Details

    • Type: Bug
    • Status: Verified (View Workflow)
    • Priority: Critical
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 7.7.1.GA
    • Component/s: None
    • Labels:

      Description

      For some reason, stored passwords on .config/config.git repositories are not being encrypted anymore when a user import a repository.
      You can verify this from v7.30 onwards.
      On the other hand, encrypting the password - as previously done - offers a very limited security because it is easy to get our own code and decrypt the password.

      I've scanned over the code and found no reason for storing the credentials, so this task is meant to remove this information.
      Since we store the credentials in a git repository, the whole git history needs to be wiped out.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  r_anand Rishiraj Anand
                  Reporter:
                  davidredhat David Gutierrez
                  Tester:
                  Barbora Siskova
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: