Hi, If your project is using secrets in Zuul v3, please see the attached message to determine whether they may have been disclosed. OpenStack's Zuul is now running with the referenced fix in place, and we have verified that the secrets used in the project-config repo (eg, to upload logs and artifacts) were not subject to disclosure. -Jim -------------- next part -------------- An embedded message was scrubbed... From: <Tobias.Henkel at bmw.de> Subject: Zuul flaw in json logging Date: Wed, 14 Mar 2018 18:44:36 +0000 Size: 12190 URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180314/9970d0ca/attachment.mht>