From 84dda31e82607424b435a60504ffc288f16c6ade Mon Sep 17 00:00:00 2001
From: Alyssa Ross <hi@alyssa.is>
Date: Thu, 1 Mar 2018 17:48:08 +0000
Subject: [PATCH] Add tests for ENV#clear_sensitive_environment!

---
 Library/Homebrew/extend/ENV.rb    |  4 ++--
 Library/Homebrew/test/ENV_spec.rb | 14 ++++++++++++++
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/Library/Homebrew/extend/ENV.rb b/Library/Homebrew/extend/ENV.rb
index 374be49b92..002220764a 100644
--- a/Library/Homebrew/extend/ENV.rb
+++ b/Library/Homebrew/extend/ENV.rb
@@ -28,9 +28,9 @@ module EnvActivation
   end
 
   def clear_sensitive_environment!
-    ENV.each_key do |key|
+    each_key do |key|
       next unless /(cookie|key|token|password)/i =~ key
-      ENV.delete key
+      delete key
     end
   end
 end
diff --git a/Library/Homebrew/test/ENV_spec.rb b/Library/Homebrew/test/ENV_spec.rb
index 07f6cdb6b0..8b39e52d78 100644
--- a/Library/Homebrew/test/ENV_spec.rb
+++ b/Library/Homebrew/test/ENV_spec.rb
@@ -141,6 +141,20 @@ shared_examples EnvActivation do
 
     expect(subject["MAKEFLAGS"]).to eq("-j4")
   end
+
+  describe "#clear_sensitive_environment!" do
+    it "removes sensitive environment variables" do
+      subject["SECRET_TOKEN"] = "password"
+      subject.clear_sensitive_environment!
+      expect(subject).not_to include("SECRET_TOKEN")
+    end
+
+    it "leaves non-sensitive environment variables alone" do
+      subject["FOO"] = "bar"
+      subject.clear_sensitive_environment!
+      expect(subject["FOO"]).to eq "bar"
+    end
+  end
 end
 
 describe Stdenv do