$password parameter should be of type Sensitive[String]

puppetlabs / puppetlabs-servicenow_cmdb_integration

Other

1 stars 16 forks source link

$password parameter should be of type Sensitive[String] #35

Open kreeuwijk opened 4 years ago

kreeuwijk commented 4 years ago

Describe the Bug

The password parameter for the class is currently of type String. This exposes the password in run logs, Impact Analysis and the catalog.

Expected Behavior

Change the type of this parameter to Sensitive[String] and ensure correct & secure handling of the content. For example. the .unwrap method should only be used inside the epp template.

RandomNoun7 commented 4 years ago

Created PIE-396 to track this.