forge dumps full private key out into the terminal if it can't parse it properly

[morelazers]

Component

Forge

Have you ensured that all of these are up to date?

• Foundry
• Foundryup

What version of Foundry are you on?

forge 0.2.0 (529559c 2023-11-13T00:19:35.957961000Z)

What command(s) is the bug in?

forge script etc.

Operating System

macOS (Apple Silicon)

Describe the bug

Would be nice if the private key was at least masked a little bit. I know there are probably times where it doesn't know what it's parsing, but when the env variable is called PRIVATE_KEY maybe there's a way.

[mattsse]

can you please give a bit more context?
ideally the sol code responsible for reading the env var?

[morelazers]

vm.startBroadcast(vm.envUint("PRIVATE_KEY"));

I realise now that this is a variable of my own naming. I got here because I couldn't figure out why forge script my/script.sol --broadcast -i wasn't asking for my private key to broadcast the transactions.