[JENKINS-59246] Password with cyrillic symbols and numbers not masked

<p>Hello,</p>

<p>I have pipeline job with maven release plugin configured.</p>

<p>Username and password are provided as String Parameter & Password Parameter respectively, password is configured to be masked.</p>

<p>When latin symbols and digits are used in password, it is masked correctly. E.g. in log, we see:</p>


```
mvn release:prepare release:perform -B -U -DreleaseVersion=1.2.3 -Dusername=<myusername> -Dpassword=********
```
<p>If password contains any cyrillic symbols and digits, the following is shown in build log:</p>


```
mvn release:prepare release:perform -B -U -DreleaseVersion=111.111.111 -Dusername=<myusername> -Dpassword=latin?????????123456

```
<p>Here, the actual password string was "latinКириллица123456"</p>

<p>Also, when release-plugin fails, it shows errors like this:</p>


```
fatal: Authentication failed for 'https://<login>:<pass>@<repoUrl>'
```
<p>So for latin & digits password, the <pass> is shown masked as ******, but for both latin, cyrillic & digits, it becomes like this:</p>


```
89%3F%3F%3F123456
```
<p>and one can see unmasked part of the password in this URL.</p>

<p>Could you please fix it?</p>

<p> </p>

---
<details><summary><i>Originally reported by <a href="https://issues.jenkins.io/secure/ViewProfile.jspa?name=prifiz">prifiz</a>, imported from: <a class="original-jira-link" href="https://issues.jenkins.io/browse/JENKINS-59246" target="_blank">Password with cyrillic symbols and numbers not masked</a></i></summary>
<i><ul>
<li><b>status</b>: Open
<li><b>priority</b>: Major
<li><b>component(s)</b>: mask-passwords-plugin
<li><b>resolution</b>: Unresolved
<li><b>votes</b>: 0
<li><b>watchers</b>: 1
<li><b>imported</b>: 20251216-225446
</ul></i>
<details><summary>Raw content of original issue</summary>

<pre>
<p>Hello,</p>

<p>I have pipeline job with maven release plugin configured.</p>

<p>Username and password are provided as String Parameter &amp; Password Parameter respectively, password is configured to be masked.</p>

<p>When latin symbols and digits are used in password, it is masked correctly. E.g. in log, we see:</p>
<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent">
<pre>mvn release:prepare release:perform -B -U -DreleaseVersion=1.2.3 -Dusername=&lt;myusername&gt; -Dpassword=********</pre>
</div></div>
<p>If password contains any cyrillic symbols and digits, the following is shown in build log:</p>
<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent">
<pre>mvn release:prepare release:perform -B -U -DreleaseVersion=111.111.111 -Dusername=&lt;myusername&gt; -Dpassword=latin?????????123456
</pre>
</div></div>
<p>Here, the actual password string was "latinКириллица123456"</p>

<p>Also, when release-plugin fails, it shows errors like this:</p>
<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent">
<pre>fatal: Authentication failed for 'https://&lt;login&gt;:&lt;pass&gt;@&lt;repoUrl&gt;'</pre>
</div></div>
<p>So for latin &amp; digits password, the &lt;pass&gt; is shown masked as ******, but for both latin, cyrillic &amp; digits, it becomes like this:</p>
<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent">
<pre>89%3F%3F%3F123456</pre>
</div></div>
<p>and one can see unmasked part of the password in this URL.</p>

<p>Could you please fix it?</p>

<p> </p></pre>
</details>
</details>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[JENKINS-59246] Password with cyrillic symbols and numbers not masked #160

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

[JENKINS-59246] Password with cyrillic symbols and numbers not masked #160

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions