Redact JWT token (#1434)

testforstephen · web-flow · commit 5873b04e4333 · 2025-05-30T11:38:20.000+08:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Change Log
 
+## 0.29.2
+### Changed
+- Update redact rules.
+
 ## 0.29.1
 ### Fixed
 - Fix vulnerabilities in dependencies.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -3,7 +3,7 @@
   "displayName": "Extension Pack for Java",
   "description": "Popular extensions for Java development that provides Java IntelliSense, debugging, testing, Maven/Gradle support, project management and more",
   "license": "MIT",
-  "version": "0.29.1",
+  "version": "0.29.2",
   "publisher": "vscjava",
   "preview": false,
   "engines": {
diff --git a/src/daemon/index.ts b/src/daemon/index.ts
@@ -202,6 +202,8 @@ async function traceLSPPerformance(javaExt: vscode.Extension<any>) {
    });
 }
 
+const SOURCE_REGEX = /\r?\n----------------------------------- SOURCE BEGIN -------------------------------------\r?\n[\s\S]*/;
+
 function redactDataProperties(data: any): string {
    if (data?.triggerKind !== undefined) {
       return JSON.stringify(data);
@@ -214,8 +216,8 @@ async function traceJavaExtension(javaExt: vscode.Extension<any>) {
    const javaExtVersion = javaExt.packageJSON?.version;
    const isPreReleaseVersion = /^\d+\.\d+\.\d{10}/.test(javaExtVersion);
    const remappedKeys: any = {
-      "message": "lsmessage",
-      "exception": "lsexception"
+      "message": "servermessage",
+      "exception": "serverexception"
    };
    javaExt.exports?.trackEvent?.((event: any) => {
       const metrics: any = {
@@ -237,7 +239,7 @@ async function traceJavaExtension(javaExt: vscode.Extension<any>) {
       for (const key of Object.keys(remappedKeys)) {
          if (metrics[key] !== undefined) {
             const newKey = remappedKeys[key];
-            metrics[newKey] = metrics[key];
+            metrics[newKey] = metrics[key].replace(SOURCE_REGEX, "<REDACTED: SOURCE CODE>"); // remove the source code from the message
             delete metrics[key];
          }
       }
diff --git a/src/extension.ts b/src/extension.ts
@@ -99,7 +99,7 @@ function initializeTelemetry(_context: vscode.ExtensionContext) {
       initialize(packageInfo.id, packageInfo.version, packageInfo.aiKey, {
         replacementOptions: [
           {
-            lookup: /\s*Bearer\s+[\w-]*\.?[\w-]*\.?[A-Za-z0-9-_]*/,
+            lookup: /eyJ[A-Za-z0-9_-]+\.eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9-_]*/,
             replacementString: "<REDACTED: JWT token>"
           }
         ]

Original file line number	Diff line number	Diff line change
`@@ -99,7 +99,7 @@ function initializeTelemetry(_context: vscode.ExtensionContext) {`
`99`	`99`	`initialize(packageInfo.id, packageInfo.version, packageInfo.aiKey, {`
`100`	`100`	`replacementOptions: [`
`101`	`101`	`{`
`102`		`- lookup: /\sBearer\s+[\w-]\.?[\w-]\.?[A-Za-z0-9-_]/,`
	`102`	`+ lookup: /eyJ[A-Za-z0-9_-]+\.eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9-_]*/,`
`103`	`103`	`replacementString: "<REDACTED: JWT token>"`
`104`	`104`	`}`
`105`	`105`	`]`