Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: ENV variable SE_VNC_PASSWORD contains sensitive data #2061

Merged
merged 2 commits into from
Dec 13, 2023
Merged

bug: ENV variable SE_VNC_PASSWORD contains sensitive data #2061

merged 2 commits into from
Dec 13, 2023

Conversation

VietND96
Copy link
Member

Thanks for contributing to the Docker-Selenium project!
A PR well described will help maintainers to quickly review and merge it

Before submitting your PR, please check our contributing guidelines, applied for this repository.
Avoid large PRs, help reviewers by making them as simple and short as possible.

Description

bug: ENV variable SE_VNC_PASSWORD contains sensitive data

Motivation and Context

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist

  • I have read the contributing document.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@VietND96
bug: ENV variable SE_VNC_PASSWORD contains sensitive data
00a15ea 
Signed-off-by: Viet Nguyen Duc <nguyenducviet4496@gmail.com>
@VietND96 VietND96 requested a review from diemol December 13, 2023 08:31
@VietND96 VietND96 self-assigned this Dec 13, 2023
@VietND96
Merge branch 'SeleniumHQ:trunk' into trunk
e526e55 
Signed-off-by: Viet Nguyen Duc <nguyenducviet4496@gmail.com>
diemol
diemol reviewed Dec 13, 2023
View reviewed changes
Copy link
Member

@diemol diemol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the actual change I should review? I see many unrelated things to the VNC password.

@luisfcorreia
Copy link
Contributor

luisfcorreia commented Dec 13, 2023
edited
Loading

From what I've read, the tool considers that an ENV setting containing a name with "PASSWORD" in it is a security concern.

For me, it's NOT

@VietND96
Copy link
Member Author

What is the actual change I should review? I see many unrelated things to the VNC password.

I have highlighted those via individual comments.

@diemol
Copy link
Member

diemol commented Dec 13, 2023

What is the actual change I should review? I see many unrelated things to the VNC password.

I have highlighted those via individual comments.

Thank you!

In general, we try to have a commit/PR to contain a single set of related changes. Would be nice to follow that idea in the future.

@VietND96
Copy link
Member Author

What is the actual change I should review? I see many unrelated things to the VNC password.

I have highlighted those via individual comments.

Thank you!

In general, we try to have a commit/PR to contain a single set of related changes. Would be nice to follow that idea in the future.

Sure, thank you! Except only 1 this PR that mixed something else work-in-progress

@VietND96 VietND96 merged commit 7d74d4f into SeleniumHQ:trunk Dec 13, 2023
7 checks passed
@bobbyvacco bobbyvacco mentioned this pull request Dec 20, 2023
Merged
8 tasks
This was referenced Jan 25, 2024
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@diemol diemol diemol approved these changes

Assignees

@VietND96 VietND96

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[🐛 Bug]: The environment variable SE_VNC_PASSWORD contains sensitive data
3 participants
@VietND96 @luisfcorreia @diemol