(text: string)
| 344 | /\beyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+/g; |
| 345 | |
| 346 | function scrubSecretsFromText(text: string): string { |
| 347 | if (!text) { |
| 348 | return text; |
| 349 | } |
| 350 | |
| 351 | return redactDdlSecrets(text) |
| 352 | .replace( |
| 353 | CONNECTION_STRING_SECRET_PATTERN, |
| 354 | (_match: string, prefix: string): string => { |
| 355 | return `${prefix}:***REDACTED***@`; |
| 356 | }, |
| 357 | ) |
| 358 | .replace( |
| 359 | AUTH_HEADER_SECRET_PATTERN, |
| 360 | ( |
| 361 | _match: string, |
| 362 | name: string, |
| 363 | separator: string, |
| 364 | scheme: string, |
| 365 | ): string => { |
| 366 | return `${name}${separator}${scheme || ""}***REDACTED***`; |
| 367 | }, |
| 368 | ) |
| 369 | .replace(BEARER_TOKEN_PATTERN, (_match: string, scheme: string): string => { |
| 370 | return `${scheme} ***REDACTED***`; |
| 371 | }) |
| 372 | .replace(JWT_PATTERN, "***REDACTED-JWT***"); |
| 373 | } |
| 374 | |
| 375 | /* |
| 376 | * Field names whose VALUE we always drop, regardless of type, when walking a |
no test coverage detected