Skip to content

feat(controller): redact secrets in log API responses#152

Open
OnlyTerp wants to merge 1 commit into
sybil-solutions:mainfrom
OnlyTerp:terp/wp-007-log-redaction
Open

feat(controller): redact secrets in log API responses#152
OnlyTerp wants to merge 1 commit into
sybil-solutions:mainfrom
OnlyTerp:terp/wp-007-log-redaction

Conversation

@OnlyTerp

@OnlyTerp OnlyTerp commented Jun 21, 2026

Copy link
Copy Markdown

Summary

  • Adds controller/src/core/log-redaction.ts with conservative patterns for bearer tokens, API keys, HF/OpenAI/Anthropic env tokens, generic *_API_KEY/*_TOKEN, JSON-ish secret pairs, CLI flag secrets, and URL query secrets.
  • Applies redaction only at GET /logs/:sessionId and GET /logs/:sessionId/stream response boundaries.
  • Preserves raw log files on disk; no UI, logger-format, or metrics-parsing changes.
  • Complements fix(core/http): filter sensitive data from logs and allow unauthenticated health checks #85 by redacting log content as it crosses API/SSE response boundaries rather than changing controller log-file writes.

Verification

  • bun test tests/controller/integration/log-redaction.test.ts — 14 pass, 0 fail
  • npm --prefix controller run typecheck
  • npm --prefix controller run lint

Known upstream check

  • npm run check:contracts currently fails on current main with duplicate AggregatedSession exports in frontend/src/app/api/agent/sessions/all/route.ts and frontend/src/features/agent/session-contracts.ts; this PR does not touch those files.

Notes / Non-goals

  • No UI redesign or WP-001 error-card/deep-link work.
  • No mutation of raw disk logs or controller logger format.
  • No change to llama.cpp/vLLM metrics parsing.

feat(controller): redact secrets and tokens in API/SSE log responses
19369e2 
- Add controller/src/core/log-redaction.ts with conservative patterns for
  Authorization/Bearer headers, X-Api-Key, env-style API keys/tokens,
  JSON-ish secret pairs, CLI flag secrets, and URL query params.
- Apply redaction only at GET /logs/:sessionId and /logs/:sessionId/stream
  output boundaries; preserve raw log files on disk.
- Add tests/controller/integration/log-redaction.test.ts covering all patterns
  and a route-level check that raw files are unchanged.
- No UI changes, no logger format rewrite, no metrics parsing changes.
@OnlyTerp OnlyTerp requested a review from 0xSero as a code owner June 21, 2026 19:53
This was referenced Jun 22, 2026
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@0xSero 0xSero Awaiting requested review from 0xSero 0xSero is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@OnlyTerp