MongoDB Credentials Logged to Console
WhatCats opened this issue ยท 0 comments
Description
Luckperms will log the MongoDB connection URI even though it contains sensitive information:
[LuckPerms] Resolved configuration value from environment variable: LUCKPERMS_DATA_MONGODB_CONNECTION_URI = mongodb://...
Reproduction Steps
- Put your darkest secrets in the
LUCKPERMS_DATA_MONGODB_CONNECTION_URIenvironment variable and start it up - Be frightened as you see your darkest secrets be revealed in the logs
Expected Behaviour
I expect it to not show the actual value like what it does for other environment variables containing sensitive information.