accept "undefined" input', t => {
+  t.is(require('../lib/hide-sensitive')(), undefined);
+});
+
+test.serial('Return same string if no environment variable has to be replaced', t => {
+  t.is(require('../lib/hide-sensitive')('test'), 'test');
+});