@@ -18,13 +18,13 @@ repository on GitHub.
1818
1919* If Git information is included in the Open Test Reporting XML format (see below), any
2020 credentials that may be configured as part the `remote.origin.url` setting in Git were
21- written to the `originUrl` attribute of `<git:repository>` elements. For example, when
22- cloning a GitHub repository using a URL like
23- `https://username:password@github.com/organization/repository.git` both username and
24- password were included in the XML report. Since this report may be shared, published, or
25- archived (for example, on a CI server) while including this information , this was
26- reported as a potential security vulnerability (CVE-2025-53103). Any credentials are now
27- being replaced with `\***` before writing them to the XML report.
21+ previously written to the `originUrl` attribute of `<git:repository>` elements. For
22+ example, when cloning a GitHub repository using a URL like
23+ `https://username:password@github.com/organization/repository.git`, both username and
24+ password were included in the XML report. Since a report which includes this information
25+ may be shared, published, or archived (for example, on a CI server), this was reported
26+ as a potential security vulnerability (CVE-2025-53103). Any credentials are now replaced
27+ with `\***` before writing them to the XML report.
2828
2929[[release-notes-5.13.2-junit-platform-deprecations-and-breaking-changes]]
3030==== Deprecations and Breaking Changes
0 commit comments