scaffolder: replace ui:widget: password with a warning message

[benjdlambert]

This could be controversial, as this could potentially break a few templates.

If you're currently using ui:widget: password and then using ${{ parameters.myParam }} then this will need updating to ${{ secrets.myParam }} instead, as the current approach is not secure.

Replaces the build in ui:widget: password with our own component which warns that template authors should not be using it as it's not secure and some docs on how to use the ui:field: Secret instead.

EDIT: Ended up going with the second option here instead for now in order to not break any templates, and the ui:field: Secret not been so battletested yet.

[backstage-goalie]

Changed Packages

Package Name	Package Path	Changeset Bump	Current Version
@backstage/plugin-scaffolder-react	plugins/scaffolder-react	minor	v1.8.7-next.3
@backstage/plugin-scaffolder	plugins/scaffolder	minor	v1.21.0-next.3

[acierto]

As for me both approaches are fine as soon as this will be clear to the user during upgrade.

[github-actions]

This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!

[github-actions]

Thank you for contributing to Backstage! The changes in this pull request will be part of the 1.28.0 release, scheduled for Tue, 18 Jun 2024.