This change ensures that we are not storing any passwords in the code, regardless of whether they are for testing or not. It moves all testing passwords to the environment variables TEST_USER_PASSWORD andTEST_USER_PASSWORD_BAD`.
Related Issue
resolves #581
Motivation and Context
Sonar repeatedly reports security risks due to our having passwords in plain text in the code. In reality, these are
How Has This Been Tested?
No testing required, only moving two strings into a env vars.
Types of changes
[x] Bug fix (non-breaking change which fixes an issue)
[ ] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to change)
Checklist:
[x] My code follows the code style of this project.
[ ] My change requires a change to the documentation.
Description
This change ensures that we are not storing any passwords in the code, regardless of whether they are for testing or not. It moves all testing passwords to the environment variables
TEST_USER_PASSWORD and
TEST_USER_PASSWORD_BAD`.Related Issue
resolves #581
Motivation and Context
Sonar repeatedly reports security risks due to our having passwords in plain text in the code. In reality, these are
How Has This Been Tested?
No testing required, only moving two strings into a env vars.
Types of changes
Checklist: