lt;mailto:vinay18.pa...@gmail.com>>
wrote:
Hi,
I see plain text SSL passwords in log file (printed by
GlobalConfiguration) , because of which we cannot
deploy our pipeline to NR environment.
I am able to avoi
hich
>>> keywords you filter on ("secret", "password", etc.), that the key name is
>>> mistyped and inadvertently logged.
>>>
>>> Perhaps we could implement something like TravisCI's encryption keys [
>>> https://docs.travis-ci.com/u
c.), that the key name is
>> mistyped and inadvertently logged.
>>
>> Perhaps we could implement something like TravisCI's encryption keys [
>> https://docs.travis-ci.com/user/encryption-keys/] at a cost of added
>> complexity.
>>
>> On Wed, Mar 28, 2018 at
is mistyped
> and inadvertently logged.
>
> Perhaps we could implement something like TravisCI's encryption keys [
> https://docs.travis-ci.com/user/encryption-keys/] at a cost of added
> complexity.
>
> On Wed, Mar 28, 2018 at 4:38 PM, Vinay Patil <vinay18.pa...@gmail.com>
&g
user/encryption-keys/] at a cost of added
complexity.
On Wed, Mar 28, 2018 at 4:38 PM, Vinay Patil <vinay18.pa...@gmail.com>
wrote:
> Hi,
>
> I see plain text SSL passwords in log file (printed by
> GlobalConfiguration) , because of which we cannot deploy our pipeline to NR
Hi,
I see plain text SSL passwords in log file (printed by GlobalConfiguration)
, because of which we cannot deploy our pipeline to NR environment.
I am able to avoid this by having ERROR log level for this class but the
security team still think it is a risk.
Is this taken care in the new