func processWith(ctx context.Context, c *Config) error is leaking the secret content when it fails to validate it.
Would it be possible to remove the val from here?
A quick fix could be:
return fmt.Errorf("%s: %w", tf.Name, err)
This is disclosing the secret when logging the error of the validation.
func processWith(ctx context.Context, c *Config) erroris leaking the secret content when it fails to validate it.Would it be possible to remove the
valfrom here?A quick fix could be:
return fmt.Errorf("%s: %w", tf.Name, err)This is disclosing the secret when logging the error of the validation.