do not write plain password in protodep config

logger/logger.go

@@ -2,6 +2,7 @@ package logger
 
 import (
 	"fmt"
+	"strings"
 	"time"
 
 	"github.com/briandowns/spinner"
@@ -25,6 +26,19 @@ func (s *spinnerWrapper) Finish() {
 	fmt.Print("\n")
 }
 
+func CensorHttpsPassword(url string) string {
+	path := strings.Split(url, "@")
+
+	if len(path) == 1 {
+		return url
+	}
+	cred := strings.Split(path[0], ":")
+	cred[2] = "xxxxxx"
+	compCred := strings.Join(cred, ":")
+
+	return compCred + "@" + path[1]
+}
+
 func InfoWithSpinner(format string, a ...interface{}) *spinnerWrapper {
 	s := spinner.New(spinner.CharSets[38], 100*time.Millisecond) // Build our new spinner
 	txt := color.GreenString("[INFO] "+format, a...)

protodep.lock

@@ -0,0 +1,20 @@
+proto_outdir = "./proto"
+
+[[dependencies]]
+  target = "github.com/protocolbuffers/protobuf"
+  revision = "36cd11a2bf3593427a54ccca3254351dd577be48"
+  branch = "master"
+  path = ""
+
+[[dependencies]]
+  target = "github.com/grpc-ecosystem/grpc-gateway"
+  revision = "e6f18d33a7b3bfa5b94f3d5fb513252184ce2d90"
+  branch = ""
+  path = "grpc-gateway/examplepb"
+
+[[dependencies]]
+  target = "github.com/kubernetes/helm"
+  revision = "3bd6e9fcf0de8827fa949c9440dd341bf548fc23"
+  branch = ""
+  path = ""
+  ignores = ["./release", "./rudder", "./services", "./version"]

repository/git.go

@@ -44,9 +44,10 @@ func (r *GitHubRepository) fetchRepository(repopath string) (*git.Repository, er
 	var rep *git.Repository
 
 	if stat, err := os.Stat(repopath); err == nil && stat.IsDir() {
-		spinner := logger.InfoWithSpinner("Getting in existing dir %s ", reponame)
+		spinner := logger.InfoWithSpinner("Getting in existing dir %s ", logger.CensorHttpsPassword(reponame))
 
 		rep, err = git.PlainOpen(repopath)
+
 		if err != nil {
 			return nil, errors.Wrap(err, "open repository is failed")
 		}
@@ -64,7 +65,7 @@ func (r *GitHubRepository) fetchRepository(repopath string) (*git.Repository, er
 		spinner.Finish()
 
 	} else {
-		spinner := logger.InfoWithSpinner("Getting new Repo %s ", reponame)
+		spinner := logger.InfoWithSpinner("Getting new Repo %s ", logger.CensorHttpsPassword(reponame))
 		rep, err = git.PlainClone(repopath, false, &git.CloneOptions{
 			Auth: r.authProvider.AuthMethod(),
 			URL:  r.authProvider.GetRepositoryURL(reponame),
@@ -115,7 +116,7 @@ func (r *GitHubRepository) Open() (*OpenedRepository, error) {
 	}
 
 	reponame := r.dep.Repository()
-	repopath := filepath.Join(r.protodepDir, reponame)
+	repopath := filepath.Join(r.protodepDir, logger.CensorHttpsPassword(reponame))
 
 	rep, err := r.fetchRepository(repopath)
 	if err != nil {

service/sync.go

@@ -113,7 +113,7 @@ func (s *SyncImpl) getAuthProvider(rewrittenGitRepo string, repoURL *url.URL, de
 
 		dep.Target = rewrittenGitRepo + repoURL.Path
 
-		logger.Info("... rewriting to '%s'", dep.Target)
+		logger.Info("... rewriting to '%s'", logger.CensorHttpsPassword(dep.Target))
 
 		if rewrittenGitRepoURL.Scheme == "ssh" {
 			authProvider = s.authProviderSSH
@@ -140,7 +140,7 @@ func (s *SyncImpl) getNewDeps(protodep *dependency.ProtoDep, outdir string) (*[]
 
 		depRepoURL, err := url.Parse("https://" + dep.Target)
 		if err != nil {
-			logger.Error("failed to parse dep Target '%s'", dep.Target)
+			logger.Error("failed to parse dep Target '%s'", logger.CensorHttpsPassword(dep.Target))
 			return nil, err
 		}
 
@@ -174,7 +174,7 @@ func (s *SyncImpl) getNewDeps(protodep *dependency.ProtoDep, outdir string) (*[]
 			}
 		}
 
-		logger.Info("using %v as authentication for repo %s", reflect.TypeOf(authProvider), dep.Target)
+		logger.Info("using %v as authentication for repo %s", reflect.TypeOf(authProvider), logger.CensorHttpsPassword(dep.Target))
 		gitRepo := repository.NewGitRepository(protoDepCachePath, dep, authProvider)
 
 		repo, err := gitRepo.Open()
@@ -186,7 +186,6 @@ func (s *SyncImpl) getNewDeps(protodep *dependency.ProtoDep, outdir string) (*[]
 
 		for _, s := range sources {
 			outpath := filepath.Join(outdir, dep.Path, s.relativeDest)
-
 			content, err := ioutil.ReadFile(s.source)
 			if err != nil {
 				return nil, err