Closed clarkio closed 4 years ago
johnpapa
commented
4 years ago Good catch
The way this works is it uses scopes to match the syntax. I have no control over the scopes.
But we can suggest string variables uses quotes to wrap them. When you do that it should hide them for you. It should work for all strings.
Give it a shot.
If you have other ideas I am very open to suggestions.
clarkio
commented
4 years ago Adding the quotes did resolve the cloaking behavior shown above.
I don't know if how I'm setting environment variables without the quote " is proper to be honest. They do work in my app without them so I thought I'd at least share in case someone else may experience it. 🙂👍
johnpapa
commented
4 years ago I’ve seen it both ways. I don’t know if there is a “right”. Lol
I’ll keep this open for a while and if someone has an idea or PR to make it work without quotes, I’m open to it.
johnpapa
commented
4 years ago closing due to no activity
If the secret contains a '=' character then it cloaks everything after that character instead of the whole secret.
It could potentially be bad if the '=' is located somewhere towards the end of the secret (such as
MY_SECRET=asfwoeifjeifjsdf$#@#$@*9090=) as it would still reveal most or all of the secret.