Jayson Reis
|
b9af601943
|
chore: Remove blocking read strings
|
2026-02-19 14:52:29 +08:00 |
|
Alex Gorevski
|
4a9fc9b6cc
|
fix(security): prevent cleartext logging of sensitive data
Address CodeQL rust/cleartext-logging alerts by breaking data-flow taint
chains from sensitive variables (api_key, credential, session_id, user_id)
to log/print sinks. Changes include:
- Replace tainted profile IDs in println! with untainted local variables
- Add redact() helper for safe logging of sensitive values
- Redact account identifiers in auth status output
- Rename session_id locals in memory backends to break name-based taint
- Rename user_id/user_id_hint in channels to break name-based taint
- Custom Debug impl for ComputerUseConfig to redact api_key field
- Break taint chain in provider credential factory via string reconstruction
- Remove client IP from gateway rate-limit log messages
- Break taint on auth token extraction and wizard credential flow
- Rename composio account ref variable to break name-based taint
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
|
2026-02-18 20:12:45 -08:00 |
|
Chummy
|
d42cb1e906
|
fix(auth): rebase PR #200 onto main and restore auth CLI flow
|
2026-02-18 12:57:44 +08:00 |
|
Codex
|
e8aa63822a
|
fix PR #200 review issues
|
2026-02-18 12:57:44 +08:00 |
|
Codex
|
39087a446d
|
Fix OpenAI Codex contract, SSE parsing, and default xhigh reasoning
|
2026-02-18 12:57:44 +08:00 |
|
Codex
|
007368d586
|
feat(auth): add subscription auth profiles and codex/claude flows
|
2026-02-18 12:57:44 +08:00 |
|