paulononato/backstage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Ensure redaction of secrets that have accidental extra whitespace around them

Browse Source 
Signed-off-by: Fredrik Adelöw <freben@gmail.com>
This commit is contained in:
Fredrik Adelöw
2023-11-27 13:19:10 +01:00
parent 471218f630
commit 1da5f434f3
3 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.changeset/hungry-buckets-compare.md
+5
View File
@@ -0,0 +1,5 @@
---
'@backstage/backend-app-api': patch
---
Ensure redaction of secrets that have accidental extra whitespace around them
packages/backend-app-api/src/logging/WinstonLogger.test.ts
+1 -1
View File
@@ -30,7 +30,7 @@ describe('WinstonLogger', () => {
stack: 'hello (world) from this file',
};
expect(redacter.format.transform(msg(log))).toEqual(msg(log));
redacter.add(['hello']);
redacter.add(['hello\n']);
expect(redacter.format.transform(msg(log))).toEqual(
msg({
...log,
packages/backend-app-api/src/logging/WinstonLogger.ts
+5 -1
View File
@@ -89,7 +89,11 @@ export class WinstonLogger implements RootLoggerService {
})(),
add(newRedactions) {
let added = 0;
for (const redaction of newRedactions) {
for (const redactionToTrim of newRedactions) {
// Trimming the string ensures that we don't accdentally get extra
// newlines or other whitespace interfering with the redaction; this
// can happen for example when using string literals in yaml
const redaction = redactionToTrim.trim();
// Exclude secrets that are empty or just one character in length. These
// typically mean that you are running local dev or tests, or using the
// --lax flag which sets things to just 'x'.