From 90833e2eca55bf00c6e066fb3078a368bf202d4b Mon Sep 17 00:00:00 2001
From: tk103331 <tk103331@126.com>
Date: Tue, 5 Mar 2024 19:00:23 +0800
Subject: [PATCH] fix: remove user info from repository url

---
 pkg/inventory/source/source.go      | 15 +++++++++++-
 pkg/inventory/source/source_test.go | 36 +++++++++++++++++++++++++++++
 2 files changed, 50 insertions(+), 1 deletion(-)
 create mode 100644 pkg/inventory/source/source_test.go

diff --git a/pkg/inventory/source/source.go b/pkg/inventory/source/source.go
index 8749731..44d8db0 100644
--- a/pkg/inventory/source/source.go
+++ b/pkg/inventory/source/source.go
@@ -11,6 +11,7 @@
 package source
 
 import (
+	"net/url"
 	"path/filepath"
 	"time"
 
@@ -62,7 +63,7 @@ func repoInfo(projectPath string, source *model.Source) {
 		conf, err := repo.Config()
 		if err == nil {
 			if remote, ok := conf.Remotes["origin"]; ok {
-				source.Repository = remote.URLs[0]
+				source.Repository = normalizeHttpUrl(remote.URLs[0])
 			}
 		}
 		ref, err := repo.Head()
@@ -76,3 +77,15 @@ func repoInfo(projectPath string, source *model.Source) {
 		}
 	}
 }
+
+func normalizeHttpUrl(rawUrl string) string {
+	if rawUrl == "" {
+		return ""
+	}
+	parsedUrl, err := url.Parse(rawUrl)
+	if err != nil {
+		return ""
+	}
+	parsedUrl.User = nil
+	return parsedUrl.String()
+}
diff --git a/pkg/inventory/source/source_test.go b/pkg/inventory/source/source_test.go
new file mode 100644
index 0000000..0d6c925
--- /dev/null
+++ b/pkg/inventory/source/source_test.go
@@ -0,0 +1,36 @@
+package source
+
+import (
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func TestRepoUrl(t *testing.T) {
+
+}
+func TestNormalizeRepoUrl(t *testing.T) {
+
+	tests := []struct {
+		name   string
+		input  string
+		expect string
+	}{
+		{
+			name:   "normal",
+			input:  "https://gitee.com/JD-opensource/sbom-tool.git",
+			expect: "https://gitee.com/JD-opensource/sbom-tool.git",
+		},
+		{
+			name:   "with-user",
+			input:  "https://user:pswd@gitee.com/JD-opensource/sbom-tool.git",
+			expect: "https://gitee.com/JD-opensource/sbom-tool.git",
+		},
+	}
+
+	for i := 0; i < len(tests); i++ {
+		test := tests[i]
+		t.Run(test.name, func(tt *testing.T) {
+			assert.Equal(t, test.expect, normalizeHttpUrl(test.input))
+		})
+	}
+}
-- 
Gitee