Merged PR #707 - Fixes password leakage to terminal

Created a new JSON serializer called `UNSAFE_JSON` that will serialize everything, including sensitive information. And `JSON` which is the default up to this point now safely ignores any sensitive information in dictionaries marked with `!`, for instance `{"!password" : "mypassword"}` will be omitted from any output.

1 files changed, 7 insertions, 6 deletions

diff --git a/examples/guided.py b/examples/guided.py
index 73bf7712..f009d938 100644
--- a/examples/guided.py
+++ b/examples/guided.py
@@ -243,15 +243,16 @@ def perform_filesystem_operations():
 				fs.load_layout(archinstall.storage['disk_layouts'][drive.path])
 
 def perform_installation(mountpoint):
-	user_credentials = json.dumps({
+	user_credentials = {
 		"!users" : archinstall.arguments['!users'],
-		"!superusers" : archinstall.arguments['!users'],
-		"!root-password" : archinstall.arguments['!users'],
-		"!encryption-password" : archinstall.arguments['!encryption-password'],
-	}, indent=4, sort_keys=True, cls=archinstall.UNSAFE_JSON)
+		"!superusers" : archinstall.arguments['!superusers'],
+		"!root-password" : archinstall.arguments['!root-password'],
+	}
+	if archinstall.arguments.get('!encryption-password'):
+		user_credentials["!encryption-password"] = archinstall.arguments.get('!encryption-password')
 
 	with open("/var/log/archinstall/user_credentials.json", "w") as config_file:
-		config_file.write(user_credentials)
+		config_file.write(json.dumps(user_credentials, indent=4, sort_keys=True, cls=archinstall.UNSAFE_JSON))
 
 	"""
 	Performs the installation steps on a block device.