-
Notifications
You must be signed in to change notification settings - Fork 5.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
scaffolder: replace ui:widget: password
with a warning message
#24834
Conversation
Changed Packages
|
As for me both approaches are fine as soon as this will be clear to the user during upgrade. |
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution! |
… one Signed-off-by: blam <ben@blam.sh>
Signed-off-by: blam <ben@blam.sh>
Signed-off-by: blam <ben@blam.sh>
3d91455
to
504661a
Compare
ui:widget: password
with ui:field: Secret
implementationui:widget: password
with a warning message
Signed-off-by: blam <ben@blam.sh>
Signed-off-by: blam <ben@blam.sh>
Signed-off-by: blam <ben@blam.sh>
Thank you for contributing to Backstage! The changes in this pull request will be part of the |
This could be controversial, as this could potentially break a few templates.If you're currently usingui:widget: password
and then using${{ parameters.myParam }}
then this will need updating to${{ secrets.myParam }}
instead, as the current approach is not secure.Replaces the build in
ui:widget: password
with our own component which warns that template authors should not be using it as it's not secure and some docs on how to use theui:field: Secret
instead.EDIT: Ended up going with the second option here instead for now in order to not break any templates, and the
ui:field: Secret
not been so battletested yet.