Use the secrecy crate to wrap passwords and sensitive strings throughout the codebase. This prevents accidental logging, ensures zeroization on drop, and makes security boundaries explicit in the type system.
What to focus on:
- Wrap password fields with
Secret<String> in commands, CLI args, and SDK methods
- Keep binary protocol serialization unchanged (Secret is transparent during serialization)
- Only expose secrets via
.expose_secret() when hashing or serializing
- Consider PAT tokens and connection strings too (currently we manually replace sensitive content with
*****)
Done when passwords are never accidentally logged, tests pass, and all plaintext password fields are wrapped.
Use the
secrecycrate to wrap passwords and sensitive strings throughout the codebase. This prevents accidental logging, ensures zeroization on drop, and makes security boundaries explicit in the type system.What to focus on:
Secret<String>in commands, CLI args, and SDK methods.expose_secret()when hashing or serializing*****)Done when passwords are never accidentally logged, tests pass, and all plaintext password fields are wrapped.