Hi Sir, I have been facing this issue for a long time.
*Title* : Running command `git reflog` in git project directory showing git password in plain text *Description* : To pull code using http method in git project directory on remote server is showing git password in plain text. CI/CD tools like Jenkins gives the option to create builds (pull code from git repository) on remote servers. It needs 'origin url with git username and password' in git pull command. If a user runs git reflog command in such a git project directory, it shows git password in plain text. *Steps To Reproduce :* 1. Clone git repository on a remote server. This is our git project directory. 2. Push code into the repository. This is our git repository. 3. Pull code in the git project directory using CI /CD tools like jenkins using the http method of git or use shell script to pull code on remote server. 4. Jenkins provides utility to store git username and git password in variable as 'secret text(s) or file(s)' option of 'Build Environment' where no other users of Jenkins can see the stored password as it is encrypted. 5. Now Login to the remote server using ssh and run git reflog command in the git project directory. 6. It shows the password in plain text. The password should not be visible in plain text using any method. We have some limitations on the server where git repository(gitlab) is deployed. Port 22 cannot be opened here so we cannot use ssh keys method to create the build in Jenkins. We can use only the http method to pull the changes. Is there any way so we could implement to avoid showing the git credentials in plain text in the project directory? Thank You Regards Pavi K -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/git-users/7ae6098f-f3dc-4c22-86cd-046e574545fbn%40googlegroups.com.
