vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 10:50:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: close Matrix QA redaction cleanup gaps

Browse Source
This commit is contained in:
Gustavo Madeira Santana
2026-04-23 07:49:09 -04:00
parent 81f1a0a163
commit f372591a69
4 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
extensions/qa-matrix/src/runners/contract/scenario-runtime-e2ee.ts
View File

@@ -1382,7 +1382,11 @@ export async function runMatrixQaE2eeCliSelfVerificationScenario(
session.kill();
}
} finally {
await cli.dispose();
try {
await cli.dispose();
} finally {
await owner.deleteOwnDevices([cliDevice.deviceId]).catch(() => undefined);
}
}
},
);

2
extensions/qa-matrix/src/runners/contract/scenarios.test.ts
View File

@@ -3151,7 +3151,7 @@ describe("matrix live qa scenarios", () => {
await expect(readdir(String(cliEnv?.OPENCLAW_STATE_DIR))).rejects.toThrow();
expect(acceptVerification).toHaveBeenCalledWith("owner-request");
expect(confirmVerificationSas).toHaveBeenCalledWith("owner-request");
expect(deleteOwnDevices).not.toHaveBeenCalled();
expect(deleteOwnDevices).toHaveBeenCalledWith(["CLIDEVICE"]);
const [cliRunDir] = await readdir(path.join(outputDir, "cli-self-verification"));
const cliArtifactDir = path.join(outputDir, "cli-self-verification", cliRunDir ?? "");
await expect(stat(cliArtifactDir)).resolves.toMatchObject({ mode: expect.any(Number) });

15
src/logging/redact.test.ts
View File

@@ -18,6 +18,21 @@ describe("redactSensitiveText", () => {
expect(output).toBe("OPENAI_API_KEY=sk-123…cdef");
});
it("masks env assignments after punctuation delimiters", () => {
expect(
redactSensitiveText("(OPENAI_API_KEY=sk-1234567890abcdef)", {
mode: "tools",
patterns: defaults,
}),
).toBe("(OPENAI_API_KEY=sk-123…cdef)");
expect(
redactSensitiveText("[MATRIX_ACCESS_TOKEN=abcdef1234567890ghij]", {
mode: "tools",
patterns: defaults,
}),
).toBe("[MATRIX_ACCESS_TOKEN=abcdef…ghij]");
});
it("masks CLI flags", () => {
const input = "curl --token abcdef1234567890ghij https://api.test";
const output = redactSensitiveText(input, {

2
src/logging/redact.ts
View File

@@ -15,7 +15,7 @@ const DEFAULT_REDACT_KEEP_END = 4;
const DEFAULT_REDACT_PATTERNS: string[] = [
// ENV-style assignments.
String.raw`(?:^|\s)\b[A-Z0-9_]*(?:KEY|TOKEN|SECRET|PASSWORD|PASSWD)\b\s*[=:]\s*(["']?)([^\s"'\\]+)\1`,
String.raw`(?:^|[\s([{,;])\b[A-Z0-9_]*(?:KEY|TOKEN|SECRET|PASSWORD|PASSWD)\b\s*[=:]\s*(["']?)([^\s"'\\)\]\},;]+)\1`,
// JSON fields.
String.raw`"(?:apiKey|token|secret|password|passwd|accessToken|refreshToken|access_token|refresh_token)"\s*:\s*"([^"]+)"`,
// URL query parameters.