ansible_base.lib.utils.models.diff takes a param called sanitize_encrypted which was meant to be a way to allow the function to return raw values for encrypted fields instead of returning the ENCRYPTED_STRING constant.
The code doesn't make use of this param, though (it always returns ENCRYPTED_STRING for encrypted fields). Either it should, or the param should be dropped.
Also the :return: docstring still says the function returns a dictionary; it doesn't, it returns a ModelDiff (defined directly above the function).
ansible_base.lib.utils.models.difftakes a param calledsanitize_encryptedwhich was meant to be a way to allow the function to return raw values for encrypted fields instead of returning theENCRYPTED_STRINGconstant.The code doesn't make use of this param, though (it always returns
ENCRYPTED_STRINGfor encrypted fields). Either it should, or the param should be dropped.Also the
:return:docstring still says the function returns a dictionary; it doesn't, it returns aModelDiff(defined directly above the function).