From e13459f3a169f0d7157efd26c07ddd0b9cc2656c Mon Sep 17 00:00:00 2001
From: xiangsx <1984871009@qq.com>
Date: Mon, 5 Jan 2026 22:44:11 +0800
Subject: [PATCH] feat: add regex pattern to mask API keys in sensitive
 information

---
 common/str.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/common/str.go b/common/str.go
index a5ac5d447..4f0e81466 100644
--- a/common/str.go
+++ b/common/str.go
@@ -16,6 +16,8 @@ var (
 	maskURLPattern    = regexp.MustCompile(`(http|https)://[^\s/$.?#].[^\s]*`)
 	maskDomainPattern = regexp.MustCompile(`\b(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}\b`)
 	maskIPPattern     = regexp.MustCompile(`\b(?:\d{1,3}\.){3}\d{1,3}\b`)
+	// maskApiKeyPattern matches patterns like 'api_key:xxx' or "api_key:xxx" to mask the API key value
+	maskApiKeyPattern = regexp.MustCompile(`(['"]?)api_key:([^\s'"]+)(['"]?)`)
 )
 
 func GetStringIfEmpty(str string, defaultValue string) string {
@@ -235,5 +237,8 @@ func MaskSensitiveInfo(str string) string {
 	// Mask IP addresses
 	str = maskIPPattern.ReplaceAllString(str, "***.***.***.***")
 
+	// Mask API keys (e.g., "api_key:AIzaSyAAAaUooTUni8AdaOkSRMda30n_Q4vrV70" -> "api_key:***")
+	str = maskApiKeyPattern.ReplaceAllString(str, "${1}api_key:***${3}")
+
 	return str
 }