Skip to content

password data type redaction should not be limited to UI #3404

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mgrafl opened this issue Oct 17, 2023 · 1 comment
Closed

password data type redaction should not be limited to UI #3404

mgrafl opened this issue Oct 17, 2023 · 1 comment
Labels
format-registry

Comments

@mgrafl
Copy link
Contributor

mgrafl commented Oct 17, 2023

The password setting of the modifier property format is described in the Data Types section as "A hint to UIs to obscure input."

OpenAPI-Specification/versions/3.1.0.md

Line 160 in ddcab42

`string` | `password` | A hint to UIs to obscure input.

Since the OpenAPI Specification is also relevant for backends, the description should be generalized, e.g., "A hint to UIs and backend systems to obscure/redact the value."

An example for the necessity of redacting the value of a password field is in the toString method generated by the openapi-generator tool: OpenAPITools/openapi-generator#16851
@MikeRalphson
Copy link
Member

MikeRalphson commented Oct 19, 2023
edited
Loading

This looks like a useful improvement, thank you. Do you have time to work up a PR on the v3.1.1-dev branch?

@mgrafl mgrafl mentioned this issue Oct 21, 2023
Merged
@mgrafl mgrafl mentioned this issue Jan 27, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
format-registry
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MikeRalphson @handrews @mgrafl