Thanks to visit codestin.com
Credit goes to github.com

Skip to content

fix(logging): Redact Basic auth from debug logs if it exists #5953

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Parent: chore: Update release candidate 1.1297.3
merged 6 commits into from
Jun 16, 2025
Merged

fix(logging): Redact Basic auth from debug logs if it exists #5953

merged 6 commits into from
Jun 16, 2025

Conversation

@PeterSchafer
Copy link
Contributor

@PeterSchafer PeterSchafer commented Jun 12, 2025
edited
Loading

Pull Request Submission Checklist

  • Follows CONTRIBUTING guidelines
  • Commit messages
    are release-note ready, emphasizing
    what was changed, not how.
  • Includes detailed description of changes
  • Contains risk assessment (Low | Medium | High)
  • Highlights breaking API changes (if applicable)
  • Links to automated tests covering new functionality
  • Includes manual testing instructions (if necessary)
  • Updates relevant GitBook documentation (PR link: ___)
  • Includes product update to be announced in the next stable release notes

What does this PR do?

With this change debug logs will redact Basic Authorization header if they would accour. While Basic Auth is not a common case in the CLI, there are edge cases where this could happen.

In addition, this PR updates the golang version from 1.23.8 to 1.23.10.

Where should the reviewer start?

snyk/go-application-framework#363

How should this be manually tested?

  1. Stop docker daemon
  2. snyk container test ubuntu:latest --username=us --password=pw -d
  3. The debug logs must include Basic ***

What's the product update that needs to be communicated to CLI users?

N/A

Any background context you want to provide?

CLI-949

@PeterSchafer PeterSchafer requested a review from a team as a code owner June 12, 2025 13:16
@snyk-io
Copy link

snyk-io bot commented Jun 12, 2025
edited
Loading

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

license/snyk check is complete. No issues have been found. (View Details)

code/snyk check is complete. No issues have been found. (View Details)

@PeterSchafer PeterSchafer force-pushed the fix/scrublogger_basic branch from e054455 to 9b4aac3 Compare June 12, 2025 13:41
@PeterSchafer PeterSchafer force-pushed the fix/scrublogger_basic branch from 9b4aac3 to 0e6ebc8 Compare June 12, 2025 13:42
@PeterSchafer PeterSchafer enabled auto-merge June 16, 2025 09:54
@PeterSchafer PeterSchafer merged commit 2399cc1 into release/1.1297 Jun 16, 2025
5 checks passed
@PeterSchafer PeterSchafer deleted the fix/scrublogger_basic branch June 16, 2025 10:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dotkas dotkas dotkas approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@PeterSchafer @dotkas @bastiandoetsch