-
-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure sensitive details are never logged via CallStack #247
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
apparently i need to write a comment in this comment box to finish the rest, huh, didn't know that! :p
except the part about tokens being embedded within larger strings, everything looks good!
actually thought... there are likely purpose built libraries that search/mask strings for all sorts of tokens, perhaps that would be better for us to build CallStack on top of? |
@meadowsys I do like your idea for finding something that can be used here, which I was able to find The other thing I'd be interested in is finding the source of whatever GitHub Actions uses for this exact same purpose, since I know GitHub has a partner program with a much longer list, so I wonder if that code is public |
@meadowsys I've gone ahead and implemented your suggestions if there's anything else you spot |
Requirements
Filling out the template is required.
All new code requires tests to ensure against regressions.
Have you ran tests against this code?
This PR contains zero code changes.
Description of the Change
This PR adds much more logic to ensure sensitive details are never logged via CallStack.