From 88739de6d1dc24b1e3b940efd672601cd0e5544f Mon Sep 17 00:00:00 2001
From: RuiO <rui.oliveira@checkmarx.com>
Date: Tue, 15 Oct 2024 15:51:51 +0100
Subject: [PATCH] Sanitize repo token and url

---
 internal/commands/scan.go | 2 ++
 internal/logger/utils.go  | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/internal/commands/scan.go b/internal/commands/scan.go
index 885b2588c..f7c602d8d 100644
--- a/internal/commands/scan.go
+++ b/internal/commands/scan.go
@@ -1002,7 +1002,9 @@ func addSCSScan(cmd *cobra.Command, resubmitConfig []wrappers.Config, hasEnterpr
 		SCSMapConfig[resultsMapType] = commonParams.MicroEnginesType // scs is still microengines in the scans API
 		userScanTypes, _ := cmd.Flags().GetString(commonParams.ScanTypes)
 		scsRepoToken, _ := cmd.Flags().GetString(commonParams.SCSRepoTokenFlag)
+		viper.Set(commonParams.SCSRepoTokenFlag, scsRepoToken) // sanitizeLogs uses viper to get the value
 		scsRepoURL, _ := cmd.Flags().GetString(commonParams.SCSRepoURLFlag)
+		viper.Set(commonParams.SCSRepoURLFlag, scsRepoURL) // sanitizeLogs uses viper to get the value
 		SCSEngines, _ := cmd.Flags().GetString(commonParams.SCSEnginesFlag)
 		if resubmitConfig != nil {
 			scsConfig = createResubmitConfig(resubmitConfig, scsRepoToken, scsRepoURL, hasEnterpriseSecretsLicense)
diff --git a/internal/logger/utils.go b/internal/logger/utils.go
index 1e35f5112..6837c0cbc 100644
--- a/internal/logger/utils.go
+++ b/internal/logger/utils.go
@@ -21,6 +21,8 @@ var sanitizeFlags = []string{
 	params.AstToken, params.SSHValue,
 	params.SCMTokenFlag, params.ProxyKey,
 	params.UploadURLEnv,
+	params.SCSRepoTokenFlag,
+	params.SCSRepoURLFlag,
 }
 
 func Print(msg string) {