[ https://jira.codehaus.org/browse/SCM-764?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=354168#comment-354168 ]
Ludovic Lebègue edited comment on SCM-764 at 10/15/14 1:52 PM: --------------------------------------------------------------- I have provided a patch for this one associated with a pull request on github :https://github.com/apache/maven-scm/pull/24 was (Author: llebegue): I have provided a patch for this one associated with a pull request on github : https://github.com/apache/maven-scm/pull/23 > username and credentials shown as INFO on commadline > ---------------------------------------------------- > > Key: SCM-764 > URL: https://jira.codehaus.org/browse/SCM-764 > Project: Maven SCM > Issue Type: Bug > Components: maven-scm-provider-git > Environment: Apache Maven 3.2.1 > (ea8b2b07643dbb1b84b6d16e1f08391b666bc1e9; 2014-02-14T18:37:52+01:00) > Maven home: D:\Dev\maven\apache-maven-3.2.1 > Java version: 1.7.0_51, vendor: Oracle Corporation > Java home: D:\Dev\Java\jdk7_51_x64\jre > Default locale: de_DE, platform encoding: Cp1252 > OS name: "windows 7", version: "6.1", arch: "amd64", family: "windows" > Reporter: Thomas Wabner > > Using git repository with gitblit on HTTPS. > Every git command which involve the remote repository (like fetch, pull, push > and so on) showing the username and credentials on the commandline like this: > [INFO] Executing: cmd.exe /X /C "git push > https://user:secret@devserver/gitblit//r/waffel/devopts.git test-branch" > It should be avoided to ever print out passwords on the command line. I have > encrypted the password in maven settings.xml ... but now it comes back and > anybody can see them (also on a continues build server which should push with > a dedicated user to a central repo). -- This message was sent by Atlassian JIRA (v6.1.6#6162)
