[ https://issues.jenkins-ci.org/browse/JENKINS-12423?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mike Winters reopened JENKINS-12423: ------------------------------------ >From JENKINS-12747: On further investigation, it appears that the password that the EnvInject 1.20 plugin is exposing is NOT coming from the Perforce plugin, but from the global password defined with the Mask Password plugin (Jenkins->Manage Jenkins->Configure System->Mask Passwords - Global name/password pairs). The Perforce plugin/EnvInject plugin are still showing P4CLIENT, P4PORT, and P4USER, but I'm not too worried about exposing those. > Password masked by Mask Passwords are visible when using envinject plugin > ------------------------------------------------------------------------- > > Key: JENKINS-12423 > URL: https://issues.jenkins-ci.org/browse/JENKINS-12423 > Project: Jenkins > Issue Type: Bug > Components: envinject, mask-passwords, perforce > Environment: envinject 1.9 > mask-passwords 2.7.2 > Jenkins ver. 1.424.1 > Windows > Perforce plugin 1.3.7 > Reporter: Roger Myung > Assignee: gbois > > If I use the mask-passwords plugin to create a masked password, and also use > the envinject plugin to setup an environment, the masked password is visible > from the "Injected Environment Variables" link for each build. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira