You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Exceptions and their stdout might print passwords in plaintext
Repro steps
I have no repro steps, the print occured on one of our managers computer and leaked his password to me.
Expected behavior
do not print plaintext password in exception texts
Known workarounds
I suspect the complete plaintext authentication sheme is not really secure. Still, having plaintext passwords printed to screen renders paket really untrustworthy ;)
I'd suggest simply to put StructuredFormatDisplay to authenication configs.
The text was updated successfully, but these errors were encountered:
We seem to run into this from time to time, see also #1224, #1357. Maybe it's time to consider switching to SecureString to prevent this from happening in the first place?
Description
Exceptions and their stdout might print passwords in plaintext
Repro steps
I have no repro steps, the print occured on one of our managers computer and leaked his password to me.
Expected behavior
do not print plaintext password in exception texts
Known workarounds
I suspect the complete plaintext authentication sheme is not really secure. Still, having plaintext passwords printed to screen renders paket really untrustworthy ;)
I'd suggest simply to put StructuredFormatDisplay to authenication configs.
The text was updated successfully, but these errors were encountered: