This would be helpful for the secrets API, but also for tc-login, which takes things like persona assertions as input. Echoing that to the screen isn't fatal, but it's not great. I think this could be a simple obscureErrorResponse method that takes the error response and returns a modified version of it. This should be done before whatever logic stringifies that error message a few times (surely you've noticed that TC error messages have 2-3 copies of the actual error content, each successively more JSON-quoted).
Commit pushed to master at https://github.com/taskcluster/taskcluster-lib-api https://github.com/taskcluster/taskcluster-lib-api/commit/b74be1b251e3285731b6068cfcb27ffff263fe43 Merge pull request #49 from taskcluster/bug1316915 Bug 1316915: improve error handling in tc-lib-api
Now, to upgrade the secrets API to use this.
I can confirm that the secrets are now omitted. Happily, with other changes to tc-lib-api, the error message is a lot shorter now, too, and doesn't include the payload. The payload is still in the error response, though.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.