Sauce Labs Customer Idea Portal

Submit an idea and make Sauce Labs even better!

Encrypt or remove authentication details from verbose logging

Currently, using the -vv flag logs the encoded but not encrypted authentication details into the logging file. This means that anyone with access to the log files has access to the user's Access Key, which can be a problem depending on how the available the log files are. Current implementations of our testing infrastructure would allow anyone to be able to view the logs when made available as a test artifact after the fact.

 

When dealing with Sauce Support, the verbose logs are requested from occurrences of Sauce Connect based errors, but are unable to be provided due to this type of issue

  • Ian Blake-Knox
  • Jun 13 2016
  • Shipped
  • Attach files