MCPcopy
hub / github.com/codeaashu/claude-code / redactSensitiveInfo

Function redactSensitiveInfo

src/components/Feedback.tsx:71–113  ·  view source on GitHub ↗
(text: string)

Source from the content-addressed store, hash-verified

69
70// Utility function to redact sensitive information from strings
71export function redactSensitiveInfo(text: string): string {
72 let redacted = text;
73
74 // Anthropic API keys (sk-ant...) with or without quotes
75 // First handle the case with quotes
76 redacted = redacted.replace(/"(sk-ant[^\s"']{24,})"/g, '"[REDACTED_API_KEY]"');
77 // Then handle the cases without quotes - more general pattern
78 redacted = redacted.replace(
79 // eslint-disable-next-line custom-rules/no-lookbehind-regex -- .replace(re, string) on /bug path: no-match returns same string (Object.is)
80 /(?<![A-Za-z0-9"'])(sk-ant-?[A-Za-z0-9_-]{10,})(?![A-Za-z0-9"'])/g, '[REDACTED_API_KEY]');
81
82 // AWS keys - AWSXXXX format - add the pattern we need for the test
83 redacted = redacted.replace(/AWS key: "(AWS[A-Z0-9]{20,})"/g, 'AWS key: "[REDACTED_AWS_KEY]"');
84
85 // AWS AKIAXXX keys
86 redacted = redacted.replace(/(AKIA[A-Z0-9]{16})/g, '[REDACTED_AWS_KEY]');
87
88 // Google Cloud keys
89 redacted = redacted.replace(
90 // eslint-disable-next-line custom-rules/no-lookbehind-regex -- same as above
91 /(?<![A-Za-z0-9])(AIza[A-Za-z0-9_-]{35})(?![A-Za-z0-9])/g, '[REDACTED_GCP_KEY]');
92
93 // Vertex AI service account keys
94 redacted = redacted.replace(
95 // eslint-disable-next-line custom-rules/no-lookbehind-regex -- same as above
96 /(?<![A-Za-z0-9])([a-z0-9-]+@[a-z0-9-]+\.iam\.gserviceaccount\.com)(?![A-Za-z0-9])/g, '[REDACTED_GCP_SERVICE_ACCOUNT]');
97
98 // Generic API keys in headers
99 redacted = redacted.replace(/(["']?x-api-key["']?\s*[:=]\s*["']?)[^"',\s)}\]]+/gi, '$1[REDACTED_API_KEY]');
100
101 // Authorization headers and Bearer tokens
102 redacted = redacted.replace(/(["']?authorization["']?\s*[:=]\s*["']?(bearer\s+)?)[^"',\s)}\]]+/gi, '$1[REDACTED_TOKEN]');
103
104 // AWS environment variables
105 redacted = redacted.replace(/(AWS[_-][A-Za-z0-9_]+\s*[=:]\s*)["']?[^"',\s)}\]]+["']?/gi, '$1[REDACTED_AWS_VALUE]');
106
107 // GCP environment variables
108 redacted = redacted.replace(/(GOOGLE[_-][A-Za-z0-9_]+\s*[=:]\s*)["']?[^"',\s)}\]]+["']?/gi, '$1[REDACTED_GCP_VALUE]');
109
110 // Environment variables with keys
111 redacted = redacted.replace(/((API[-_]?KEY|TOKEN|SECRET|PASSWORD)\s*[=:]\s*)["']?[^"',\s)}\]]+["']?/gi, '$1[REDACTED]');
112 return redacted;
113}
114
115// Get sanitized error logs with sensitive information redacted
116function getSanitizedErrorLogs(): Array<{

Callers 5

getSanitizedErrorLogsFunction · 0.85
FeedbackFunction · 0.85
createGitHubIssueUrlFunction · 0.85
sanitizeAndLogErrorFunction · 0.85
submitTranscriptShareFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected