On Wed, 26 Jul 2023 at 13:42, Enrico Scholz <enrico.sch...@sigma-chemnitz.de> wrote:> > it's better to just scrub them prior to publishing with a post-script.> > Else, there are sometimes not many ways to work without them. > E.g. SSTATE_MIRRORS has contain the secret token because it is used > directly by bitbake; perhaps I could use a wget wrapper and write a > custom curl python class...
Yes, the secret needs to be in a file (or other access-controlled facility), and read from it by the process that needs it, and only directly prior to using it. Having it in a bitbake variable which gets passed through a million tasks and components is a terrible idea, and I do not want to validate it by having a 'secret' flag. Sorry, still no. Alex
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#184880): https://lists.openembedded.org/g/openembedded-core/message/184880 Mute This Topic: https://lists.openembedded.org/mt/100368202/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-