From d77ff0f729e8ee39360e8c5a605fb2005c3cbeca Mon Sep 17 00:00:00 2001
From: Jordi Boggiano <j.boggiano@seld.be>
Date: Fri, 4 Jun 2021 07:17:57 +0200
Subject: [PATCH] Workaround for PCRE regression

---
 src/Composer/Util/Url.php | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/Composer/Util/Url.php b/src/Composer/Util/Url.php
index 18859fb23..a018f97b7 100644
--- a/src/Composer/Util/Url.php
+++ b/src/Composer/Util/Url.php
@@ -109,13 +109,25 @@ class Url
         // e.g. https://api.github.com/repositories/9999999999?access_token=github_token
         $url = preg_replace('{([&?]access_token=)[^&]+}', '$1***', $url);
 
-        $url = preg_replace_callback('{(?P<prefix>://|^)(?P<user>[^:/\s@]+):(?P<password>[^@\s/]+)@}i', function ($m) {
+        // duplication here to apparent PCRE regression in v10.37 26-May-2021 which
+        // makes (?P<prefix>://|^) not match anymore
+        // should be reverted ideally when fixed in upstream
+        $url = preg_replace_callback('{^(?P<user>[^:/\s@]+):(?P<password>[^@\s/]+)@}i', function ($m) {
             // if the username looks like a long (12char+) hex string, or a modern github token (e.g. gp1_xxx) we obfuscate that
             if (preg_match('{^([a-f0-9]{12,}|g[a-z]\d_[a-zA-Z0-9_]+)$}', $m['user'])) {
-                return $m['prefix'].'***:***@';
+                return '***:***@';
             }
 
-            return $m['prefix'].$m['user'].':***@';
+            return $m['user'].':***@';
+        }, $url);
+
+        $url = preg_replace_callback('{://(?P<user>[^:/\s@]+):(?P<password>[^@\s/]+)@}i', function ($m) {
+            // if the username looks like a long (12char+) hex string, or a modern github token (e.g. gp1_xxx) we obfuscate that
+            if (preg_match('{^([a-f0-9]{12,}|g[a-z]\d_[a-zA-Z0-9_]+)$}', $m['user'])) {
+                return '://***:***@';
+            }
+
+            return '://'.$m['user'].':***@';
         }, $url);
 
         return $url;