From 04200e08526a46b91b6b18503350bcdc36a7e8af Mon Sep 17 00:00:00 2001
From: Ziaul-haque Mahomed <zia@labhome.co.za>
Date: Thu, 3 Oct 2024 16:40:52 +0200
Subject: [PATCH] Fix code scanning alert no. 9: Clear-text logging of
 sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 app.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app.py b/app.py
index b798d01..c6a182b 100644
--- a/app.py
+++ b/app.py
@@ -64,8 +64,9 @@ def pack_repo():
     if state.verbose:
         repopack_cmd.append("--verbose")
 
-    # Print the full command being executed
-    print(f"Executing command: {' '.join(repopack_cmd)}", file=sys.stderr)
+    # Print the sanitized command being executed
+    sanitized_cmd = hide_credentials(' '.join(repopack_cmd))
+    print(f"Executing command: {sanitized_cmd}", file=sys.stderr)
 
     try:
         process = subprocess.Popen(repopack_cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, text=True)