Earl Warren b772be7131 fix(security): a multiline secret may be found in a single log entry (#1051) ... With secrets.MULTILINE set to ``` ABC DEF GHI ``` the following is logged in debug mode: ``` 2025-09-18T10:54:04.4656189Z expression '${{ secrets.MULTILINE }}' rewritten to 'format('{0}', secrets.MULTILINE)' 2025-09-18T10:54:04.4656426Z evaluating expression 'format('{0}', secrets.MULTILINE)' 2025-09-18T10:54:04.4656797Z expression 'format('{0}', secrets.MULTILINE)' evaluated to '%!t(string=ABC\nDEF\nGHI)' ``` Although it is displayed with \ followed by n, it is a single line entry displayed with the secret verbatim and must also be redacted. <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/1051): <!--number 1051 --><!--line 0 --><!--description Zml4KHNlY3VyaXR5KTogYSBtdWx0aWxpbmUgc2VjcmV0IG1heSBiZSBmb3VuZCBpbiBhIHNpbmdsZSBsb2cgZW50cnk=-->fix(security): a multiline secret may be found in a single log entry<!--description--> <!--end release-notes-assistant--> Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/1051 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>		2025-10-03 08:22:06 +00:00
..
mask.go	fix(security): a multiline secret may be found in a single log entry (#1051)	2025-10-03 08:22:06 +00:00
mask_test.go	fix(security): a multiline secret may be found in a single log entry (#1051)	2025-10-03 08:22:06 +00:00
reporter.go	fix: improve logging to diagnose mystery job terminations (#1048)	2025-10-02 22:43:50 +00:00
reporter_test.go	fix: outputs are only set when the job is successful (#1017)	2025-09-18 16:17:56 +00:00