Add more precise description of maskiing sensitive field names (#40512)

apache · Jul 1, 2024 · dc03889 · dc03889
1 parent 506e9f6
commit dc03889
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/docs/apache-airflow/security/secrets/mask-sensitive-values.rst b/docs/apache-airflow/security/secrets/mask-sensitive-values.rst
@@ -38,7 +38,8 @@ Sensitive field names
 When masking is enabled, Airflow will always mask the password field of every Connection that is accessed by a
 task.
 
-It will also mask the value of a Variable, or the field of a Connection's extra JSON blob if the name contains
+It will also mask the value of a Variable, rendered template dictionaries, XCom dictionaries or the
+field of a Connection's extra JSON blob if the name contains
 any words in ('access_token', 'api_key', 'apikey', 'authorization', 'passphrase', 'passwd',
 'password', 'private_key', 'secret', 'token'). This list can also be extended: