What i see is that some projects contains these asterisk as well, on places that aren’t sensitive. For instance as part of an URL, where a word in the URL is marked sensitive.
But on another project the above isn’t the case.
It almost looks random. Like some sort of algorithm is trying to detect sensitive data and marking them, but not doing an awesome job at that
Is it possible that the word webdav exists within a sensitive variable value or certificate password somewhere within this project? The reason I ask is that the task log will censor every occurrence of a word if that word exists within any sensitive variables.
e.g. I created a sensitive variable with a value of “package” and then ran a `write-host “Testing the word package” and it becomes censored.
This behaviour is by design as it allows us to protect against accidental leaking of sensitive variables within logs without introducing the additional overhead of additional logic to check whether the log output is actually a sensitive value or merely a word that matches the sensitive value.