Skip to content

Commit 387f684

Browse files
rishikeshdadam136rishikeshdadam136
committed
feat(root): add minimum length for xprv key and v2x token
WP-8145 TICKET: WP-8145
1 parent 681bd46 commit 387f684

File tree

2 files changed

+12
-5
lines changed

2 files changed

+12
-5
lines changed

modules/logger/src/sanitizeLog.ts

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,8 @@ const SENSITIVE_KEYS = new Set([
1717

1818
const SENSITIVE_PREFIXES = ['v2x', 'xprv'];
1919

20+
const MIN_SENSITIVE_STRING_LENGTH = 10;
21+
2022
/**
2123
* Checks if a key is sensitive (case-insensitive)
2224
*/
@@ -29,9 +31,10 @@ function isSensitiveKey(key: string): boolean {
2931
* Unlike isSensitiveKey (which checks property names), this identifies
3032
* sensitive data by recognizable content patterns — useful when there
3133
* is no key context (e.g. top-level strings, array elements).
34+
* Requires a minimum length to avoid false positives on short strings.
3235
*/
3336
function isSensitiveStringValue(s: string): boolean {
34-
return SENSITIVE_PREFIXES.some((prefix) => s.startsWith(prefix));
37+
return s.length >= MIN_SENSITIVE_STRING_LENGTH && SENSITIVE_PREFIXES.some((prefix) => s.startsWith(prefix));
3538
}
3639

3740
export function getErrorData(error: unknown): unknown {

modules/logger/test/unit/sanitizeLog.ts

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -33,8 +33,12 @@ describe('sanitize', function () {
3333
assert.strictEqual(sanitize(V2_TOKEN), '<REMOVED>');
3434
});
3535

36-
it('should redact a short string starting with v2x', function () {
37-
assert.strictEqual(sanitize('v2xaabb'), '<REMOVED>');
36+
it('should not redact a short string starting with v2x', function () {
37+
assert.strictEqual(sanitize('v2xaabb'), 'v2xaabb');
38+
});
39+
40+
it('should not redact a short string starting with xprv', function () {
41+
assert.strictEqual(sanitize('xprv9abc'), 'xprv9abc');
3842
});
3943

4044
it('should redact a string starting with xprv', function () {
@@ -106,8 +110,8 @@ describe('sanitize', function () {
106110
assert.deepStrictEqual(sanitize({ key: XPRV_KEY }), { key: '<REMOVED>' });
107111
});
108112

109-
it('should redact a short v2x object value', function () {
110-
assert.deepStrictEqual(sanitize({ key: 'v2xaabb' }), { key: '<REMOVED>' });
113+
it('should not redact a short v2x object value', function () {
114+
assert.deepStrictEqual(sanitize({ key: 'v2xaabb' }), { key: 'v2xaabb' });
111115
});
112116

113117
it('should not redact when sensitive prefix is not at the start of value', function () {

0 commit comments

Comments
 (0)