spetz opened a new pull request, #3008: URL: https://github.com/apache/iggy/pull/3008
SDK consumers had to depend on the secrecy crate just to read token values returned from create-PAT and login endpoints. These are API response fields intentionally exposed to the caller over the wire — wrapping them in SecretString added friction (custom Debug impls, serialize_secret annotations, expose_secret() calls) without meaningful security benefit. Changes RawPersonalAccessToken.token and TokenInfo.token from SecretString to plain String. Leaves SecretString in place for actual secrets: user passwords, credentials, and PAT values used in login commands. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
