[jira] [Comment Edited] (SCM-764) username and credentials shown as INFO on commadline

["Ludovic Lebègue (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/SCM-764?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14581577#comment-14581577 ] 

Ludovic Lebègue edited comment on SCM-764 at 8/3/15 11:02 AM:
--------------------------------------------------------------

An upgrade of maven-release-plugin to 2.5.2 solved the issue for me


was (Author: llebegue):
It's still visible even for git command

> username and credentials shown as INFO on commadline
> ----------------------------------------------------
>
>                 Key: SCM-764
>                 URL: https://issues.apache.org/jira/browse/SCM-764
>             Project: Maven SCM
>          Issue Type: Bug
>          Components: maven-scm-provider-git
>         Environment: Apache Maven 3.2.1 (ea8b2b07643dbb1b84b6d16e1f08391b666bc1e9; 2014-02-14T18:37:52+01:00)
> Maven home: D:\Dev\maven\apache-maven-3.2.1
> Java version: 1.7.0_51, vendor: Oracle Corporation
> Java home: D:\Dev\Java\jdk7_51_x64\jre
> Default locale: de_DE, platform encoding: Cp1252
> OS name: "windows 7", version: "6.1", arch: "amd64", family: "windows"
>            Reporter: Thomas Wabner
>            Assignee: Olivier Lamy (*$^¨%`£)
>             Fix For: 1.9.4
>
>
> Using git repository with gitblit on HTTPS.
> Every git command which involve the remote repository (like fetch, pull, push and so on) showing the username and credentials on the commandline like this:
> [INFO] Executing: cmd.exe /X /C "git push https://user:secret@devserver/gitblit//r/waffel/devopts.git test-branch"
> It should be avoided to ever print out passwords on the command line. I have encrypted the password in maven settings.xml ... but now it comes back and anybody can see them (also on a continues build server which should push with a dedicated user to a central repo).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)