gradle/gradle-build-action
1
0
Fork 0
mirror of https://github.com/gradle/gradle-build-action.git synced 2025-05-01 20:38:34 +02:00
Code Issues Projects Releases Packages Wiki Activity

Patch @azure/logger to fix CodeQL warning

Browse source 
Logging of the AZURE_LOG_LEVEL env var value is considered a security issue,
since any environment variable value could contain sensitive information.
In this case, logging the value is not really necessary.
This commit is contained in:
Daz DeBoer 2022-09-22 09:56:08 -06:00
parent 74a56b60ce
commit c295a4096e
No known key found for this signature in database
GPG key ID: DD6B9F0B06683D5D
5 changed files with 33 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
dist/main/index.js vendored
View file

@ -19822,7 +19822,7 @@ if (logLevelFromEnv) {
setLogLevel(logLevelFromEnv);
}
else {
console.error(`AZURE_LOG_LEVEL set to unknown log level '${logLevelFromEnv}'; logging is not enabled. Acceptable values: ${AZURE_LOG_LEVELS.join(", ")}.`);
console.error(`AZURE_LOG_LEVEL set to unknown log level; logging is not enabled. Acceptable values: ${AZURE_LOG_LEVELS.join(", ")}.`);
}
}
/**