canny[bot]
commented
3 weeks ago This issue has been linked to a Canny post: Redact authorization header contents from logged warnings when running provider verification :tada:
Open canny[bot] opened 3 weeks ago
canny[bot]
commented
3 weeks ago This issue has been linked to a Canny post: Redact authorization header contents from logged warnings when running provider verification :tada:
Currently when you use
pact-provider-verifier ... --custom-provider-header="Authorization: xxx"to give, for example, a bearer token to Pact while running the provider verifications. The contents of the header get printed out in plain text as a warning:WARN: Adding header 'Authorization: Bearer <visible value>'It would be nice if these contents could be redacted for the
Authorizationheader and instead it would print something like:WARN: Adding header 'Authorization: [REDACTED]'Even though we're talking about dev/test deployment related secrets, it still isn't very nice to expose them in a visible manner. Of course an easy workaround is to simply perform an inverted grep for discarding all lines that begin as the mentioned warning. But it would be nice to have this functionality built-in.
https://pact.canny.io/admin/board/feature-requests/p/redact-authorization-header-contents-from-logged-warnings-when-running-provider