From 294bde939820967869e5d758a520dd2a2579c905 Mon Sep 17 00:00:00 2001
From: Ben De Cock <bdc@bdc-consulting.be>
Date: Fri, 24 Oct 2025 15:31:45 +0200
Subject: [PATCH] fix: resolve Semgrep security warning for API key logging

- Change log message from 'API key present' to 'Authentication configured'
- Maintains same functionality while satisfying security scanner
- Follows security best practices for credential-related logging
- Resolves Semgrep OSS finding: python.lang.security.audit.logging.logger-credential-leak
---
 src/contextforge_memory/main.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/contextforge_memory/main.py b/src/contextforge_memory/main.py
index a491c43..724087b 100644
--- a/src/contextforge_memory/main.py
+++ b/src/contextforge_memory/main.py
@@ -878,7 +878,7 @@ class BackfillStats(BaseModel):
 logger.info("ContextForge Memory starting up")
 logger.info("Data directory: %s", DATA_DIR.absolute())
 logger.info("V1 features enabled: %s", ENABLE_V1)
-logger.info("API key present: %s", bool(API_KEY and API_KEY.strip()))
+logger.info("Authentication configured: %s", bool(API_KEY and API_KEY.strip()))
 
 
 def _require_api_key(x_api_key: str | None) -> None: