rayan/go-task
1
0
Fork 0
mirror of https://github.com/go-task/task.git synced 2026-06-29 15:44:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,781 Commits 24 Branches 126 Tags
task-secret
Commit Graph

3 Commits

Author SHA1 Message Date
Valentin Maerten
da90ecd083 fix: prevent secret variable leaks in summary, verbose and key ordering 
- mask secret values in `task --summary` (commands and vars listing)
- mask resolved value of dynamic (sh) secrets in verbose logs
- use masked command for platform-skipped verbose log
- allow `secret` key in any position in a var definition (not only first)
- add `value` to the JSON schema var definition
- skip masking pass when no secret is present and dedup mask helpers
- document that the `secret` flag is not propagated to derived variables
 2026-06-29 12:36:56 +02:00
Valentin Maerten
32f237af7d refactor: compute masked command at compile time 
Move secret masking from runtime (task.go) to compile time (variables.go).
This avoids recalculating variables on each log.

- Add MaskSecretsWithExtra for loop vars and deferred commands
- Rename CmdTemplate to LogCmd (clearer intent)
- Simplify logging in runCommand
 2026-04-19 22:56:14 +02:00
Valentin Maerten
8bd982c702 feat: do not log secret variables 2026-04-19 22:56:14 +02:00