make support string more secure #5055

New Issue

Closed

opened 2026-03-07 20:11:14 -06:00 by GiteaMirror · 0 comments

GiteaMirror commented 2026-03-07 20:11:14 -06:00

Owner

Copy Link

Originally created by @tessus on GitHub (Nov 23, 2022).

Originally assigned to: @BlackDex on GitHub.

Opening this just as a reference.

When a support string is generated the masked entries still show certain info:

• length of a password, user, database name in the DB URL
• length of smtp username
• domain length and TLD length, if subdomain is used or a sub directory
• length and format of smtp_from

This change masks the fields with *** as it is done for passwords.

/ref #2878

Originally created by @tessus on GitHub (Nov 23, 2022). Originally assigned to: @BlackDex on GitHub. Opening this just as a reference. When a support string is generated the masked entries still show certain info: - length of a password, user, database name in the DB URL - length of smtp username - domain length and TLD length, if subdomain is used or a sub directory - length and format of smtp_from This change masks the fields with `***` as it is done for passwords. /ref #2878

GiteaMirror added the enhancement label 2026-03-07 20:11:14 -06:00

GiteaMirror closed this issue 2026-03-07 20:11:15 -06:00

GiteaMirror referenced this issue 2026-03-07 21:12:38 -06:00

[PR #5055] [MERGED] Fix `--version` from failing without config #7193

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

better for forum

bug

documentation

duplicate

enhancement

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

SSO

Third party

troubleshooting

wontfix

No Label enhancement

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#5055