fix(tess): redact chat persistence and egress (#725)
Some checks failed
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was canceled

This commit was merged in pull request #725.
This commit is contained in:
2026-07-13 01:14:16 +00:00
parent 9a8a572fcf
commit 7b9f40d3b7
7 changed files with 426 additions and 26 deletions

View File

@@ -10,3 +10,8 @@ export {
type LogQuery,
} from './agent-logs.js';
export { registerLogCommand } from './cli.js';
export {
redactSensitiveContent,
type RedactionResult,
type SensitiveClassification,
} from './redaction.js';

View File

@@ -0,0 +1,25 @@
import { describe, expect, it } from 'vitest';
import { redactSensitiveContent } from './redaction.js';
describe('redactSensitiveContent', (): void => {
it('redacts seeded secret and PII canaries before persistence or egress', (): void => {
const result = redactSensitiveContent(
'email canary@example.test token=sk_CANARY12345678 phone +1 555 555 1212',
);
expect(result.content).not.toContain('canary@example.test');
expect(result.content).not.toContain('sk_CANARY12345678');
expect(result.content).not.toContain('+1 555 555 1212');
expect(result.classifications).toEqual(['secret', 'pii']);
});
it('redacts common provider credential formats', (): void => {
const result = redactSensitiveContent(
'Authorization: Bearer canary.bearer.token jwt eyJcanary.eyJpayload.eyJsignature aws AKIACANARY1234567890',
);
expect(result.content).not.toContain('canary.bearer.token');
expect(result.content).not.toContain('eyJcanary.eyJpayload.eyJsignature');
expect(result.content).not.toContain('AKIACANARY1234567890');
expect(result.classifications).toEqual(['secret']);
});
});

View File

@@ -0,0 +1,40 @@
export type SensitiveClassification = 'secret' | 'pii';
export interface RedactionResult {
content: string;
classifications: SensitiveClassification[];
}
const SECRET_PATTERNS: RegExp[] = [
/\b(?:sk|ghp|gitea)_[A-Za-z0-9_-]{8,}\b/g,
/\b(?:api[_-]?key|token|password|secret)\s*[:=]\s*[^\s,;]+/gi,
/\b(?:authorization\s*:\s*)?bearer\s+[A-Za-z0-9._~+/-]+=*/gi,
/\beyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\b/g,
/\b(?:AKIA|ASIA)[A-Z0-9]{16}\b/g,
/-----BEGIN(?: [A-Z]+)* KEY-----[\s\S]*?-----END(?: [A-Z]+)* KEY-----/g,
/https?:\/\/[^\s?#]+[^\s]*[?&](?:token|key|secret|signature|sig)=[^\s&#]+/gi,
];
const PII_PATTERNS: RegExp[] = [
/\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b/gi,
/\b\+?\d[\d(). -]{7,}\d\b/g,
];
export function redactSensitiveContent(content: string): RedactionResult {
let redacted = content;
const classifications: SensitiveClassification[] = [];
for (const pattern of SECRET_PATTERNS) {
if (pattern.test(redacted)) {
classifications.push('secret');
redacted = redacted.replace(pattern, '[REDACTED_SECRET]');
}
pattern.lastIndex = 0;
}
for (const pattern of PII_PATTERNS) {
if (pattern.test(redacted)) {
classifications.push('pii');
redacted = redacted.replace(pattern, '[REDACTED_PII]');
}
pattern.lastIndex = 0;
}
return { content: redacted, classifications: [...new Set(classifications)] };
}