We have been using ReviewBoard with our Subversion repos using svn+ssh:// access, and while functional, it’s been a little slow. Performance with https:// access to our Subversion servers is noticeably faster, but when I configure the Repository in ReviewBoard and specify the username and password to use, I noticed that the password is stored in plain text in the database. The database itself is not easily accessible by users, but the nightly database dumps could be read by others, so I am concerned about a possible exposure of automated build user account password.
We are still using ReviewBoard 1.7.27 as it is hosted on a CentOS 6 server, so upgrading to 2.X is not trivial. Is it common practice for ReviewBoard users to store repository passwords in the database in plain text? Alfred -- Supercharge your Review Board with Power Pack: https://www.reviewboard.org/powerpack/ Want us to host Review Board for you? Check out RBCommons: https://rbcommons.com/ Happy user? Let us know! https://www.reviewboard.org/users/ --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
