Fix/logging user sensitive config data in cleartext (#1634)

* Redact username and passwords from config log

* Redact empty username and password

* Make regex Username/Password case-insensitive in config redaction
This commit is contained in:
schroda
2025-09-10 00:14:21 +02:00
committed by GitHub
parent 2b767eb488
commit 3df0106325

View File

@@ -223,8 +223,8 @@ fun applicationSetup() {
.root() .root()
.render(ConfigRenderOptions.concise().setFormatted(true)) .render(ConfigRenderOptions.concise().setFormatted(true))
.replace( .replace(
Regex("(\"(?:basicAuth|auth)(?:Username|Password)\"\\s:\\s)(?!\"\")\".*\""), Regex("(\".*(?i:username|password).*\"\\s:\\s)\".*\""),
"$1\"******\"", "$1\"[REDACTED]\"",
) )
} }