We put placeholder values for passwords in config files, and then override the config with environment variables. In the admin UI though, Config Override Warn then puts the old and new password values in plaintext at the top of the form.
Override a password field stored in config, and then visit the admin UI page for that password field.
Note that a password field has been overridden, but don't display the old or new values. There's no indication in config that something is a password field, so I'd guess it would have to check to see if the form is built using an input of type password.
Active
1.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
@Nikit
Yes that's a problem. It would be nice to just control something for password values.
Already implemented there is a config to hide very value. As long there is no settings form for that we also can use settings.php for this:
$config['config_override_warn.settings']['show_values'] = FALSE;