-
Notifications
You must be signed in to change notification settings - Fork 203
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What can PHP-VCR users do to prevent passwords being saved? #174
Comments
@RichardBradley thanks for you concern about it. Currently there is no PR opened for it, the specific time for new feature comes after we clean all current issues and opened PR's. Of course you can open a PR to fix that for us and then I'll gladly check it! Are you willing to do this? I you want you can make some kind of encryption on the files and decrypt them in the CI environment, but it won't make the tests run the same for the other developers. I can also imagine you have some kind of shared API keys between the team members in the project? Like a test API or some other way to allow people to develop into it. Those are the things I can think now, I hope you can find a way! |
A nice way to do it might be to "scrub" any variables from requests that are found in .env and replace them with references to that |
One way is to add listener for the VCR::getEventDispatcher()->addListener(VCREvents::VCR_BEFORE_RECORD, array($this, 'cleanRequest')); The
public function cleanRequest(Event $event, $eventName)
{
$request = $event->getRequest();
// Do something with the request, like remove headers
} Hope this helps. |
Here's a quick and dirty solution that works for my use cases. |
For anyone searching for this, I've got a PR #344 submitted. Reviews/comments welcome. |
My API passwords are being saved to the "cassette" files by PHP-VCR.
This is a big problem for me, as I'd like to use PHP-VCR to help automate my tests, but I don't want to commit my API passwords to my source control.
The PHP-VCR website says:
... but I can't see an open issue tracking the implementation of this feature.
Thanks
The text was updated successfully, but these errors were encountered: