Disable inferring credentials from environment variables #12155
Labels
core:config
Related to config capabilities and presets
status:requirements
Full requirements are not yet known, so implementation should not be started
type:feature
Feature (new functionality)
Comments
fgreinacher
added
priority-5-triage
status:requirements
|
Maybe model it on https://docs.renovatebot.com/self-hosted-configuration/#detectglobalmanagerconfig ? Instead of it being in the "env parsing" logic (which would mean you could only disable it with another env variable) it instead could be performed as a secondary step after basic config parsing is done. Could also be named similarly: detectHostRulesFromEnv Finally, maybe we should do another major version bump and default it to disabled |
|
Yeah, i like that idea. As I know the current feature i always need to think about how to pass credentials via env which don't trigger this automatic parsing. 😉 |
6 tasks
6 tasks
Merged
|
🎉 This issue has been resolved in version 29.0.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
(Originally discussed at #12118)
What would you like Renovate to be able to do?
I don't want Renovate to guess credentials from my environment variables so that I have full control over which credentials are presented to which registry.
If you have any ideas on how this should be implemented, please tell us here.
I'd like to have a configuration option to disable this behavior. Maybe
inferCredentialsFromEnv?Is this a feature you are interested in implementing yourself?
Yes
The text was updated successfully, but these errors were encountered: