-
Bug
-
Resolution: Unresolved
-
Critical
-
Jenkins 2.401.1 LTS
Blue Ocean 1.27.4
SonarQube Scanner for Jenkins 2.15
Hi,
when providing withSonarQubeEnv with access token from Jenkins credentials, default Jenkins logs hide it:
However, the same stage reveals it in BlueOcean by displaying the full command being executed:
This should be hidden with asterisks in the same manner as in Jenkins logs.
And please ensure it is done not just for Sonar but any other similar statements as withcredentials or sshagent (not sure if it is revealed for those too).
