garydgregory commented on PR #276: URL: https://github.com/apache/commons-beanutils/pull/276#issuecomment-2311149331
> So if someone tamper log level or set the wrong level, the shaded property may record in log. If some has this kind of access to your application, you're already in very deep trouble. Note that some folks recommend to never store credentials in `String`s for this reason, and use `char[]` instead. Let's see if anyone else has feedback. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
