gpordeus commented on PR #10575: URL: https://github.com/apache/cloudstack/pull/10575#issuecomment-2767552011
@DaanHoogland I went over it, and the reason for the duplicated builders is that they have different Gson strategies (`ApiResponseExclusionStrategy` vs `LogExclusionStrategy` in `ApiResponseGsonHelper`); the response strategy checks for user permission, while the log strategy hides fields with "isSensitive". So, if we append after `serializeResponseObjXML`, we'd have passwords being logged. While I agree it is silly, it would take bigger changes to clean it up and demand more testing. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@cloudstack.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
