zagy
commented
5 months ago @frlan Hum. Frankly … if it contains sensitive content there is something wrong in the first place. This all ends up world-readable in the nix-store anyway.
Open frlan opened 5 months ago
zagy
commented
5 months ago @frlan Hum. Frankly … if it contains sensitive content there is something wrong in the first place. This all ends up world-readable in the nix-store anyway.
frlan
commented
5 months ago @frlan Hum. Frankly … if it contains sensitive content there is something wrong in the first place. This all ends up world-readable in the nix-store anyway.
Having it in nix store is one thing (already not really good), but having it e.g. on github actions log is another thing. I don't want to see any password (even for a part of a chance) inside my ci log.
This file might contain secrets and we should ensure aside from batou's core detection to don't show it inside CI logs.
Fixes #167