paperclip/server/src/redaction.ts

const SECRET_PAYLOAD_KEY_RE =
  /(api[-_]?key|access[-_]?token|auth(?:_?token)?|authorization|bearer|secret|passwd|password|credential|jwt|private[-_]?key|cookie|connectionstring)/i;
const JWT_VALUE_RE = /^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+(?:\.[A-Za-z0-9_-]+)?$/;
const JWT_TEXT_RE = /\b[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{8,}(?:\.[A-Za-z0-9_-]{8,})?\b/g;
const OPENAI_KEY_TEXT_RE = /\bsk-[A-Za-z0-9_-]{12,}\b/g;
const GITHUB_TOKEN_TEXT_RE = /\bgh[pousr]_[A-Za-z0-9_]{20,}\b/g;
const AUTHORIZATION_BEARER_TEXT_RE = /(\bAuthorization\s*:\s*Bearer\s+)[^\s"'`]+/gi;
const ENV_SECRET_ASSIGNMENT_TEXT_RE =
  /(\b[A-Za-z0-9_]*(?:TOKEN|KEY|SECRET|PASSWORD|PASSWD|AUTHORIZATION|JWT)[A-Za-z0-9_]*\s*=\s*)[^\s"'`]+/gi;
const JSON_SECRET_FIELD_TEXT_RE =
  /((?:"|')?(?:api[-_]?key|access[-_]?token|auth(?:_?token)?|authorization|bearer|secret|passwd|password|credential|jwt|private[-_]?key|cookie|connectionstring)(?:"|')?\s*:\s*(?:"|'))[^"'`\r\n]+((?:"|'))/gi;
const ESCAPED_JSON_SECRET_FIELD_TEXT_RE =
  /((?:\\")?(?:api[-_]?key|access[-_]?token|auth(?:_?token)?|authorization|bearer|secret|passwd|password|credential|jwt|private[-_]?key|cookie|connectionstring)(?:\\")?\s*:\s*(?:\\"))[^\\\r\n]+((?:\\"))/gi;
export const REDACTED_EVENT_VALUE = "***REDACTED***";

function isPlainObject(value: unknown): value is Record<string, unknown> {
  if (typeof value !== "object" || value === null || Array.isArray(value)) return false;
  const proto = Object.getPrototypeOf(value);
  return proto === Object.prototype || proto === null;
}

function sanitizeValue(value: unknown): unknown {
  if (value === null || value === undefined) return value;
  if (Array.isArray(value)) return value.map(sanitizeValue);
  if (isSecretRefBinding(value)) return value;
  if (isPlainBinding(value)) return { type: "plain", value: sanitizeValue(value.value) };
  if (!isPlainObject(value)) return value;
  return sanitizeRecord(value);
}

function isSecretRefBinding(value: unknown): value is { type: "secret_ref"; secretId: string; version?: unknown } {
  if (!isPlainObject(value)) return false;
  return value.type === "secret_ref" && typeof value.secretId === "string";
}

function isPlainBinding(value: unknown): value is { type: "plain"; value: unknown } {
  if (!isPlainObject(value)) return false;
  return value.type === "plain" && "value" in value;
}

export function sanitizeRecord(record: Record<string, unknown>): Record<string, unknown> {
  const redacted: Record<string, unknown> = {};
  for (const [key, value] of Object.entries(record)) {
    if (SECRET_PAYLOAD_KEY_RE.test(key)) {
      if (isSecretRefBinding(value)) {
        redacted[key] = sanitizeValue(value);
        continue;
      }
      if (isPlainBinding(value)) {
        redacted[key] = { type: "plain", value: REDACTED_EVENT_VALUE };
        continue;
      }
      redacted[key] = REDACTED_EVENT_VALUE;
      continue;
    }
    if (typeof value === "string" && JWT_VALUE_RE.test(value)) {
      redacted[key] = REDACTED_EVENT_VALUE;
      continue;
    }
    redacted[key] = sanitizeValue(value);
  }
  return redacted;
}

export function redactEventPayload(payload: Record<string, unknown> | null): Record<string, unknown> | null {
  if (!payload) return null;
  if (!isPlainObject(payload)) return payload;
  return sanitizeRecord(payload);
}

export function redactSensitiveText(input: string): string {
  return input
    .replace(AUTHORIZATION_BEARER_TEXT_RE, `$1${REDACTED_EVENT_VALUE}`)
    .replace(JSON_SECRET_FIELD_TEXT_RE, `$1${REDACTED_EVENT_VALUE}$2`)
    .replace(ESCAPED_JSON_SECRET_FIELD_TEXT_RE, `$1${REDACTED_EVENT_VALUE}$2`)
    .replace(ENV_SECRET_ASSIGNMENT_TEXT_RE, `$1${REDACTED_EVENT_VALUE}`)
    .replace(OPENAI_KEY_TEXT_RE, REDACTED_EVENT_VALUE)
    .replace(GITHUB_TOKEN_TEXT_RE, REDACTED_EVENT_VALUE)
    .replace(JWT_TEXT_RE, REDACTED_EVENT_VALUE);
}
Implement secrets service with local encryption, redaction, and runtime resolution Add AES-256-GCM local encrypted secrets provider with auto-generated master key, stub providers for AWS/GCP/Vault, and a secrets service that normalizes adapter configs (converting sensitive inline values to secret refs in strict mode) and resolves secret refs back to plain values at runtime. Extract redaction utilities from agent routes into shared module. Redact sensitive values in activity logs, config revisions, and approval payloads. Block rollback of revisions containing redacted secrets. Filter hidden issues from list queries. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-19 15:43:52 -06:00			`const SECRET_PAYLOAD_KEY_RE =`
			`/(api[-_]?key\|access[-_]?token\|auth(?:_?token)?\|authorization\|bearer\|secret\|passwd\|password\|credential\|jwt\|private[-_]?key\|cookie\|connectionstring)/i;`
			`const JWT_VALUE_RE = /^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+(?:\.[A-Za-z0-9_-]+)?$/;`
[codex] Add runtime lifecycle recovery and live issue visibility (#4419) 2026-04-24 15:50:32 -05:00			`const JWT_TEXT_RE = /\b[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{8,}(?:\.[A-Za-z0-9_-]{8,})?\b/g;`
			`const OPENAI_KEY_TEXT_RE = /\bsk-[A-Za-z0-9_-]{12,}\b/g;`
			`const GITHUB_TOKEN_TEXT_RE = /\bgh[pousr]_[A-Za-z0-9_]{20,}\b/g;`
			const AUTHORIZATION_BEARER_TEXT_RE = /(\bAuthorization\s:\sBearer\s+)[^\s"'`]+/gi;
			`const ENV_SECRET_ASSIGNMENT_TEXT_RE =`
			/(\b[A-Za-z0-9_](?:TOKEN\|KEY\|SECRET\|PASSWORD\|PASSWD\|AUTHORIZATION\|JWT)[A-Za-z0-9_]\s=\s)[^\s"'`]+/gi;
			`const JSON_SECRET_FIELD_TEXT_RE =`
			/((?:"\|')?(?:api[-_]?key\|access[-_]?token\|auth(?:_?token)?\|authorization\|bearer\|secret\|passwd\|password\|credential\|jwt\|private[-_]?key\|cookie\|connectionstring)(?:"\|')?\s:\s(?:"\|'))[^"'`\r\n]+((?:"\|'))/gi;
			`const ESCAPED_JSON_SECRET_FIELD_TEXT_RE =`
			`/((?:\\")?(?:api[-_]?key\|access[-_]?token\|auth(?:_?token)?\|authorization\|bearer\|secret\|passwd\|password\|credential\|jwt\|private[-_]?key\|cookie\|connectionstring)(?:\\")?\s:\s(?:\\"))[^\\\r\n]+((?:\\"))/gi;`
Implement secrets service with local encryption, redaction, and runtime resolution Add AES-256-GCM local encrypted secrets provider with auto-generated master key, stub providers for AWS/GCP/Vault, and a secrets service that normalizes adapter configs (converting sensitive inline values to secret refs in strict mode) and resolves secret refs back to plain values at runtime. Extract redaction utilities from agent routes into shared module. Redact sensitive values in activity logs, config revisions, and approval payloads. Block rollback of revisions containing redacted secrets. Filter hidden issues from list queries. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-19 15:43:52 -06:00			`export const REDACTED_EVENT_VALUE = "*REDACTED*";`

			`function isPlainObject(value: unknown): value is Record<string, unknown> {`
			`if (typeof value !== "object" \|\| value === null \|\| Array.isArray(value)) return false;`
			`const proto = Object.getPrototypeOf(value);`
			`return proto === Object.prototype \|\| proto === null;`
			`}`

			`function sanitizeValue(value: unknown): unknown {`
			`if (value === null \|\| value === undefined) return value;`
			`if (Array.isArray(value)) return value.map(sanitizeValue);`
			`if (isSecretRefBinding(value)) return value;`
			`if (isPlainBinding(value)) return { type: "plain", value: sanitizeValue(value.value) };`
			`if (!isPlainObject(value)) return value;`
			`return sanitizeRecord(value);`
			`}`

			`function isSecretRefBinding(value: unknown): value is { type: "secret_ref"; secretId: string; version?: unknown } {`
			`if (!isPlainObject(value)) return false;`
			`return value.type === "secret_ref" && typeof value.secretId === "string";`
			`}`

			`function isPlainBinding(value: unknown): value is { type: "plain"; value: unknown } {`
			`if (!isPlainObject(value)) return false;`
			`return value.type === "plain" && "value" in value;`
			`}`

			`export function sanitizeRecord(record: Record<string, unknown>): Record<string, unknown> {`
			`const redacted: Record<string, unknown> = {};`
			`for (const [key, value] of Object.entries(record)) {`
			`if (SECRET_PAYLOAD_KEY_RE.test(key)) {`
			`if (isSecretRefBinding(value)) {`
			`redacted[key] = sanitizeValue(value);`
			`continue;`
			`}`
			`if (isPlainBinding(value)) {`
			`redacted[key] = { type: "plain", value: REDACTED_EVENT_VALUE };`
			`continue;`
			`}`
			`redacted[key] = REDACTED_EVENT_VALUE;`
			`continue;`
			`}`
			`if (typeof value === "string" && JWT_VALUE_RE.test(value)) {`
			`redacted[key] = REDACTED_EVENT_VALUE;`
			`continue;`
			`}`
			`redacted[key] = sanitizeValue(value);`
			`}`
			`return redacted;`
			`}`

			`export function redactEventPayload(payload: Record<string, unknown> \| null): Record<string, unknown> \| null {`
			`if (!payload) return null;`
			`if (!isPlainObject(payload)) return payload;`
			`return sanitizeRecord(payload);`
			`}`
[codex] Add runtime lifecycle recovery and live issue visibility (#4419) 2026-04-24 15:50:32 -05:00
			`export function redactSensitiveText(input: string): string {`
			`return input`
			.replace(AUTHORIZATION_BEARER_TEXT_RE, `$1${REDACTED_EVENT_VALUE}`)
			.replace(JSON_SECRET_FIELD_TEXT_RE, `$1${REDACTED_EVENT_VALUE}$2`)
			.replace(ESCAPED_JSON_SECRET_FIELD_TEXT_RE, `$1${REDACTED_EVENT_VALUE}$2`)
			.replace(ENV_SECRET_ASSIGNMENT_TEXT_RE, `$1${REDACTED_EVENT_VALUE}`)
			`.replace(OPENAI_KEY_TEXT_RE, REDACTED_EVENT_VALUE)`
			`.replace(GITHUB_TOKEN_TEXT_RE, REDACTED_EVENT_VALUE)`
			`.replace(JWT_TEXT_RE, REDACTED_EVENT_VALUE);`
			`}`