[security] password input renders password on success

[rendarz]

Consider this very simple code:

let input = demand::Input::new("Password:")
  .inline(true)
  .prompt("")
  .password(true);
let name = input.run().expect("error running input");

It lets me to input a password, and the password characters are indeed hidden by * characters. But when I press enter, the password is written in stdout IN CLEAR, like if its a normal input entry. Why? Am I missing something, or doing something wrong? IMHO, the flag .password(true) should absolutely block this, or it could generate UNWANTED SURPRISES! NOTE: It works like that even with .inline(false).

[roele]

@rendarz Indeed a valid concern! Thanks for reporting this.