Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generated lockfiles header has the full path location of pants exposing personal data #15740

Closed
jbasila-orca opened this issue Jun 3, 2022 · 2 comments
Closed

Generated lockfiles header has the full path location of pants exposing personal data #15740

jbasila-orca opened this issue Jun 3, 2022 · 2 comments
Labels
bug

Comments

@jbasila-orca
Copy link
Contributor

This is more a privacy matter and security. The generated lock file contains in the header the location of the pants wrapper script that was used exposing the username and also the repository name

2.11.1rc2
but I think it has been like this for a long time

This was run on MacOS, but I think the same will happen on other platforms
@Eric-Arellano Eric-Arellano self-assigned this Jun 3, 2022
@Eric-Arellano
Copy link
Contributor

Hey @jbasila-orca , do you remember if you were using the standard ./pants script at the time, or a custom script like ./v2? I'm wondering if the option PANTS_BIN_NAME was set. By default, it should only say ./pants generate-lockfiles --resolve=<name>, and not include the full path.

asherf added a commit to asherf/pants that referenced this issue Aug 18, 2022
@asherf
Allow removing headers from lockfile
2fb7c2c 
Fixes: pantsbuild#15740
asherf added a commit to asherf/pants that referenced this issue Aug 18, 2022
@asherf
Allow removing headers from lockfile
dcb46cb 
Fixes: pantsbuild#15740
@asherf asherf mentioned this issue Aug 18, 2022
Closed
asherf added a commit to asherf/pants that referenced this issue Aug 19, 2022
@asherf
Allow removing headers from lockfile
85caefa 
Fixes: pantsbuild#15740
asherf added a commit to asherf/pants that referenced this issue Aug 19, 2022
@asherf
Allow removing headers from lockfile
09535a7 
Fixes: pantsbuild#15740
asherf added a commit to asherf/pants that referenced this issue Aug 19, 2022
@asherf
Allow removing headers from lockfile
d1be113 
Fixes: pantsbuild#15740
asherf added a commit to asherf/pants that referenced this issue Aug 19, 2022
@asherf
Allow removing headers from lockfile
ba4da1d 
Fixes: pantsbuild#15740
@Eric-Arellano Eric-Arellano removed their assignment Dec 29, 2022
@rafrafek rafrafek mentioned this issue Feb 9, 2023
Closed
@jsirois
Copy link
Contributor

jsirois commented Feb 9, 2023

Although this was the original, I'll close as a duplicate of #18202 since it has more and more modern context.

@jsirois jsirois closed this as completed Feb 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Allow removing headers from lockfile asherf/pants
3 participants
@jsirois @Eric-Arellano @jbasila-orca