This repository was archived by the owner on Oct 23, 2023. It is now read-only.
This repository was archived by the owner on Oct 23, 2023. It is now read-only.
SanitizePasswordsProcessor should exclude private keys #1042
Open
Description
Currently PEM private keys are not filtered out by the SanitizePasswordsProcessor. They probably ought to be. They aren't passwords, but it also handles API keys, so it seems like the best place since it's on by default.
Probably if "PRIVATE KEY-----" in value is a simple and mostly correct way to implement it.