mirror of
https://github.com/opentffoundation/opentf.git
synced 2025-12-23 20:02:34 -05:00
e389a7f2fa
By design the "-raw" option to "tofu output" writes the literal output value directly to stdout without any quoting or escaping, and so it's risky to use it with an output value that could be controlled by an attacker when stdout is a terminal. This risk is inherent in the purpose of this option and is part of the reason why this is not the default behavior (OpenTofu returns a quoted representation of an output string by default) so here we just make that risk explicit in the documentation, in the hope that operators will use this operation mindfully. Signed-off-by: Martin Atkins <mart@degeneration.co.uk>