Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

A new type for data that should never be logged. #11519

Closed
Tracked by #10519
Eh2406 opened this issue Dec 29, 2022 · 1 comment · Fixed by #11545
Closed
Tracked by #10519

A new type for data that should never be logged. #11519

Eh2406 opened this issue Dec 29, 2022 · 1 comment · Fixed by #11545
Assignees
@kylematsuda
Labels
A-registry-authentication Area: registry authentication and authorization (authn authz) Z-asymmetric-token Nightly: asymmetric-token authentication

Comments

@Eh2406
Copy link
Contributor

Eh2406 commented Dec 29, 2022
edited by rustbot
Loading

Cargo occasionally deals with secrets. We should have a new type that does not implement Display that is used in the type system to mark "this value is secret and should not be printed". Types that should be converted are plaintext tokens and PASETO after they've been generated.

cc:
@Eh2406 Eh2406 added E-help-wanted A-registry-authentication Area: registry authentication and authorization (authn authz) labels Dec 29, 2022
@ehuss ehuss added the Z-asymmetric-token Nightly: asymmetric-token authentication label Jan 3, 2023
@kylematsuda
Copy link
Contributor

@rustbot claim

@kylematsuda kylematsuda mentioned this issue Jan 5, 2023
Merged
bors added a commit that referenced this issue Jan 20, 2023
@bors
Auto merge of #11545 - kylematsuda:secret-type, r=Eh2406
d6ba7a3 
Wrapper type for data that should never be logged

Fixes #11519.

So far this is just creating the new wrapper type. If this looks okay, I'll start adding this wrapper in places where tokens and secret keys are held or passed.
@bors bors closed this as completed in ba6217e Jan 20, 2023
@weihanglo weihanglo mentioned this issue Jun 19, 2023
Open
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kylematsuda kylematsuda

Labels
A-registry-authentication Area: registry authentication and authorization (authn authz) Z-asymmetric-token Nightly: asymmetric-token authentication
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Wrapper type for data that should never be logged kylematsuda/cargo
3 participants
@ehuss @Eh2406 @kylematsuda