Skip to content

Only print Auth token when in Verbose mode#275

Open
gllebede-havok wants to merge 1 commit intomicrosoft:developfrom
gllebede-havok:user/gllebede/print-auth-only-when-verbose
Open

Only print Auth token when in Verbose mode#275
gllebede-havok wants to merge 1 commit intomicrosoft:developfrom
gllebede-havok:user/gllebede/print-auth-only-when-verbose

Conversation

@gllebede-havok
Copy link

@gllebede-havok gllebede-havok commented Sep 23, 2024

It looks like the intention was to print the Auth token only when in Verbose mode, taking into account previous line.

Printing Auth PAT to console in normal mode may expose PAT to a party with malicious intent.

jwittner
jwittner requested changes Sep 23, 2024
View reviewed changes
UnitySetup/UnitySetup.psm1

Write-Verbose "Summary"
Write-Output $upmConfigs
Write-Verbose $upmConfigs
Copy link
Member

@jwittner jwittner Sep 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should either skip the summary or strip the tokens from the objects. Even in verbose it's not good practice.

Copy link
Member

@jwittner jwittner Sep 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As a note - Write-Output is like adding it to the return value. It'll only get printed if the caller doesn't capture the output. That said, I agree that I think the author was trying to print this out for the summary not return it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jwittner jwittner jwittner requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gllebede-havok @jwittner