ContextQMD
Back to N8n

Credential Password Field

packages/@n8n/eslint-plugin-community-nodes/docs/rules/credential-password-field.md

1.37.21.2 KB
Original Source

Ensure credential fields with sensitive names have typeOptions.password = true (@n8n/community-nodes/credential-password-field)

šŸ’¼ This rule is enabled in the following configs: āœ… recommended, ā˜‘ļø recommendedWithoutN8nCloudSupport.

šŸ”§ This rule is automatically fixable by the --fix CLI option.

<!-- end auto-generated rule header -->

Rule Details

Ensures that credential fields with names like "password", "secret", "token", or "key" are properly masked in the UI by having typeOptions.password = true.

Examples

āŒ Incorrect

typescript
export class MyApiCredential implements ICredentialType {
  properties: INodeProperties[] = [
    {
      displayName: 'API Key',
      name: 'apiKey',
      type: 'string',
      default: '',
      // Missing typeOptions.password
    },
  ];
}

āœ… Correct

typescript
export class MyApiCredential implements ICredentialType {
  properties: INodeProperties[] = [
    {
      displayName: 'API Key',
      name: 'apiKey',
      type: 'string',
      typeOptions: { password: true },
      default: '',
    },
  ];
}