Hey Mukul Thanks for reporting the issue! I also see the commit in 1.1.0-RC0 branch.
Regards Lokesh > On 25-Mar-2021, at 10:30 AM, Mukul Kumar Singh <mksingh.apa...@gmail.com> > wrote: > > Thanks Arpit and Sammi for the responses. > > Note: Please block any merges to Apache master while this commit is being > removed. > > I will send out another email once the process is done. > > > Thanks, > Mukul > > On 25/03/21 9:19 am, Sammi Chen wrote: >> +1 >> >> Thanks Mukul for raising the issue. >> >> On Thu, Mar 25, 2021 at 10:33 AM Mukul Kumar Singh <mksingh.apa...@gmail.com> >> wrote: >> >>> Hi, >>> >>> >>> Recently, through one of the jiras(HDDS-4864), aws_secret_access_key was >>> committed into Ozone's source code. Secrets, gpg passphrases, passwords, >>> ssh private files should not be committed into Ozone source code as they >>> leak credentials into the source code. >>> >>> This issue will be solved via the following steps >>> >>> a) The above commit will be removed from the Ozone commit history. We >>> will force push to the Ozone master branch with this commit removed. >>> >>> b) A new commit hook/ CI check will be added to prevent this from >>> hapennening again. >>> >>> Please hold off on merging any new changes into Ozone until the commit >>> is removed from Apache commit history. >>> >>> Thanks, >>> >>> Mukul >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: dev-unsubscr...@ozone.apache.org >>> For additional commands, e-mail: dev-h...@ozone.apache.org >>> >>> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@ozone.apache.org > For additional commands, e-mail: dev-h...@ozone.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@ozone.apache.org For additional commands, e-mail: dev-h...@ozone.apache.org
