Re: [PR] [ISSUE 15678] Key no longer appear in exception messages [dubbo]

Tue, 09 Sep 2025 18:34:52 -0700 


Copilot commented on code in PR #15682:
URL: https://github.com/apache/dubbo/pull/15682#discussion_r2335261082


##########
dubbo-common/src/main/java/org/apache/dubbo/common/URL.java:
##########
@@ -1213,20 +1223,34 @@ protected void buildParameters(StringBuilder buf, 
boolean concat, String[] param
                     } else {
                         buf.append('&');
                     }
-                    buf.append(entry.getKey());
+                    buf.append(key);
                     buf.append('=');
                     buf.append(entry.getValue() == null ? "" : 
entry.getValue().trim());
                 }
             }
         }
     }
 
+    private boolean isSensitiveParameter(String key) {
+        return USERNAME_KEY.equals(key) || PASSWORD_KEY.equals(key) || 
ACCESS_KEY.equals(key) || SECRET_KEY.equals(key);
+    }
+
     private String buildString(boolean appendUser, boolean appendParameter, 
String... parameters) {
-        return buildString(appendUser, appendParameter, false, false, 
parameters);
+        return buildString(appendUser, appendParameter, false, false, false, 
parameters);
     }

Review Comment:
   [nitpick] Similar to the buildParameters method, this delegation method 
should have a comment explaining the default behavior of hiding sensitive 
parameters for backward compatibility.



##########
dubbo-common/src/main/java/org/apache/dubbo/common/URL.java:
##########
@@ -1200,11 +1202,19 @@ public String toParameterString(String... parameters) {
     }
 

Review Comment:
   [nitpick] This method creates an overloaded method that delegates to the 
newer version with a hardcoded `false` for `showSensitive`. Consider adding a 
comment explaining that this maintains backward compatibility and defaults to 
hiding sensitive parameters.
   ```suggestion
   
       /**
        * Overloaded for backward compatibility. Defaults to hiding sensitive 
parameters
        * by passing {@code false} for {@code showSensitive}.
        */
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to