----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/68710/#review208993 -----------------------------------------------------------
service-rpc/pom.xml Lines 156 (patched) <https://reviews.apache.org/r/68710/#comment293267> This change works (I assume) but it is fragile. What if the generated code changes? Maybe consider 1. adding a simple java unit test that proves that the password is not in toString() output 2. adding a comment to the generated code so that readers can see that somethign funny is happening - Andrew Sherman On Sept. 24, 2018, 2:01 p.m., Karen Coppage wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/68710/ > ----------------------------------------------------------- > > (Updated Sept. 24, 2018, 2:01 p.m.) > > > Review request for hive and Laszlo Pinter. > > > Bugs: HIVE-20544 > https://issues.apache.org/jira/browse/HIVE-20544 > > > Repository: hive-git > > > Description > ------- > > TOpenSessionReq, if client protocol is unset, both username and password are > logged. Logging a password is a security risk. This patch would hide it with > asterisks. > > > Diffs > ----- > > service-rpc/pom.xml d6a07a55bc > > service-rpc/src/gen/thrift/gen-javabean/org/apache/hive/service/rpc/thrift/TOpenSessionReq.java > 3195e704f3 > > > Diff: https://reviews.apache.org/r/68710/diff/5/ > > > Testing > ------- > > > File Attachments > ---------------- > > HIVE-20544.3.patch > > https://reviews.apache.org/media/uploaded/files/2018/09/24/9f8ef0d8-22df-40cf-a311-56335d88516a__HIVE-20544.3.patch > HIVE-20544.3.patch > > https://reviews.apache.org/media/uploaded/files/2018/09/24/afdfc085-cc06-4a47-81f8-499029719bd0__HIVE-20544.3.patch > > > Thanks, > > Karen Coppage > >
