-
Notifications
You must be signed in to change notification settings - Fork 420
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Logging of confidential parameters #2087
Labels
Milestone
Comments
remkop
added
type: enhancement ✨
theme: security 🔐
An issue or change related to security
labels
Aug 22, 2023
Yes this is a good idea. Thank you for raising it! |
remkop
added a commit
that referenced
this issue
Aug 26, 2023
Fixed in the main branch. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I have a field defined as
I also have a custom
IDefaultValueProvider
implementation that will load and decrypt an encrypted password from a file for the option.It all works well, except when setting
CommandLine.tracer().setLevel()
to a high enough level. When I do that, the password is logged by picocli as below:It seems that the
echo = false
setting is ignored when it comes to default values. In the code I see thatecho()
is only checked based around certain other conditions.Would it be possible to suppress all logging when echo is set to false, regardless of any other setting on the option?
The text was updated successfully, but these errors were encountered: