polymech/zeroclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1682bd9b23
zeroclaw/src/auth
History
agorevski 52f72692ba fix(security): remove sensitive fields from Debug impls 
Resolve 18 CodeQL cleartext-logging/cleartext-transmission alerts by
removing sensitive data from Debug output entirely rather than redacting.

Changes:
- memory/mod.rs: omit api_key from ResolvedEmbeddingConfig Debug
- tools/browser.rs: omit api_key from ComputerUseConfig Debug
- providers/mod.rs: omit access_token/refresh_token from
  QwenOauthCredentials Debug, credential from QwenOauthProviderContext
- memory/traits.rs: custom Debug for MemoryEntry omitting session_id
- auth/profiles.rs: custom Debug for AuthProfile omitting token,
  token_set, account_id
- channels/matrix.rs: add Debug impl for MatrixChannel omitting
  access_token
- channels/qq.rs: sanitize user_id before URL interpolation
- channels/whatsapp_storage.rs: document false-positive analysis

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-02-20 22:06:21 -08:00
..
anthropic_token.rs fix(auth): rebase PR #200 onto main and restore auth CLI flow 2026-02-18 12:57:44 +08:00
mod.rs refactor(auth): make auth profile store async 2026-02-21 02:25:23 +08:00
openai_oauth.rs fix PR #200 review issues 2026-02-18 12:57:44 +08:00
profiles.rs fix(security): remove sensitive fields from Debug impls 2026-02-20 22:06:21 -08:00