Mask password in "Added MAVEN property..." info messages / allow suppress the messages #2
Comments
|
good point |
|
Re 1, |
|
may be print them only in verbose mode? |
That will work provided it is documented in "quick start" section |
raydac
added a commit
that referenced
this issue
Nov 29, 2015
…o hide info in *pass* and *key* properties (issue #2)
|
I made some changes to hide potentially private properties content in maven log, 7b6fc2d |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The list of valid variables is very helpful for initial usage of JCP, so it is good it is enabled by default.
However:
It is not that safe to print all the properties (e.g. mvn.project.property.password, mvn.project.property.gpg.passphrase, etc). maven logs can be copy&pasted and it might lead to unexpected sharing of the passwords.
It would be nice to have a configuration property to suppress that output (as it would no longer be required after JCP comments are in place)
The text was updated successfully, but these errors were encountered: