fix: Added redactDatabaseUrl() utility that masks username/password with *** before logging (#24)

[jiashengguo]

Summary by CodeRabbit

• Chores

  • Released version 0.2.6 with an upgraded @prisma/adapter-better-sqlite3 dependency to improve SQLite adapter functionality and compatibility.

• Bug Fixes

  • Enhanced database connection logging by automatically redacting and masking sensitive credentials in database URLs, preventing potential accidental exposure of authentication information in application logs.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Version bump to 0.2.6 with upgraded Prisma SQLite adapter dependency. Added a credential masking helper function to sanitize database URLs in logging output for PostgreSQL and MySQL connections, removing GeneratorConfig import as part of refactoring.

Changes

Cohort / File(s)	Summary
Dependency management package.json	Version bumped from 0.2.5 to 0.2.6; @prisma/adapter-better-sqlite3 upgraded from ^6.2.1 to ^7.3.0
Security enhancement src/server.ts	Added redactDatabaseUrl(url) helper function to mask credentials; updated PostgreSQL and MySQL/MariaDB connection logging to use sanitized URLs; removed unused GeneratorConfig import

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• fix: Added redactDatabaseUrl() utility that masks username/password before logging #24: Directly related—applies identical redactDatabaseUrl masking pattern to database URL logging in src/server.ts and bumps the same Prisma adapter dependency.

Poem

🐰 A helper hops in, credential-shy,
Masking passwords, no more secrets fly,
URLs now scrubbed for logs so clean,
The safest database this rabbit's seen! 🔐

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding a redactDatabaseUrl() utility function to mask credentials before logging, which is reflected in both file summaries.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR adds a security improvement by implementing credential redaction in database connection URLs before they are logged to the console. The changes also include a version bump and dependency updates.

Changes:

• Added redactDatabaseUrl() utility function that masks username and password with *** in database URLs before logging
• Applied the redaction function to PostgreSQL and MySQL database connection logging
• Removed unused GeneratorConfig import from server.ts
• Bumped package version from 0.2.5 to 0.2.6
• Updated @prisma/adapter-better-sqlite3 from v6.2.1 to v7.3.0 with transitive dependency updates

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.

File	Description
src/server.ts	Implemented redactDatabaseUrl() function and applied it to PostgreSQL and MySQL connection logging; removed unused import
package.json	Updated package version to 0.2.6 and bumped @prisma/adapter-better-sqlite3 to v7.3.0
pnpm-lock.yaml	Updated lock file to reflect new dependency versions and transitive dependencies

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@package.json`:
- Around line 27-29: The package versions for Prisma adapters are inconsistent:
`@prisma/adapter-better-sqlite3` and `@prisma/adapter-mariadb` are at ^7.3.0 while
`@prisma/adapter-pg` is at ^6.18.0; update the `@prisma/adapter-pg` dependency in
package.json to ^7.3.0 to align all three adapters
(`@prisma/adapter-better-sqlite3`, `@prisma/adapter-mariadb`, `@prisma/adapter-pg`),
then regenerate the lockfile (npm/yarn/pnpm install) to ensure a consistent
dependency tree.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check latest versions of Prisma adapters
echo "=== Latest versions on npm registry ==="
for adapter in "adapter-pg" "adapter-better-sqlite3" "adapter-mariadb"; do
  echo "Checking `@prisma/`$adapter..."
  curl -s "https://registry.npmjs.org/@prisma/$adapter" | jq -r '.["dist-tags"] | {latest, next}' 2>/dev/null || echo "Failed to fetch"
done

Repository: zenstackhq/proxy

Length of output: 329

---

🏁 Script executed:

#!/bin/bash
# Also check if there are any version constraint issues by looking at package.json and package-lock.json
echo "=== Checking package.json structure ==="
head -50 package.json
echo "..."
grep -A 5 "@prisma/adapter" package.json

Repository: zenstackhq/proxy

Length of output: 1795

---

🏁 Script executed:

#!/bin/bash
# Check prisma version in package.json
echo "=== Prisma related dependencies ==="
grep -E '"@prisma|"prisma' package.json

Repository: zenstackhq/proxy

Length of output: 221

---

🏁 Script executed:

#!/bin/bash
# Search for any comments or issues about adapter versions in the codebase
echo "=== Searching for adapter version related comments ==="
rg -i "adapter-pg|adapter-pg.*version|prisma.*version" --type-list | head -20
rg -i "adapter.*version|prisma.*compat" -A 2 -B 2 2>/dev/null | head -40

Repository: zenstackhq/proxy

Length of output: 521

---

🏁 Script executed:

#!/bin/bash
# Check if adapter-pg v6 is intentionally constrained or just overlooked
echo "=== Checking how adapters are used in code ==="
fd -e ts -e js | xargs rg "adapter-pg|adapter-better-sqlite3|adapter-mariadb" 2>/dev/null | head -20

Repository: zenstackhq/proxy

Length of output: 742

---

🏁 Script executed:

#!/bin/bash
# Check `@zenstackhq/server` which likely contains Prisma
grep -A 2 -B 2 "@zenstackhq/server" package.json

Repository: zenstackhq/proxy

Length of output: 225

---

Update Prisma adapters to consistent versions.

The @prisma/adapter-pg is on ^6.18.0 while @prisma/adapter-better-sqlite3 and @prisma/adapter-mariadb are on ^7.x. Since all three adapters are actively used in the codebase and the latest available version for all of them is 7.3.0, they should be aligned to ^7.3.0 to avoid potential compatibility issues across the adapter layer.

🤖 Prompt for AI Agents

In `@package.json` around lines 27 - 29, The package versions for Prisma adapters
are inconsistent: `@prisma/adapter-better-sqlite3` and `@prisma/adapter-mariadb` are
at ^7.3.0 while `@prisma/adapter-pg` is at ^6.18.0; update the `@prisma/adapter-pg`
dependency in package.json to ^7.3.0 to align all three adapters
(`@prisma/adapter-better-sqlite3`, `@prisma/adapter-mariadb`, `@prisma/adapter-pg`),
then regenerate the lockfile (npm/yarn/pnpm install) to ensure a consistent
dependency tree.