fix: hide sensitive info for Buffer and undefined

2018-01-27 18:05:16 -05:00 · 2018-01-27 18:05:16 -05:00 · 8b3605dd04
commit 8b3605dd04
parent cb36dd4890
2 changed files with 13 additions and 8 deletions
--- a/lib/hide-sensitive.js
+++ b/lib/hide-sensitive.js
@ -1,11 +1,8 @@
 const {escapeRegExp} = require('lodash');

-const regexp = new RegExp(
-  Object.keys(process.env)
-    .filter(envVar => /token|password|credential|secret|private/i.test(envVar))
-    .map(envVar => escapeRegExp(process.env[envVar]))
-    .join('|'),
-  'g'
-);
+const toReplace = Object.keys(process.env).filter(envVar => /token|password|credential|secret|private/i.test(envVar));
+const regexp = new RegExp(toReplace.map(envVar => escapeRegExp(process.env[envVar])).join('|'), 'g');

-module.exports = output => output.replace(regexp, '[secure]');
+module.exports = output => {
+  return output && toReplace.length > 0 ? output.toString().replace(regexp, '[secure]') : output;
+};
--- a/test/hide-sensitive.test.js
+++ b/test/hide-sensitive.test.js
@ -32,3 +32,11 @@ test.serial('Escape regexp special characters', t => {
    'https://user:[secure]@host.com'
  );
 });
+
+test.serial('Accept "undefined" input', t => {
+  t.is(require('../lib/hide-sensitive')(), undefined);
+});
+
+test.serial('Return same string if no environment variable has to be replaced', t => {
+  t.is(require('../lib/hide-sensitive')('test'), 'test');
+});