search

warpdotdev / Warp

Warp is a modern, Rust-based terminal with AI built in so you and your team can build great software, faster.
https://warp.dev
Other
21.49k stars 376 forks source link

Norma Maven logging is misinterpreted as secrets #4669

Closed garydgregory closed 7 months ago

garydgregory commented 7 months ago

Discord username (optional)

No response

Describe the bug

Normal default Maven logging is misinterpreted as secrets (when the secrets feature is enabled obv), for example:

...
[INFO] >>> spotbugs:*******:check (default-cli) > :spotbugs @ bcel >>>
[INFO]
[INFO] --- spotbugs:*******:spotbugs (spotbugs) @ bcel ---
[INFO] Fork Value is true
[INFO] Done SpotBugs Analysis....
[INFO]
[INFO] <<< spotbugs:*******:check (default-cli) < :spotbugs @ bcel <<<
[INFO]
...

To reproduce

git clone https://gitbox.apache.org/repos/asf/commons-bcel.git
git checkout e8357416743dc009e630d2d47121653e3b6e841e
mvn

Expected behavior

Output should not be substituted, for example:

[INFO] >>> spotbugs:4.8.3.1:check (default-cli) > :spotbugs @ bcel >>>
[INFO]
[INFO] --- spotbugs:4.8.3.1:spotbugs (spotbugs) @ bcel ---
[INFO] Fork Value is true
[INFO] Done SpotBugs Analysis....
[INFO]
[INFO] <<< spotbugs:4.8.3.1:check (default-cli) < :spotbugs @ bcel <<<
[INFO]
[INFO]
[INFO] --- spotbugs:4.8.3.1:check (default-cli) @ bcel ---
[INFO] BugInstance size is 0
[INFO] Error size is 0
[INFO] No errors/warnings found
[INFO]

Screenshots

No response

Operating system

MacOS

Operating system and version

Darwin **** 23.4.0 Darwin Kernel Version 23.4.0: Fri Mar 15 00:11:05 PDT 2024; root:xnu-10063.101.17~1/RELEASE_X86_64 x86_64

Shell Version

zsh 5.9 (x86_64-apple-darwin23.0)

Current Warp version

v0.2024.03.26.08.02.stable_02

Regression

No, this bug or issue has existed throughout my experience using Warp

Recent working Warp date

No response

Additional context

No response

Does this block you from using Warp daily?

No

Is this a Warp specific issue? (i.e. does it happen in Terminal, iTerm, Kitty, etc.)

Yes, this I confirmed this only happens in Warp, not other terminals.

Warp Internal (ignore): linear-label:b9d78064-c89e-4973-b153-5178a31ee54e

None

dannyneira commented 7 months ago

Hi @garydgregory thanks for letting us know. It's possible that the regex for default secret redations match the maven log as well. We got a request to modify/disable the default redaction list, so that may help in the long term, but in the short term you can either disable the feature when working with maven logs or click on the hidden text and "reveal secret". https://docs.warp.dev/features/secret-redaction#secret-regex-list

CleanShot 2024-04-01 at 09 50 16

garydgregory commented 7 months ago

TY @dannyneira I can see now that Warp confuses a Maven plugin version string for an IP address. TY for the info.

dannyneira commented 7 months ago

No problem, please track the https://github.com/warpdotdev/Warp/issues/4455 request do modify/disable the default redactions for any changes to this.

Closing as there is an existing request to track for this issue.

dannyneira commented 6 months ago

Duplicate of #4455