Added code to ensure that passwords are not included git.remote.origin.url

[damnhandy]

PR for issue #240

[ceefour]

👍 this is a security issue

[ktoso]

missing license header, I'll add

[ktoso]

LGTM, thanks a lot for noticing and the fix - I would not have noticed as currently not using Maven in any of the projects I maintain (except this one).

I'll merge and cut a release shortly after today as you're right that it's a security issue.

[damnhandy]

Thanks for taking the change. This plugin is extremely useful to me and my teams. Interestingly, the core issue is really not in this plugin, but your code was easier to jump in and make a fix. It's well organized and has great test cases.

[ktoso]

This plugin is extremely useful to me and my teams. Interestingly, the core issue is really not in this plugin, but your code was easier to jump in and make a fix. It's well organized and has great test cases.

I'm very glad to hear that. Yeah, it's not really our fault but let's clean up the problem since we can.

Thanks a lot for the PR!
I've released 2.2.1 with this fix - it'll be on central soon.