github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 04:01:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): redact Telegram bot tokens in errors

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-16 03:30:39 +01:00
parent 09566b1693
commit cf69907015
4 changed files with 31 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/logging/redact.test.ts
View File

@@ -49,6 +49,16 @@ describe("redactSensitiveText", () => {
expect(output).toBe("123456…cdef");
});
it("masks Telegram Bot API URL tokens", () => {
const input =
"GET https://api.telegram.org/bot123456:ABCDEFGHIJKLMNOPQRSTUVWXYZabcdef/getMe HTTP/1.1";
const output = redactSensitiveText(input, {
mode: "tools",
patterns: defaults,
});
expect(output).toBe("GET https://api.telegram.org/bot123456…cdef/getMe HTTP/1.1");
});
it("redacts short tokens fully", () => {
const input = "TOKEN=shortvalue";
const output = redactSensitiveText(input, {