File tree Expand file tree Collapse file tree 2 files changed +8
-2
lines changed
Expand file tree Collapse file tree 2 files changed +8
-2
lines changed Original file line number Diff line number Diff line change 5454 r"(?i).*privatekey.*" ,
5555 r"(?i).*private_key.*" ,
5656 r"(?i).*token.*" ,
57+ r"(?i).*aws_secret_access_key.*" ,
5758]
5859
5960DEFAULT_CODE_VARIABLES_IGNORE_PATTERNS = [r"^__.*" ]
@@ -1046,7 +1047,10 @@ def serialize_code_variables(
10461047 serialized = _serialize_variable_value (value , limiter , max_length )
10471048 if serialized is None :
10481049 break
1049- result [name ] = serialized
1050+ if isinstance (serialized , str ) and _pattern_matches (serialized , compiled_mask ):
1051+ result [name ] = CODE_VARIABLES_REDACTED_VALUE
1052+ else :
1053+ result [name ] = serialized
10501054
10511055 return result
10521056
Original file line number Diff line number Diff line change @@ -60,7 +60,8 @@ def trigger_error():
6060 my_bool = True
6161 my_dict = {"name": "test", "value": 123}
6262 my_obj = UnserializableObject()
63- my_password = "secret123" # Should be masked by default
63+ my_password = "secret123" # Should be masked by default (name matches)
64+ my_innocent_var = "contains_password_here" # Should be masked by default (value matches)
6465 __should_be_ignored = "hidden" # Should be ignored by default
6566
6667 1/0 # Trigger exception
@@ -98,6 +99,7 @@ def process_data():
9899 assert b'"my_dict": "{\\ "name\\ ": \\ "test\\ ", \\ "value\\ ": 123}"' in output
99100 assert b"<__main__.UnserializableObject object at" in output
100101 assert b"'my_password': '$$_posthog_redacted_based_on_masking_rules_$$'" in output
102+ assert b"'my_innocent_var': '$$_posthog_redacted_based_on_masking_rules_$$'" in output
101103 assert b"'__should_be_ignored':" not in output
102104
103105 # Variables from intermediate_function frame
You can’t perform that action at this time.
0 commit comments