Details
-
Type:
Bug
-
Status:
Closed
-
Priority:
Critical
-
Resolution: Fixed
-
Affects Version/s: 1.2
-
Fix Version/s: 1.2.1
-
Component/s: None
-
Labels:None
-
Environment:Continuum 1.3-SNAPSHOT r700970
Mac OS X
-
Complexity:Intermediate
-
Number of attachments :
Description
When adding a m2 project using a url to the pom file, I see this in the log:
2008-10-01 16:58:03,541 [addMavenTwoProjectBackgroundThread] INFO continuumProjectBuilder#maven-two-builder - Downloading https://wsmoak:PASSWORD@example.com/svn/wsmoak/hello/trunk/pom.xml
(where PASSWORD was my actual password.)
Passwords should be masked in the log files.
Issue Links
| This issue is depended upon by: | ||||
| CONTINUUM-2200 | Logs should not display scm credentials when adding projects |
|
|
|
Work on the CONTINUUM-1721 branch seems headed towards changing method signatures so we pass around the url separately from the userid and password.
I haven't looked to see where this is coming from exactly, but if that happens, we can probably log the url without the credentials.
Meanwhile, we need to change or comment out this log statement.