[keycloak-dev] Jenkins discloses email list on notifications
Konstantin Gribov
grossws at gmail.com
Fri Oct 21 07:06:31 EDT 2016
Hi, folks.
Jenkins should use BCC instead of To for sending mass emails to avoid
emails disclosure. I'd say that it's not a big issue: these emails are
present in somewhere in commit history or interacted with Keycloak
development some way with high probability. But it's still not a good style
of mass email notifications.
RedHat guys, could you please bring this issue to attention of your infra
team which manages Jenkins?
--
Best regards,
Konstantin Gribov
More information about the keycloak-dev
mailing list