The JSON export of "System Info" (see link "Download") must not contain sensitive data in the section "Settings".
It must exclude:
- the settings defined in sonar.properties. Note that JDBC information are still available in the section "Database"
Values of following properties must be replaced by "********" :
- the settings for which the key is suffixed by ".secured"
- passwords (property with type PASSWORD)
- the settings for which the key contains "password" or "passcode" (insensitive checks)