cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
ansible/changelogs/fragments/73508-validate-modules-no_log.yml
Felix Fontein b2015c98e2
validate-modules: make sure that options that potentially contain secret data have no_log set (#73508) 
* Catch more potential errors (and increase false-positive rate).
* Flag some false-positives in lib/ansible/modules/ with no_log=False.

Co-authored-by: John Barker <john@johnrbarker.com>
2021-03-11 12:57:11 -05:00

2 lines
507 B
YAML
Raw Blame History

minor_changes:
- "ansible-test validate-modules - option names that seem to indicate they contain secret information that should be marked ``no_log=True`` are now flagged in the validate-modules sanity test. False positives can be marked by explicitly setting ``no_log=False`` for these options in the argument spec. Please note that many false positives are expected; the assumption is that it is by far better to have false positives than false negatives (https://github.com/ansible/ansible/pull/73508)."
Reference in a new issue View git blame Copy permalink