Credentials that appear URL-encoded in logs are not masked

I erased the actual password but it's in plaintext anyone who can push to a repo that has git in its pipelines can read any secured fields like this.

EDIT: The password in question had a space in it, and the space was converted to %20. But that's really close to the original password.

Also it didn't work, probably because of the %20.