Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
Apache Maven 3.2.1 (ea8b2b07643dbb1b84b6d16e1f08391b666bc1e9; 2014-02-14T18:37:52+01:00)
Maven home: D:\Dev\maven\apache-maven-3.2.1
Java version: 1.7.0_51, vendor: Oracle Corporation
Java home: D:\Dev\Java\jdk7_51_x64\jre
Default locale: de_DE, platform encoding: Cp1252
OS name: "windows 7", version: "6.1", arch: "amd64", family: "windows"
Apache Maven 3.2.1 (ea8b2b07643dbb1b84b6d16e1f08391b666bc1e9; 2014-02-14T18:37:52+01:00) Maven home: D:\Dev\maven\apache-maven-3.2.1 Java version: 1.7.0_51, vendor: Oracle Corporation Java home: D:\Dev\Java\jdk7_51_x64\jre Default locale: de_DE, platform encoding: Cp1252 OS name: "windows 7", version: "6.1", arch: "amd64", family: "windows"
Description
Using git repository with gitblit on HTTPS.
Every git command which involve the remote repository (like fetch, pull, push and so on) showing the username and credentials on the commandline like this:
[INFO] Executing: cmd.exe /X /C "git push https://user:secret@devserver/gitblit//r/waffel/devopts.git test-branch"
It should be avoided to ever print out passwords on the command line. I have encrypted the password in maven settings.xml ... but now it comes back and anybody can see them (also on a continues build server which should push with a dedicated user to a central repo).