-
Type:
New Feature
-
Resolution: Fixed
-
Priority:
Major
-
Component/s: envinject-plugin
-
None
In several cases Jenkins users may expose passwords as a plain text in "Injected variables" action (e.g. password reassigning for a non-sensitive variable). It may make sense to completely prohibit the exposure of environment variables via:
- Permissions
- Global Settings
- Per-project settings
- is duplicated by
-
JENKINS-24287 EnvInject exposes password hashes
-
- Resolved
-
- is related to
-
-
- Resolved
-