Masking secrets in logs

security
output

#1

TravisCI does smart thing about preventing secret leaks. It filters data that will be outputted to the public logs based on the current projects secret variables. If a log sub-string matches a secret variable value - sub-string will be replaced with [secret] instead of secret variable’s real value.

CircleCI can take it even further and notify via email or dev console about potential leaks.


Masking secrets in output logs
#2