Skip to content

Commit

Permalink
Fix code scanning alert no. 2: Clear-text logging of sensitive inform…
Browse files Browse the repository at this point in the history 
…ation (In test code only) (#26)

Fixes
[https://github.com/andreasgriffin/bitcoin-safe/security/code-scanning/2](https://github.com/andreasgriffin/bitcoin-safe/security/code-scanning/2)

To fix the problem, we need to ensure that sensitive information such as
passwords is not logged in clear text. Instead of logging the actual
password, we can log a generic message indicating that a password was
created without revealing the password itself. This change will maintain
the functionality of informing that a password was created while
protecting the sensitive information.

We will modify the line that logs the password to log a generic message
instead. No additional imports or methods are needed for this change.


_Suggested fixes powered by Copilot Autofix. Review carefully before
merging._

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
  • Loading branch information
@andreasgriffin @github-advanced-security
andreasgriffin and github-advanced-security[bot] authored Nov 9, 2024
1 parent 519be3b commit 2f2f932
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion bitcoin_safe/gui/qt/dialogs.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -285,6 +285,6 @@ def filename(self) -> str:
dialog = PasswordCreation()
password = dialog.get_password()
if password:
print(f"Password created: {password}")
print("Password created successfully.")
sys.exit(app.exec())
quit()

0 comments on commit 2f2f932

Please sign in to comment.