Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-23447

Sensitive build variables recorded in EnvInjectSavable and displayed in EnvInjectAction

    Details

    • Similar Issues:

      Description

      If you have a BuildWrapper which overrides makeSensitiveBuildVariables to specify that its additions are to be considered secret, then add an EnvInjectBuilder which adds some unrelated variables, injectedEnvVars.txt includes the sensitive variables (in plaintext) and /job/.../.../injectedEnvVars/ shows them as well.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ndeloof Nicolas De Loof
                Reporter:
                jglick Jesse Glick
              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: