gnodet commented on PR #22344: URL: https://github.com/apache/camel/pull/22344#issuecomment-4159934046
_Claude Code on behalf of Guillaume Nodet_ Another follow-up on the section stripping — the `<servers>` stripping has the same issue: `<servers>` is a `settings.xml` element, **not** a `pom.xml` element. It should never appear in a valid POM file. Since all three tools accept "pom.xml file content" as input, stripping `<servers>` is guarding against something that can't legitimately exist in the input. In summary, both section-stripping patterns are questionable: - **`<servers>`** — belongs to `settings.xml`, not `pom.xml` - **`<distributionManagement>`** — valid POM element but contains URLs/IDs, not credentials I'd suggest removing both section-stripping patterns and keeping only the sensitive element value masking (passwords, tokens, API keys in properties, etc.), which is the part that genuinely adds security value. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
