This is an automated email from the ASF dual-hosted git repository.
SbloodyS pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/dolphinscheduler.git
The following commit(s) were added to refs/heads/dev by this push:
new e12fa9dab6 [Improvement-18403][API&Security] Avoid raw password
exposure in user parameter validation errors (#18404)
e12fa9dab6 is described below
commit e12fa9dab6bdff1e8b0313acb6166dce51efce0e
Author: suyc <[email protected]>
AuthorDate: Fri Jul 10 16:43:12 2026 +0800
[Improvement-18403][API&Security] Avoid raw password exposure in user
parameter validation errors (#18404)
---
.../org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
index a22a287b81..db601d18db 100644
---
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
+++
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
@@ -847,7 +847,7 @@ public class UsersServiceImpl extends BaseServiceImpl
implements UsersService {
msg = userName;
} else if (!CheckUtils.checkPassword(password)) {
log.warn("Parameter password check failed.");
- msg = password;
+ msg = "password";
} else if (!CheckUtils.checkEmail(email)) {
log.warn("Parameter email check failed.");
msg = email;