config: Don't hide username, it's not secret.

Usernames are not generally considered to be secrets,
and treating them as secrets may lead to confusion
as to how secure they are. Obscuring them also makes
debugging harder.
This commit is contained in:
Brian Brazil 2015-10-08 15:13:21 +01:00
parent be8b83f48f
commit 1ddf75240d
2 changed files with 2 additions and 2 deletions

View file

@ -33,7 +33,7 @@ var (
patJobName = regexp.MustCompile(`^[a-zA-Z_][a-zA-Z0-9_-]*$`) patJobName = regexp.MustCompile(`^[a-zA-Z_][a-zA-Z0-9_-]*$`)
patFileSDName = regexp.MustCompile(`^[^*]*(\*[^/]*)?\.(json|yml|yaml|JSON|YML|YAML)$`) patFileSDName = regexp.MustCompile(`^[^*]*(\*[^/]*)?\.(json|yml|yaml|JSON|YML|YAML)$`)
patRulePath = regexp.MustCompile(`^[^*]*(\*[^/]*)?$`) patRulePath = regexp.MustCompile(`^[^*]*(\*[^/]*)?$`)
patAuthLine = regexp.MustCompile(`((?:username|password|bearer_token|secret_key):\s+)(".+"|'.+'|[^\s]+)`) patAuthLine = regexp.MustCompile(`((?:password|bearer_token|secret_key):\s+)(".+"|'.+'|[^\s]+)`)
) )
// Load parses the YAML input s into a Config. // Load parses the YAML input s into a Config.

View file

@ -282,7 +282,7 @@ func TestLoadConfig(t *testing.T) {
// String method must not reveal authentication credentials. // String method must not reveal authentication credentials.
s := c.String() s := c.String()
if strings.Contains(s, "admin_name") || strings.Contains(s, "admin_password") { if strings.Contains(s, "admin_password") {
t.Fatalf("config's String method reveals authentication credentials.") t.Fatalf("config's String method reveals authentication credentials.")
} }
} }