Croway opened a new pull request, #24592:
URL: https://github.com/apache/camel/pull/24592

   ### What
   
   Sweep across components fixing missing security metadata on options, so 
sensitive values are masked (JMX, `camel jbang get`, endpoint URI dumps, logs) 
and insecure flags are visible to the security policy (`camel.security.*` / 
`camel.main.profile=prod`).
   
   **Options now marked `security = "secret"`:**
   
   | Component | Options |
   |---|---|
   | camel-openai | `apiKey` (component level) |
   | camel-huggingface | `authToken` |
   | camel-vertx-http | `basicAuthPassword`, `bearerToken`, `proxyPassword` 
(endpoint + component) |
   | camel-servicenow | `proxyPassword` |
   | camel-smpp | `httpProxyPassword` |
   | camel-twitter | `httpProxyPassword` |
   | camel-geocoder | `proxyAuthPassword` |
   | camel-huaweicloud-dms | `password`, `kafkaManagerPassword` |
   | camel-weather | `appid`, `geolocationAccessKey` |
   | camel-jcr | `password` |
   | camel-wordpress | `password` |
   | camel-whatsapp | `webhookVerifyToken` (also migrated `webhookSecret` from 
the deprecated `secret = true` to `security = "secret"`) |
   
   **Insecure TLS toggles now tagged for the security policy:**
   
   - camel-oaipmh: `ignoreSSLWarnings` → `security = "insecure:ssl"`
   - camel-ibm-watsonx-ai: `verifySsl` → `security = "insecure:ssl", 
insecureValue = "false"` (also relabeled from `advanced` to `security`)
   
   All generated files (component JSON metadata, URI factories, catalog 
`sensitive-keys.json`, `SensitiveUtils`/`SecurityUtils`) regenerated — 
`basicauthpassword` and `bearertoken` are new entries in the global 
sensitive-keys registry, and the two SSL toggles are now registered security 
options.
   
   No behavior change beyond masking and security-policy visibility; no new 
options, no changed defaults.
   
   _Claude Code on behalf of Croway_
   
   🤖 Generated with [Claude Code](https://claude.com/claude-code)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to