Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Whitelist environment variables to be shown on error #466
When installing dependencies failed, tox shows the whole environment:
apart from being a lot of visual noise, this can leak things like passwords or API keys (i.e. secure environment variables) on CI systems like Travis.
Seems like that happened here: https://github.com/GoogleCloudPlatform/google-auth-library-python/pull/102/files#diff-a09db41a73f7fd39327cf6a25e928626
Instead, I think there should be a configurable whitelist of what to show, being something like
Hi @The-Compiler - I also think it is definitely necessary to change this behaviour. I would even shoot for the next release.
From a user view who suffers from severe featuritis I would wish for the following:
From developer point of view, who might have to implement and maintain this I would think:
So I would also opt for adding the suggested white list. I might send a PR soon if no one else shouts that they want to implement it.
referenced this issue
Mar 31, 2017
This also seems to affect devpi (via
I've had people refuse to run