vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 17:50:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): emit QQBot debug logs as sanitized lines

Browse Source 
Emits QQBot debug logs as CRLF-neutralized lines to remediate CodeQL alert 231.
This commit is contained in:
Vincent Koc
2026-04-30 00:49:38 -07:00
committed by GitHub
parent dc0c54c7f1
commit 77f904d35c
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
extensions/qqbot/src/engine/utils/log.test.ts
View File

@@ -23,6 +23,6 @@ describe("QQBot debug logging", () => {
debugLog("prefix", "line one\nline two");
expect(logSpy).toHaveBeenCalledWith("prefix", "line one line two");
expect(logSpy).toHaveBeenCalledWith("prefix line one line two");
});
});

10
extensions/qqbot/src/engine/utils/log.ts
View File

@@ -35,27 +35,27 @@ export function sanitizeDebugLogValue(value: unknown): string {
return `${sanitized.slice(0, MAX_LOG_VALUE_CHARS)}...`;
}
function sanitizeDebugLogArgs(args: unknown[]): string[] {
return args.map(sanitizeDebugLogValue);
function formatDebugLogArgs(args: unknown[]): string {
return args.map(sanitizeDebugLogValue).join(" ");
}
/** Debug-level log; only outputs when QQBOT_DEBUG is enabled. */
export function debugLog(...args: unknown[]): void {
if (isDebug()) {
console.log(...sanitizeDebugLogArgs(args));
console.log(formatDebugLogArgs(args).replace(/[\r\n]/g, " "));
}
}
/** Debug-level warning; only outputs when QQBOT_DEBUG is enabled. */
export function debugWarn(...args: unknown[]): void {
if (isDebug()) {
console.warn(...sanitizeDebugLogArgs(args));
console.warn(formatDebugLogArgs(args).replace(/[\r\n]/g, " "));
}
}
/** Debug-level error; only outputs when QQBOT_DEBUG is enabled. */
export function debugError(...args: unknown[]): void {
if (isDebug()) {
console.error(...sanitizeDebugLogArgs(args));
console.error(formatDebugLogArgs(args).replace(/[\r\n]/g, " "));
}
}