liamstask / goose / issues / #57 - Issue with os.ExpandEnv — Bitbucket

Issue #57 open

Jamie Stackhouse created an issue 2015-09-21

User names or passwords or really any value that includes a $ sign inside of a value will cause this to break.

I feel that a different token would prevent this from occurring.

Comments (3)

Parker M
- changed status to open
I feel that a different token would prevent this from occurring.

Are you saying that using ExpandEnv should use a different token to indicate a variable? This may just need to be documented more clearly.
- 2015-11-17T00:43:41+00:00
Jamie Stackhouse reporter
I think that it should be a different value that is harder to happen in a automatically generated password. Something like ${ENV_VAR}.

If you don't want to change it, at least documentation that $ is a reserved character in the password. This was a nasty bug for us that ate an hour because we thought it was the firewalls from our server to the client, or the SSH tunnel etc.. there were a lot of other options before we realized that only half the password was being sent.
- 2015-11-17T01:11:20+00:00
Parker M
I think that it should be a different value that is harder to happen in a automatically generated password. Something like ${ENV_VAR}.

Unfortunately, we can't specify that per the Golang os.ExpandEnv documentation: https://godoc.org/os#ExpandEnv While it does support ${ENV_VAR}, it also supports $ENV_VAR. I think documenting it would fix the issue. Would you be willing to submit a pull request to add that documentation?
- 2015-11-17T23:12:55+00:00
Log in to comment

Assignee: –

Type: bug

Priority: major

Status: open

Votes: 0

Watchers: 2

Jira: the preferred issue tracker for Bitbucket. Join the team!