go-gitea · zeripath · Mar 27, 2022 · Mar 26, 2022 · Mar 26, 2022 · Mar 26, 2022
diff --git a/modules/git/command.go b/modules/git/command.go
@@ -17,6 +17,7 @@ import (
 
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/process"
+	"code.gitea.io/gitea/modules/util"
 )
 
 var (
@@ -140,7 +141,21 @@ func (c *Command) RunWithContext(rc *RunContext) error {
 
 	desc := c.desc
 	if desc == "" {
-		desc = fmt.Sprintf("%s %s [repo_path: %s]", c.name, strings.Join(c.args, " "), rc.Dir)
+		args := c.args
+		var argSensitiveURLIndexes []int
+		for i, arg := range c.args {
+			if strings.Index(arg, "://") != -1 && strings.IndexByte(arg, '@') != -1 {
+				argSensitiveURLIndexes = append(argSensitiveURLIndexes, i)
+			}
+		}
+		if len(argSensitiveURLIndexes) > 0 {
+			args = make([]string, len(c.args))
+			copy(args, c.args)
+			for _, urlArgIndex := range argSensitiveURLIndexes {
+				args[urlArgIndex] = util.NewStringURLSanitizer(args[urlArgIndex], true).Replace(args[urlArgIndex])
+			}
+		}
+		desc = fmt.Sprintf("%s %s [repo_path: %s]", c.name, strings.Join(args, " "), rc.Dir)
 	}
 
 	ctx, cancel, finished := process.GetManager().AddContextTimeout(c.parentContext, rc.Timeout, desc)

diff --git a/modules/git/repo.go b/modules/git/repo.go
@@ -19,6 +19,7 @@ import (
 	"time"
 
 	"code.gitea.io/gitea/modules/proxy"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // GPGSettings represents the default GPG settings for this repository
@@ -152,7 +153,8 @@ func CloneWithArgs(ctx context.Context, from, to string, args []string, opts Clo
 	if len(opts.Branch) > 0 {
 		cmd.AddArguments("-b", opts.Branch)
 	}
-	cmd.AddArguments("--", from, to)
+	cmd.AddArguments("--", from, to).
+		SetDescription(fmt.Sprintf("clone from %s to %s", util.NewStringURLSanitizer(from, true).Replace(from), to))
 
 	if opts.Timeout <= 0 {
 		opts.Timeout = -1
@@ -201,6 +203,8 @@ func Push(ctx context.Context, repoPath string, opts PushOptions) error {
 	if len(opts.Branch) > 0 {
 		cmd.AddArguments(opts.Branch)
 	}
+	cmd.SetDescription(fmt.Sprintf("push %s to %s", repoPath, util.NewStringURLSanitizer(opts.Remote, true).Replace(opts.Remote)))
+
 	var outbuf, errbuf strings.Builder
 
 	if opts.Timeout == 0 {

diff --git a/services/mirror/mirror_pull.go b/services/mirror/mirror_pull.go
@@ -38,7 +38,9 @@ func UpdateAddress(ctx context.Context, m *repo_model.Mirror, addr string) error
 		return err
 	}
 
-	_, err = git.NewCommand(ctx, "remote", "add", remoteName, "--mirror=fetch", addr).RunInDir(repoPath)
+	cmd := git.NewCommand(ctx, "remote", "add", remoteName, "--mirror=fetch", addr)
+	cmd.SetDescription(fmt.Sprintf("add fetch remote %s to %s", util.NewStringURLSanitizer(addr, true).Replace(addr), repoPath))
+	_, err = cmd.RunInDir(repoPath)
 	if err != nil && !strings.HasPrefix(err.Error(), "exit status 128 - fatal: No such remote ") {
 		return err
 	}
@@ -52,7 +54,9 @@ func UpdateAddress(ctx context.Context, m *repo_model.Mirror, addr string) error
 			return err
 		}
 
-		_, err = git.NewCommand(ctx, "remote", "add", remoteName, "--mirror=fetch", wikiRemotePath).RunInDir(wikiPath)
+		cmd = git.NewCommand(ctx, "remote", "add", remoteName, "--mirror=fetch", wikiRemotePath)
+		cmd.SetDescription(fmt.Sprintf("add fetch remote %s to %s", util.NewStringURLSanitizer(wikiRemotePath, true).Replace(wikiRemotePath), wikiPath))
+		_, err = cmd.RunInDir(wikiPath)
 		if err != nil && !strings.HasPrefix(err.Error(), "exit status 128 - fatal: No such remote ") {
 			return err
 		}

diff --git a/services/mirror/mirror_push.go b/services/mirror/mirror_push.go
@@ -28,7 +28,9 @@ var stripExitStatus = regexp.MustCompile(`exit status \d+ - `)
 // AddPushMirrorRemote registers the push mirror remote.
 func AddPushMirrorRemote(ctx context.Context, m *repo_model.PushMirror, addr string) error {
 	addRemoteAndConfig := func(addr, path string) error {
-		if _, err := git.NewCommand(ctx, "remote", "add", "--mirror=push", m.RemoteName, addr).RunInDir(path); err != nil {
+		cmd := git.NewCommand(ctx, "remote", "add", "--mirror=push", m.RemoteName, addr)
+		cmd.SetDescription(fmt.Sprintf("add push remote %s to %s", util.NewStringURLSanitizer(addr, true).Replace(addr), path))
+		if _, err := cmd.RunInDir(path); err != nil {
 			return err
 		}
 		if _, err := git.NewCommand(ctx, "config", "--add", "remote."+m.RemoteName+".push", "+refs/heads/*:refs/heads/*").RunInDir(path); err != nil {