-
Notifications
You must be signed in to change notification settings - Fork 134
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LoggingDoNotLog check ensures credentials aren't logged in any form #2205
Conversation
Loggers themselves are obvious, however exception messages are less obvious and equally dangerous.
Generate changelog in
|
private static final Matcher<ExpressionTree> PRECONDITIONS_METHODS = Matchers.anyOf( | ||
MethodMatchers.staticMethod() | ||
.onClass("com.google.common.base.Preconditions") | ||
.namedAnyOf("checkArgument", "checkNotNull", "checkState"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this just be any method? E.g. there is also checkElementIndex
and checkPositionIndex
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried to cover the most common methods, supporting others requires a different argument index offset. Could be a future improvement to this check.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
Released 4.108.0 |
###### _excavator_ is a bot for automating changes across repositories. Changes produced by the roomba/latest-baseline-oss check. # Release Notes ## 4.108.0 | Type | Description | Link | | ---- | ----------- | ---- | | Improvement | LoggingDoNotLog check ensures credentials aren't logged in any form | palantir/gradle-baseline#2205 | To enable or disable this check, please contact the maintainers of Excavator.
Loggers themselves are obvious, however exception messages are less
obvious and equally dangerous.
==COMMIT_MSG==
LoggingDoNotLog check ensures credentials aren't logged in any form
==COMMIT_MSG==