Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(#1310) List remembered arguments #2619

Merged
merged 2 commits into from
May 20, 2024
Merged

(#1310) List remembered arguments #2619

merged 2 commits into from
May 20, 2024

Conversation

TheCakeIsNaOH
Copy link
Member

@TheCakeIsNaOH TheCakeIsNaOH commented Mar 6, 2022
edited by gep13
Loading

Description Of Changes

This adds the listing of remembered arguments to the list/info commands
It only grabs the arguments when --local-only is specified, then
decrypts and outputs them. Requires --verbose to be listed on the
command line.

Motivation and Context

If useRememberedArgumentsForUpgrades is enabled, it is useful to know what argument are remembered.

Testing

  1. Install some packages, like .\choco install iperf2 --pre --ia="argument" --params="/param" and .\choco install wget --params="/param"
  2. Run .\choco.exe list --verbose and check that the remembered arguments are listed.
  3. Run .\choco.exe info iperf2 --local-only and check that the remembered arguments are listed.
  4. Run .\choco.exe info iperf2 and check that the remembered argument are NOT listed.

Change Types Made

  • Bug fix (non-breaking change)
  • Feature / Enhancement (non-breaking change)
  • Breaking change (fix or feature that could cause existing functionality to change)

Related Issue

Fixes #1310

Change Checklist

  • Requires a change to the documentation
  • Documentation has been updated
  • Tests to cover my changes, have been added
  • All new and existing tests passed.
  • N/A PowerShell v2 compatibility checked.

@coveralls
Copy link

coveralls commented Jun 27, 2022
edited
Loading

Coverage Status

Coverage remained the same at 27.576% when pulling 0383498 on TheCakeIsNaOH:list-args into 3892cfb on chocolatey:develop.

@TheCakeIsNaOH TheCakeIsNaOH force-pushed the list-args branch 2 times, most recently from bca15cd to 1c34d84 Compare January 13, 2023 15:25
@TheCakeIsNaOH TheCakeIsNaOH marked this pull request as draft January 27, 2023 22:31
@TheCakeIsNaOH TheCakeIsNaOH marked this pull request as ready for review January 28, 2023 04:20
@TheCakeIsNaOH TheCakeIsNaOH force-pushed the list-args branch 2 times, most recently from 039142a to b496b9a Compare January 28, 2023 05:03
@TheCakeIsNaOH TheCakeIsNaOH force-pushed the list-args branch 2 times, most recently from 2b57f32 to 5cafc54 Compare June 16, 2023 00:10
@pauby
Copy link
Member

pauby commented Aug 26, 2023

This looks very useful, kinda sucks it's been in limbo for over a year now.

It's not in limbo. We're not at a stage where we want to bring it into a release.

@gep13
Copy link
Member

gep13 commented Dec 14, 2023

Similar to comment elsewhere, as long as this doesn't include sensitive arguments, then we are all good.

@TheCakeIsNaOH
Copy link
Member Author

Similar to comment elsewhere, as long as this doesn't include sensitive arguments, then we are all good.

To my understanding, the sensitive arguments are not stored in the .arguments file, so I don't think that is a concern, as these arguments would be coming only from that file.

TheCakeIsNaOH and others added 2 commits May 20, 2024 05:00
@TheCakeIsNaOH @gep13
(chocolatey#1310) List remembered arguments
b1b1237 
This adds the listing of remembered arguments to the list/info commands
It only grabs the arguments when --local-only is specified, then
decrypts and outputs them. Requires --verbose to be listed on the
command line.
@gep13
(chocolatey#1310) Ensure sensitive arguments are redacted
6595cf0 
This commit makes sure that no potentially sensitive arguments are
displayed to the end user. This makes use of the same code that is
currently being used in Chocolatey GUI, for providing the same function.
Now that this code exists in Chocolatey CLI, at some point in the
future, Chocolatey GUI can be updated to use it, rather than maintaining
the code in two places.

This new code makes use of the existing SensitiveArgumentsProvided method
to establish whether the argument is deemed as sensitive, and if it is,
"[REDACTED ARGUMENT]" is output, rather than the value itself.

This new function has been created as a static method, so that it can
be used easily in the Chocolatey GUI codebase.
gep13
gep13 approved these changes May 20, 2024
View reviewed changes
Copy link
Member

@gep13 gep13 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@gep13
Copy link
Member

gep13 commented May 20, 2024

@TheCakeIsNaOH thanks again for raising this PR!

I have taken the liberty of making another commit into the PR, which adds in the ability to redact arguments that contain sensitive information. This is essentially a carbon copy of the code that already exists in Chocolatey GUI for doing the same thing.

Now that the code is going to exist in Chocolatey CLI, the Chocolatey GUI code can be updated to make use of it at some point, that way, we don't have to maintain the code in the same place.

This new code was reviewed in a pairing session with @AdmiringWorm so going to move forward with the merge once the CI builds are complete.

Example output, showing redacted arguments:

image

@gep13
Copy link
Member

gep13 commented May 20, 2024

That failing Docker build here is as a result of a NuGet Restore problem, and nothing to do with the changes in this PR, as such, moving forward with the merge.

@gep13 gep13 merged commit b07f005 into chocolatey:develop May 20, 2024
4 of 5 checks passed
@TheCakeIsNaOH TheCakeIsNaOH deleted the list-args branch May 20, 2024 15:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gep13 gep13 gep13 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Show remembered arguments for packages
4 participants
@TheCakeIsNaOH @coveralls @pauby @gep13