@BanzaiMan: yes, that was suggested above. Unfortunately in my case I want to keep the secrets secret 
.
2 Likes
Secret environment variables are not obfuscated on Windows
Was this enabled by default? This seems rather risky, to risk leaking peoples secrets without them explicitly opting in and knowing about it 
Also, is this a temporary limitation, or will it always be this way?
1 Like
Note that secrets obfuscation has always been best-effort. (The log viewer may be able to obfuscate the values on Linux/OSX, but in general it isnโt possible to prevent Turing-complete rogue code from sending them over the network to a third-party.) While Travis doesnโt make secrets available to external pull requests, it is still up to you to review pull requests for any rogue secret-exposing code before merging them in (after which that code will get to see your secret variables).
So no security risk right now, provided that project members with approval/merging rights are doing their due diligence on external code.
So no security risk right now, provided that project members with approval/merging rights are doing their due diligence on external code.
Today the secrets are obfuscated on Linux and macOS (Iโm talking about generally in logs, and not from malicious PRs). If someone sees you support Windows and enables it without reading through all of this forum/thread, they would not know that secret obfuscation has been deliberately disabled.
It seems very easy for someone to turn on Windows support and not realise that secrets they thought were being obfuscated are not. If you canโt support it, IMO it would be better to error the job explaining itโs not supported and let them explicitly opt-in to having it off. It just seems very dangerous to be leaking secrets when a user believes they are being obfuscated.
Any movement on windows debug builds?