Security: Potential Exposure of Sensitive Information in Logs#1546
Security: Potential Exposure of Sensitive Information in Logs#1546bachdev wants to merge 1 commit intogit-bug:trunkfrom
Conversation
The `runBridgeAuthShow` function logs the value of authentication tokens to the console. This can lead to exposure of sensitive information if logs are accessed by unauthorized users. Logging sensitive data like tokens can be a security risk as it may allow attackers to gain unauthorized access. Affected files: bridge_auth_show.go Signed-off-by: BachDEV <1437214+bachdev@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR addresses a security concern in the bridge credential “show” command by preventing authentication tokens from being printed to the console, reducing the chance of secret leakage via terminal history or log collection.
Changes:
- Replace printing the raw token value with a redacted placeholder in
bridge auth show.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| switch cred := cred.(type) { | ||
| case *auth.Token: | ||
| env.Out.Printf("Value: %s\n", cred.Value) | ||
| env.Out.Printf("Value: %s\n", "[REDACTED]") |
There was a problem hiding this comment.
This change makes bridge auth show permanently unable to display the token value (it always prints "[REDACTED]"). If callers/users rely on this command to retrieve tokens, this is a CLI contract change; consider adding an explicit opt-in flag (e.g. --reveal/--show-value) and keep the default output redacted/masked.
| switch cred := cred.(type) { | ||
| case *auth.Token: | ||
| env.Out.Printf("Value: %s\n", cred.Value) | ||
| env.Out.Printf("Value: %s\n", "[REDACTED]") |
There was a problem hiding this comment.
Redacting the value here helps, but token values are still printed elsewhere (e.g. bridge auth list uses value = cred.Value in commands/bridge/bridge_auth.go). For a complete mitigation of token exposure in console/log output, consider masking/redacting tokens consistently across all credential-display commands.
🔒 Security Fix
Problem
The
runBridgeAuthShowfunction logs the value of authentication tokens to the console. This can lead to exposure of sensitive information if logs are accessed by unauthorized users. Logging sensitive data like tokens can be a security risk as it may allow attackers to gain unauthorized access.Severity:
mediumFile:
commands/bridge/bridge_auth_show.goSolution
Avoid logging sensitive information such as authentication tokens. Consider redacting or masking the token value before logging, or logging only non-sensitive metadata.
Changes
commands/bridge/bridge_auth_show.go(modified)Testing
🤖 About this PR
This pull request was generated by ContribAI, an AI agent
that helps improve open source projects. The change was:
If you have questions or feedback about this PR, please comment below.
We appreciate your time reviewing this contribution!
Closes #1545