From 3f8f2c672632d74c188adab5d7fdc879ef0c008a Mon Sep 17 00:00:00 2001
From: Mike McQuaid <mike@mikemcquaid.com>
Date: Sun, 5 Nov 2017 20:30:52 +0000
Subject: [PATCH 1/3] bump-formula-pr: use GitHub vars under env filter.

Ensure that the various variables are passed through and reset
correctly. If we end up doing this in a bunch of places we may add some
helpers to simplify this.
---
 Library/Homebrew/dev-cmd/bump-formula-pr.rb | 8 ++++++++
 bin/brew                                    | 3 ++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/Library/Homebrew/dev-cmd/bump-formula-pr.rb b/Library/Homebrew/dev-cmd/bump-formula-pr.rb
index 9fe70da6b1..b50ec53d6b 100644
--- a/Library/Homebrew/dev-cmd/bump-formula-pr.rb
+++ b/Library/Homebrew/dev-cmd/bump-formula-pr.rb
@@ -117,6 +117,14 @@ module Homebrew
     # user path, too.
     ENV["PATH"] = ENV["HOMEBREW_PATH"]
 
+    # Setup GitHub environment variables
+    %w[GITHUB_USER GITHUB_PASSWORD GITHUB_TOKEN].each do |env|
+      homebrew_env = ENV["HOMEBREW_#{env}"]
+      next unless homebrew_env
+      next if homebrew_env.empty?
+      ENV[env] = homebrew_env
+    end
+
     formula = ARGV.formulae.first
 
     if formula
diff --git a/bin/brew b/bin/brew
index 90e0cf3e99..f64bd4556b 100755
--- a/bin/brew
+++ b/bin/brew
@@ -47,7 +47,8 @@ HOMEBREW_LIBRARY="$HOMEBREW_REPOSITORY/Library"
 # Whitelist and copy to HOMEBREW_* all variables previously mentioned in
 # manpage or used elsewhere by Homebrew.
 for VAR in AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY BINTRAY_USER BINTRAY_KEY \
-           BROWSER EDITOR GIT PATH VISUAL
+           BROWSER EDITOR GIT PATH VISUAL \
+           GITHUB_USER GITHUB_PASSWORD GITHUB_TOKEN
 do
   # Skip if variable value is empty.
   [[ -z "${!VAR}" ]] && continue

From 9358f678a3c0a7ee6b64078cc9393d0c5347a17c Mon Sep 17 00:00:00 2001
From: Mike McQuaid <mike@mikemcquaid.com>
Date: Tue, 7 Nov 2017 07:47:50 +0000
Subject: [PATCH 2/3] Clear/mask passwords as well as tokens.

---
 Library/Homebrew/extend/ENV.rb    | 2 +-
 Library/Homebrew/system_config.rb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Library/Homebrew/extend/ENV.rb b/Library/Homebrew/extend/ENV.rb
index ea1b995011..374be49b92 100644
--- a/Library/Homebrew/extend/ENV.rb
+++ b/Library/Homebrew/extend/ENV.rb
@@ -29,7 +29,7 @@ module EnvActivation
 
   def clear_sensitive_environment!
     ENV.each_key do |key|
-      next unless /(cookie|key|token)/i =~ key
+      next unless /(cookie|key|token|password)/i =~ key
       ENV.delete key
     end
   end
diff --git a/Library/Homebrew/system_config.rb b/Library/Homebrew/system_config.rb
index e7e60c9855..86b7051fad 100644
--- a/Library/Homebrew/system_config.rb
+++ b/Library/Homebrew/system_config.rb
@@ -207,7 +207,7 @@ class SystemConfig
         next unless key.start_with?("HOMEBREW_")
         next if boring_keys.include?(key)
         next if defaults_hash[key.to_sym] == value
-        value = "set" if key =~ /(cookie|key|token)/i
+        value = "set" if key =~ /(cookie|key|token|password)/i
         f.puts "#{key}: #{value}"
       end
       f.puts hardware if hardware

From 127bdfdc71310ff237ea20d6bbc008ce252aecf3 Mon Sep 17 00:00:00 2001
From: Mike McQuaid <mike@mikemcquaid.com>
Date: Tue, 7 Nov 2017 07:48:00 +0000
Subject: [PATCH 3/3] bump-formula-pr: use HOMEBREW_BROWSER.

---
 Library/Homebrew/dev-cmd/bump-formula-pr.rb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Library/Homebrew/dev-cmd/bump-formula-pr.rb b/Library/Homebrew/dev-cmd/bump-formula-pr.rb
index b50ec53d6b..380bb464d2 100644
--- a/Library/Homebrew/dev-cmd/bump-formula-pr.rb
+++ b/Library/Homebrew/dev-cmd/bump-formula-pr.rb
@@ -117,6 +117,9 @@ module Homebrew
     # user path, too.
     ENV["PATH"] = ENV["HOMEBREW_PATH"]
 
+    # Use the user's browser, too.
+    ENV["BROWSER"] = ENV["HOMEBREW_BROWSER"]
+
     # Setup GitHub environment variables
     %w[GITHUB_USER GITHUB_PASSWORD GITHUB_TOKEN].each do |env|
       homebrew_env = ENV["HOMEBREW_#{env}"]