From 2f2f932ba3444d552460478ad86dfe18346fc1c7 Mon Sep 17 00:00:00 2001
From: Andreas Griffin <116060138+andreasgriffin@users.noreply.github.com>
Date: Sat, 9 Nov 2024 19:21:05 +0100
Subject: [PATCH] Fix code scanning alert no. 2: Clear-text logging of
 sensitive information  (In test code only)  (#26)

Fixes
[https://github.com/andreasgriffin/bitcoin-safe/security/code-scanning/2](https://github.com/andreasgriffin/bitcoin-safe/security/code-scanning/2)

To fix the problem, we need to ensure that sensitive information such as
passwords is not logged in clear text. Instead of logging the actual
password, we can log a generic message indicating that a password was
created without revealing the password itself. This change will maintain
the functionality of informing that a password was created while
protecting the sensitive information.

We will modify the line that logs the password to log a generic message
instead. No additional imports or methods are needed for this change.


_Suggested fixes powered by Copilot Autofix. Review carefully before
merging._

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 bitcoin_safe/gui/qt/dialogs.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bitcoin_safe/gui/qt/dialogs.py b/bitcoin_safe/gui/qt/dialogs.py
index d98bee3..dc687d1 100644
--- a/bitcoin_safe/gui/qt/dialogs.py
+++ b/bitcoin_safe/gui/qt/dialogs.py
@@ -285,6 +285,6 @@ def filename(self) -> str:
     dialog = PasswordCreation()
     password = dialog.get_password()
     if password:
-        print(f"Password created: {password}")
+        print("Password created successfully.")
     sys.exit(app.exec())
     quit()