fix(runtime): sanitize provider error output
This commit is contained in:
parent
0e8ccf2905
commit
eb99baee23
2 changed files with 11 additions and 10 deletions
|
|
@ -57,11 +57,11 @@ function sanitizeRuntimeProviderIpcErrorMessage(message: string): string {
|
|||
.replace(/\b(or-[A-Za-z0-9_-]{12,})\b/g, 'or-...redacted')
|
||||
.replace(/\b(AIza[A-Za-z0-9_-]{20,})\b/g, 'AIza...redacted')
|
||||
.replace(
|
||||
/\b([A-Za-z0-9_.-]*(?:api[_-]?key|access[_-]?token|auth[_-]?token|token|secret|password|[_-]key)["'\s:=]+)([A-Za-z0-9._~+/=_-]{12,})/gi,
|
||||
/\b([a-z0-9_.-]*(?:api[-_]?key|(?:access|auth)[-_]?token|token|secret|password|[-_]key)["'\s:=]+)([a-z0-9._~+/=-]{12,})/gi,
|
||||
'$1...redacted'
|
||||
)
|
||||
.replace(/\b(key["'\s:=]+)([A-Za-z0-9._~+/=_-]{12,})/gi, '$1...redacted')
|
||||
.replace(/\b(bearer\s+)([A-Za-z0-9._~+/=_-]{12,})/gi, '$1...redacted')
|
||||
.replace(/\b(key["'\s:=]+)([a-z0-9._~+/=-]{12,})/gi, '$1...redacted')
|
||||
.replace(/\b(bearer\s+)([a-z0-9._~+/=-]{12,})/gi, '$1...redacted')
|
||||
.trim();
|
||||
return truncateRuntimeProviderIpcErrorDetail(sanitized);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -118,18 +118,19 @@ function sanitizeRuntimeProviderResponse<T extends RuntimeProviderManagementErro
|
|||
response: T
|
||||
): T {
|
||||
const sanitizedResponse = sanitizeRuntimeProviderOutputValue(response) as T;
|
||||
if (sanitizedResponse.error === null) {
|
||||
const sanitizedError = (sanitizedResponse as { error?: unknown }).error;
|
||||
if (sanitizedError === null) {
|
||||
const responseWithoutNullError = { ...sanitizedResponse };
|
||||
delete (responseWithoutNullError as { error?: unknown }).error;
|
||||
return responseWithoutNullError as T;
|
||||
return responseWithoutNullError;
|
||||
}
|
||||
if (!sanitizedResponse.error) {
|
||||
if (!sanitizedError) {
|
||||
return sanitizedResponse;
|
||||
}
|
||||
|
||||
return {
|
||||
...sanitizedResponse,
|
||||
error: sanitizeRuntimeProviderError(sanitizedResponse.error),
|
||||
error: sanitizeRuntimeProviderError(sanitizedError),
|
||||
};
|
||||
}
|
||||
|
||||
|
|
@ -409,11 +410,11 @@ function redactSensitiveText(value: string): string {
|
|||
.replace(/\b(or-[A-Za-z0-9_-]{12,})\b/g, 'or-...redacted')
|
||||
.replace(/\b(AIza[A-Za-z0-9_-]{20,})\b/g, 'AIza...redacted')
|
||||
.replace(
|
||||
/\b([A-Za-z0-9_.-]*(?:api[_-]?key|access[_-]?token|auth[_-]?token|token|secret|password|[_-]key)["'\s:=]+)([A-Za-z0-9._~+/=_-]{12,})/gi,
|
||||
/\b([a-z0-9_.-]*(?:api[-_]?key|(?:access|auth)[-_]?token|token|secret|password|[-_]key)["'\s:=]+)([a-z0-9._~+/=-]{12,})/gi,
|
||||
'$1...redacted'
|
||||
)
|
||||
.replace(/\b(key["'\s:=]+)([A-Za-z0-9._~+/=_-]{12,})/gi, '$1...redacted')
|
||||
.replace(/\b(bearer\s+)([A-Za-z0-9._~+/=_-]{12,})/gi, '$1...redacted');
|
||||
.replace(/\b(key["'\s:=]+)([a-z0-9._~+/=-]{12,})/gi, '$1...redacted')
|
||||
.replace(/\b(bearer\s+)([a-z0-9._~+/=-]{12,})/gi, '$1...redacted');
|
||||
}
|
||||
|
||||
function formatCommandForDisplay(context: RuntimeProviderCommandContext): string {
|
||||
|
|
|
|||
Loading…
Reference in a new issue