Would it be a good idea not to have it appear in the webapp UI while this password plaintext problem is not yet resolved?
On Thu, Apr 24, 2008 at 10:28 AM, Wendy Smoak <[EMAIL PROTECTED]> wrote: > I'm still on a quest to get Continuum to stop storing passwords in > plain text. Olivier fixed CONTINUUM-1605 [1] so that the initial pom > retrieval will discard the provided credentials if the 'use cached > credentials' checkbox is checked. > > The latest problem is the release.properties file. This file (which > contains the scm password in plain text) gets written out to the > working copy... which is then visible through the Web UI. If all goes > well, I think it's only there briefly, but if the release fails it may > be left around. > > Any ideas on how to fix this one? > > [1] http://jira.codehaus.org/browse/CONTINUUM-1605 > > -- > Wendy >
