Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mitigate task args disclosure #55469

Open
wants to merge 3 commits into
base: devel
from

Conversation

Projects
None yet
4 participants
@bcoca
Copy link
Member

commented Apr 17, 2019

Also deprecate the setting, since 'invocation' on results should be a better source as it is fully templated and correctly censored.

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

callbacks

@jamescassell
Copy link
Contributor

left a comment

Is the invocation data available even in failure conditions? I.e, are we losing anything here?

@@ -1315,6 +1315,10 @@ DISPLAY_ARGS_TO_STDOUT:
- {key: display_args_to_stdout, section: defaults}
type: boolean
version_added: "2.1"
deprecated:
why: This can lead to involuntary security disclosures
version: "2.12"

This comment has been minimized.

Copy link
@jamescassell

jamescassell Apr 18, 2019

Contributor

2.13? Or is this to be back ported?

@bcoca bcoca changed the title deprecate displaying raw task args mitigate task args disclosure Apr 18, 2019

@ansibot ansibot added needs_revision and removed core_review labels Apr 18, 2019

@ansibot ansibot added stale_ci and removed ci_verified labels Apr 30, 2019

@mattclay mattclay added the ci_verified label May 2, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.