New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

git resource does not respect `sensitive` property #7955

jschripsema opened this Issue Nov 20, 2018 · 1 comment


None yet
1 participant

jschripsema commented Nov 20, 2018


Applying the sensitive property to a git resource does not suppress the sensitive data from the log. Using OAuth tokens embeds the actual token in the repository uri. Even when specifying that it is a sensitive resource, the entire uri is output to the logs.

Chef Version


Platform Version

CentOS Linux release 7.5.1804 (Core)

Replication Case

  git '/path/to/repo' do
    repository ''
    sensitive true
    action :sync

Client Output

* git[/path/to/repo] action sync
    - clone from into /path/to/repo
    - checkout ref 50958e958a41f23fb75e9b3c3c9f4c0b519ae295 branch HEAD



This comment has been minimized.

jschripsema commented Nov 27, 2018

This is also true of the url in the http_request resource.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment