Datasource passwords are displayed in plaintext in the changelog difference #8595

New Issue

Closed

opened 2025-12-29 20:38:37 +01:00 by adam · 4 comments

adam commented 2025-12-29 20:38:37 +01:00

Owner

Copy Link

Originally created by @mtbutler07 on GitHub (Sep 8, 2023).

NetBox version

v3.6.1

Python version

3.10

Steps to Reproduce

1. Create a new git data source
2. Populate the username/password fields
3. A changelog record is created displaying the password in plain text

Expected Behavior

The password and other secret fields should be omitted or masked in the changelog difference

Observed Behavior

The password was shown in plain text

Originally created by @mtbutler07 on GitHub (Sep 8, 2023). ### NetBox version v3.6.1 ### Python version 3.10 ### Steps to Reproduce 1. Create a new git data source 2. Populate the username/password fields 3. A changelog record is created displaying the password in plain text  ### Expected Behavior The password and other secret fields should be omitted or masked in the changelog difference ### Observed Behavior The password was shown in plain text

adam added the type: bug label 2025-12-29 20:38:37 +01:00

adam closed this issue 2025-12-29 20:38:37 +01:00

adam commented 2025-12-29 20:38:37 +01:00

Author

Owner

Copy Link

@DanSheps commented on GitHub (Sep 8, 2023):

Thank you for opening a bug report. It seems that the described functionality is intended behavior. If you meant to open a feature request instead, please close this issue and open a new one using the feature request template. Otherwise, please revise your post above to elaborate on why you believe the observed behavior is flawed.

@DanSheps commented on GitHub (Sep 8, 2023): Thank you for opening a bug report. It seems that the described functionality is intended behavior. If you meant to open a feature request instead, please close this issue and open a new one using the [feature request template](https://github.com/netbox-community/netbox/issues/new?template=feature_request.md). Otherwise, please revise your post above to elaborate on why you believe the observed behavior is flawed.

adam commented 2025-12-29 20:38:38 +01:00

Author

Owner

Copy Link

@mtbutler07 commented on GitHub (Sep 8, 2023):

Hi @DanSheps! Displaying the passwords in plain text is intended?
That doesn't seem to be consistent with the rest of the NetBox UI so it seemed like a bug to me.
Examples:

• Passwords are masked during user login
• User passwords are not visible from within the admin panel
• Salt and hashes are both masked in the admin panel

Otherwise, please revise your post above to elaborate on why you believe the observed behavior is flawed.

The observed behavior is flawed because credentials are being compromised to other users that can view the changelog when they could be omitted or masked like they are throughout the rest of the NetBox UI.

I'm more than happy to convert this to a feature request if that's the proper way forward. Just let me know.

@mtbutler07 commented on GitHub (Sep 8, 2023): Hi @DanSheps! Displaying the passwords in plain text is intended? That doesn't seem to be consistent with the rest of the NetBox UI so it seemed like a bug to me. Examples: - Passwords are masked during user login - User passwords are not visible from within the admin panel - Salt and hashes are both masked in the admin panel >Otherwise, please revise your post above to elaborate on why you believe the observed behavior is flawed. The observed behavior is flawed because credentials are being compromised to other users that can view the changelog when they could be omitted or masked like they are throughout the rest of the NetBox UI. I'm more than happy to convert this to a feature request if that's the proper way forward. Just let me know.

adam commented 2025-12-29 20:38:38 +01:00

Author

Owner

Copy Link

@DanSheps commented on GitHub (Sep 8, 2023):

This is intended, as it is the change log. No change log data is encrypted .

Please do open a FR

@DanSheps commented on GitHub (Sep 8, 2023): This is intended, as it is the change log. No change log data is encrypted . Please do open a FR

adam commented 2025-12-29 20:38:38 +01:00

Author

Owner

Copy Link

@mtbutler07 commented on GitHub (Sep 8, 2023):

Created FR https://github.com/netbox-community/netbox/issues/13729

@mtbutler07 commented on GitHub (Sep 8, 2023): Created FR https://github.com/netbox-community/netbox/issues/13729

adam referenced this issue 2025-12-29 23:19:27 +01:00

[PR #9982] [MERGED] Closes #8595: Added new PON interface types #13541

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

update-changelog-comments-docs

feature-removal-issue-type

20911-dropdown

20239-plugin-menu-classes-mutable-state

21097-graphql-id-lookups

feature

fix_module_substitution

20923-dcim-templates

20044-elevation-stuck-lightmode

feature-ip-prefix-link

v4.5-beta1-release

20068-import-moduletype-attrs

20766-fix-german-translation-code-literals

20378-del-script

7604-filter-modifiers-v3

circuit-swap

12318-case-insensitive-uniqueness

20637-improve-device-q-filter

20660-script-load

19724-graphql

20614-update-ruff

14884-script

02496-max-page

19720-macaddress-interface-generic-relation

19408-circuit-terminations-export-templates

20203-openapi-check

fix-19669-api-image-download

7604-filter-modifiers

19275-fixes-interface-bulk-edit

fix-17794-get_field_value_return_list

11507-show-aggregate-and-rir-on-api

9583-add_column_specific_search_field_to_tables

v4.5.0

v4.4.10

v4.4.9

v4.5.0-beta1

v4.4.8

v4.4.7

v4.4.6

v4.4.5

v4.4.4

v4.4.3

v4.4.2

v4.4.1

v4.4.0

v4.3.7

v4.4.0-beta1

v4.3.6

v4.3.5

v4.3.4

v4.3.3

v4.3.2

v4.3.1

v4.3.0

v4.2.9

v4.3.0-beta2

v4.2.8

v4.3.0-beta1

v4.2.7

v4.2.6

v4.2.5

v4.2.4

v4.2.3

v4.2.2

v4.2.1

v4.2.0

v4.1.11

v4.1.10

v4.1.9

v4.1.8

v4.2-beta1

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.11

v4.0.10

v4.0.9

v4.1-beta1

v4.0.8

v4.0.7

v4.0.6

v4.0.5

v4.0.3

v4.0.2

v4.0.1

v4.0.0

v3.7.8

v3.7.7

v4.0-beta2

v3.7.6

v3.7.5

v4.0-beta1

v3.7.4

v3.7.3

v3.7.2

v3.7.1

v3.7.0

v3.6.9

v3.6.8

v3.6.7

v3.7-beta1

v3.6.6

v3.6.5

v3.6.4

v3.6.3

v3.6.2

v3.6.1

v3.6.0

v3.5.9

v3.6-beta2

v3.5.8

v3.6-beta1

v3.5.7

v3.5.6

v3.5.5

v3.5.4

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.10

v3.4.9

v3.5-beta2

v3.4.8

v3.5-beta1

v3.4.7

v3.4.6

v3.4.5

v3.4.4

v3.4.3

v3.4.2

v3.4.1

v3.4.0

v3.3.10

v3.3.9

v3.4-beta1

v3.3.8

v3.3.7

v3.3.6

v3.3.5

v3.3.4

v3.3.3

v3.3.2

v3.3.1

v3.3.0

v3.2.9

v3.2.8

v3.3-beta2

v3.2.7

v3.3-beta1

v3.2.6

v3.2.5

v3.2.4

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.11

v3.1.10

v3.2-beta2

v3.1.9

v3.2-beta1

v3.1.8

v3.1.7

v3.1.6

v3.1.5

v3.1.4

v3.1.3

v3.1.2

v3.1.1

v3.1.0

v3.0.12

v3.0.11

v3.0.10

v3.1-beta1

v3.0.9

v3.0.8

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v2.11.12

v3.0-beta2

v2.11.11

v2.11.10

v3.0-beta1

v2.11.9

v2.11.8

v2.11.7

v2.11.6

v2.11.5

v2.11.4

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.10

v2.10.9

v2.11-beta1

v2.10.8

v2.10.7

v2.10.6

v2.10.5

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.11

v2.10-beta2

v2.9.10

v2.10-beta1

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.9-beta2

v2.8.9

v2.9-beta1

v2.8.8

v2.8.7

v2.8.6

v2.8.5

v2.8.4

v2.8.3

v2.8.2

v2.8.1

v2.8.0

v2.7.12

v2.7.11

v2.7.10

v2.7.9

v2.7.8

v2.7.7

v2.7.6

v2.7.5

v2.7.4

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.12

v2.6.11

v2.6.10

v2.6.9

v2.7-beta1

Solcon-2020-01-06

v2.6.8

v2.6.7

v2.6.6

v2.6.5

v2.6.4

v2.6.3

v2.6.2

v2.6.1

v2.6.0

v2.5.13

v2.5.12

v2.6-beta1

v2.5.11

v2.5.10

v2.5.9

v2.5.8

v2.5.7

v2.5.6

v2.5.5

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.4.9

v2.5-beta2

v2.4.8

v2.5-beta1

v2.4.7

v2.4.6

v2.4.5

v2.4.4

v2.4.3

v2.4.2

v2.4.1

v2.4.0

v2.3.7

v2.4-beta1

v2.3.6

v2.3.5

v2.3.4

v2.3.3

v2.3.2

v2.3.1

v2.3.0

v2.2.10

v2.3-beta2

v2.2.9

v2.3-beta1

v2.2.8

v2.2.7

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.6

v2.2-beta2

v2.1.5

v2.2-beta1

v2.1.4

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v2.0.10

v2.1-beta1

v2.0.9

v2.0.8

v2.0.7

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v2.0-beta3

v1.9.6

v1.9.5

v2.0-beta2

v1.9.4-r1

v1.9.3

v2.0-beta1

v1.9.2

v1.9.1

v1.9.0-r1

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.7.3

v1.7.2-r1

v1.7.1

v1.7.0

v1.6.3

v1.6.2-r1

v1.6.1-r1

1.6.1

v1.6.0

v1.5.2

v1.5.1

v1.5.0

v1.4.2

v1.4.1

v1.4.0

v1.3.2

v1.3.1

v1.3.0

v1.2.2

v1.2.1

v1.2.0

v1.1.0

v1.0.7-r1

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3-r1

v1.0.3

1.0.0

Labels

Clear labels

beta

breaking change

complexity: high

complexity: low

complexity: medium

needs milestone

netbox

pending closure

plugin candidate

pull-request

Mirrored from GitHub Pull Request

severity: high

severity: low

severity: medium

status: accepted

status: backlog

status: blocked

status: duplicate

status: needs owner

status: needs triage

status: revisions needed

status: under review

topic: GraphQL

topic: Internationalization

topic: OpenAPI

topic: UI/UX

topic: cabling

topic: event rules

topic: htmx navigation

topic: industrialization

topic: migrations

topic: plugins

topic: scripts

topic: templating

topic: testing

type: bug

type: deprecation

type: documentation

type: feature

type: housekeeping

type: translation

No Label type: bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/netbox#8595