The Trace2 output can contain secrets when a user issues a Git command with sensitive information in the command-line. A typical (if highly discouraged) example is: git clone https://user:password@xxxxxxxx/. With this PR, the Trace2 output redacts passwords in such URLs by default. This series also includes a commit to temporarily disable leak checking on t0210,t0211 because the tests uncover other unrelated bugs in Git. These patches were integrated into Microsoft's fork of Git, as https://github.com/microsoft/git/pull/616, and have been cooking there ever since. Jeff Hostetler (3): trace2: fix signature of trace2_def_param() macro t0211: test URL redacting in PERF format t0212: test URL redacting in EVENT format Johannes Schindelin (1): trace2: redact passwords from https:// URLs by default t/helper/test-trace2.c | 55 ++++++++++++++++++ t/t0210-trace2-normal.sh | 20 ++++++- t/t0211-trace2-perf.sh | 21 ++++++- t/t0212-trace2-event.sh | 40 +++++++++++++ trace2.c | 120 ++++++++++++++++++++++++++++++++++++++- trace2.h | 4 +- 6 files changed, 253 insertions(+), 7 deletions(-) base-commit: 564d0252ca632e0264ed670534a51d18a689ef5d Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-1616%2Fdscho%2Ftrace2-redact-credentials-in-https-urls-v1 Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-1616/dscho/trace2-redact-credentials-in-https-urls-v1 Pull-Request: https://github.com/gitgitgadget/git/pull/1616 -- gitgitgadget
