Summary

It would probably be better if ansible-config dump --only-changed etc would not print out the authentication token in full or at all, as it can be used to access restricted collection repos it would not be nice to accidentally leak it out when providing the output upon request or during a screenshare session or part of scripting. Seeing the some initial and trailing chars could be helpful to determine that the correct token is indeed in use but might be better to avoid printing out the full token.

Issue Type

Bug Report

Component Name

ansible-config

Ansible Version

Any

Configuration

Any

OS / Environment

Any

Steps to Reproduce

ansible-config dump --only-changed

Expected Results

No full authentication is displayed for everyone to see.

Actual Results

Full authentication token is displayed.

Code of Conduct

• I agree to follow the Ansible Code of Conduct