debug mode outputs password

openconfig / gnmic

gNMIc is a gNMI CLI client and collector

https://gnmic.openconfig.net

Apache License 2.0

168 stars 54 forks source link

debug mode outputs password #403

Closed peejaychilds closed 3 months ago

peejaychilds commented 5 months ago

I noticed some parts of the debug the password are obscured to prevent accidental leakage, but in other areas they are not.

gnmic -d -p super-secret-password version  2>&1 | grep pass
password: super-secret-password
2024/03/28 00:58:17.710051 /home/runner/work/gnmic/gnmic/pkg/app/app.go:280: [gnmic] password='super-secret-password'(string)

karimra commented 3 months ago

should be fixed in v0.37.0, feel free to reopen if you catch other leaks.