remove scan info from update check (#1033)

* removed scan info from github update check * added build-debug pipeline job
2026-06-07 10:01:12 -03:00 · 2023-11-25 06:35:20 -05:00
parent d805e46474
commit a714825d09
3 changed files with 71 additions and 11 deletions
--- a/src/banner/container.rs
+++ b/src/banner/container.rs
@@ -1,13 +1,15 @@
 use super::entry::BannerEntry;
 use crate::{
+    client,
    config::Configuration,
    event_handlers::Handles,
-    utils::{logged_request, parse_url_with_raw_path, status_colorizer},
+    utils::{make_request, parse_url_with_raw_path, status_colorizer},
    DEFAULT_IGNORED_EXTENSIONS, DEFAULT_METHOD, DEFAULT_STATUS_CODES, VERSION,
 };
 use anyhow::{bail, Result};
 use console::{style, Emoji};
 use serde_json::Value;
+use std::collections::HashMap;
 use std::{io::Write, sync::Arc};

 /// Url used to query github's api; specifically used to look for the latest tagged release name
@@ -498,7 +500,34 @@ by Ben "epi" Risher {}                 ver: {}"#,

        let api_url = parse_url_with_raw_path(url)?;

-        let result = logged_request(&api_url, DEFAULT_METHOD, None, handles.clone()).await?;
+        // we don't want to leak sensitive header info / include auth headers
+        // with the github api request, so we'll build a client specifically
+        // for this task. thanks to @stuhlmann for the suggestion!
+        let client = client::initialize(
+            handles.config.timeout,
+            "feroxbuster-update-check",
+            handles.config.redirects,
+            handles.config.insecure,
+            &HashMap::new(),
+            Some(&handles.config.proxy),
+            &handles.config.server_certs,
+            Some(&handles.config.client_cert),
+            Some(&handles.config.client_key),
+        )?;
+        let level = handles.config.output_level;
+        let tx_stats = handles.stats.tx.clone();
+
+        let result = make_request(
+            &client,
+            &api_url,
+            DEFAULT_METHOD,
+            None,
+            level,
+            &handles.config,
+            tx_stats,
+        )
+        .await?;
+
        let body = result.text().await?;

        let json_response: Value = serde_json::from_str(&body)?;
--- a/src/client.rs
+++ b/src/client.rs
@@ -67,17 +67,19 @@ where
    }

    if let (Some(cert_path), Some(key_path)) = (client_cert, client_key) {
-        let cert = std::fs::read(cert_path)?;
-        let key = std::fs::read(key_path)?;
+        if !cert_path.is_empty() && !key_path.is_empty() {
+            let cert = std::fs::read(cert_path)?;
+            let key = std::fs::read(key_path)?;

-        let identity = reqwest::Identity::from_pkcs8_pem(&cert, &key).with_context(|| {
-            format!(
-                "either {} or {} are invalid; expecting PEM encoded certificate and key",
-                cert_path, key_path
-            )
-        })?;
+            let identity = reqwest::Identity::from_pkcs8_pem(&cert, &key).with_context(|| {
+                format!(
+                    "either {} or {} are invalid; expecting PEM encoded certificate and key",
+                    cert_path, key_path
+                )
+            })?;

-        client = client.identity(identity);
+            client = client.identity(identity);
+        }
    }

    Ok(client.build()?)