Refactor query parameter redaction by zanieb · Pull Request #19218 · astral-sh/uv

zanieb · 2026-04-29T19:14:44Z

Small follow-up to #19146 which I was looking into independently as a follow-up from the Codex security patch at zaniebot#19

zanieb · 2026-04-29T19:28:29Z

   Snapshot: unsupported_git_scheme
    Source: crates/uv/tests/it/sync.rs:12039
    ────────────────────────────────────────────────────────────────────────────────
    Expression: snapshot
    ────────────────────────────────────────────────────────────────────────────────
    -old snapshot
    +new results
    ────────────┬───────────────────────────────────────────────────────────────────
        6     6 │ Using CPython 3.12.[X] interpreter at: [PYTHON-3.12]
        7     7 │ Creating virtual environment at: .venv
        8     8 │   × Failed to build `foo @ file://[TEMP_DIR]/`
        9     9 │   ├─▶ Failed to parse entry: `foo`
       10       │-  ╰─▶ Unsupported Git URL scheme `c:` in `c:/home/ferris/projects/foo` (expected one of `https:`, `ssh:`, or `file:`)
             10 │+  ╰─▶ Unsupported Git URL scheme `c:` in `c:///home/ferris/projects/foo` (expected one of `https:`, `ssh:`, or `file:`)
    ────────────┴───────────────────────────────────────────────────────────────────
    To update snapshots run `cargo insta review`
    Stopped on the first failure. Run `cargo insta test` to run all snapshots.
    test sync::unsupported_git_scheme ... FAILED

That's annoying. Will look into that.

codspeed-hq · 2026-04-29T19:32:36Z

Merging this PR will not alter performance

✅ 5 untouched benchmarks

_{Comparing zb/refactor-query-redaction (fa72e7c) with main (530790e)}

zanieb · 2026-04-29T21:19:26Z

+    write!(f, "{}:", url.scheme())?;

-    write!(f, "{}://", url.scheme())?;
+    if url.has_authority() {


This "has authority" case was the fix for a regressed snapshot where an invalid c:\... target was displayed.

zanieb · 2026-04-29T21:19:49Z

+        let log_safe_url =
+            DisplaySafeUrl::parse("mailto:ferris@example.com?X-Amz-Signature=signature").unwrap();


Alas this is a valid URL so here we are adding test coverage for some weird stuff.

zanieb · 2026-04-29T21:20:41Z

-    let url = url_with_redacted_sensitive_query_values(url);
-    let url = url.as_ref();
-    // For URLs that use the `git` convention (i.e., `ssh://git@github.com/...`), avoid dropping the
-    // username.
-    if is_ssh_git_username(url) || (url.username().is_empty() && url.password().is_none()) {
-        return write!(f, "{url}");
-    }


I didn't like this early return pattern. I think we should just own the formatting entirely in this type.

zsol

Seems fine. I personally liked the early return better, but not enough to fight you :)

zanieb · 2026-04-30T15:38:02Z

I think it was fine until we had to eagerly transform the entire URL to redact query parameters for the earl return.

zanieb added the internal A refactor or improvement that is not user-facing label Apr 29, 2026

Refactor query parameter redaction

3ad4c47

zanieb force-pushed the zb/refactor-query-redaction branch from d0fe280 to 3ad4c47 Compare April 29, 2026 19:18

zanieb marked this pull request as ready for review April 29, 2026 19:18

zanieb requested review from woodruffw and zsol April 29, 2026 19:19

Handle some weird URL cases

fa72e7c

zanieb commented Apr 29, 2026

View reviewed changes

zsol approved these changes Apr 30, 2026

View reviewed changes

zanieb merged commit 3a43470 into main Apr 30, 2026
112 checks passed

zanieb deleted the zb/refactor-query-redaction branch April 30, 2026 15:38

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Refactor query parameter redaction#19218

Refactor query parameter redaction#19218
zanieb merged 2 commits intomainfrom
zb/refactor-query-redaction

zanieb commented Apr 29, 2026 •

edited

Loading

Uh oh!

zanieb commented Apr 29, 2026

Uh oh!

codspeed-hq Bot commented Apr 29, 2026 •

edited

Loading

Uh oh!

zanieb Apr 29, 2026

Uh oh!

zanieb Apr 29, 2026

Uh oh!

zanieb Apr 29, 2026

Uh oh!

zsol left a comment

Uh oh!

zanieb commented Apr 30, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

		let log_safe_url =
		DisplaySafeUrl::parse("mailto:ferris@example.com?X-Amz-Signature=signature").unwrap();

Conversation

zanieb commented Apr 29, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

zanieb commented Apr 29, 2026

Uh oh!

codspeed-hq Bot commented Apr 29, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Merging this PR will not alter performance

Uh oh!

zanieb Apr 29, 2026

Choose a reason for hiding this comment

Uh oh!

zanieb Apr 29, 2026

Choose a reason for hiding this comment

Uh oh!

zanieb Apr 29, 2026

Choose a reason for hiding this comment

Uh oh!

zsol left a comment

Choose a reason for hiding this comment

Uh oh!

zanieb commented Apr 30, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

zanieb commented Apr 29, 2026 •

edited

Loading

codspeed-hq Bot commented Apr 29, 2026 •

edited

Loading