[COMPASS-1407] Redact connection credentials from debug output when NODE_ENV is production Created: 14/Jul/17  Updated: 10/Jan/24  Resolved: 30/Jun/22

Status: Closed
Project: Compass
Component/s: Security
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Lucas Hrabovsky (Inactive) Assignee: Unassigned
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to COMPASS-2332 Write to Log File in Production Closed

 Description   

Broken off from https://github.com/10gen/compass/pull/939

durran.jordan suggested:

I'm actually against this as this specific debug helped track down the issue with a customer on the libsecret problem - as I could see the connection details in the logs. In production, the password is redacted:

mongodb-compass:models:connection Testing connection to `

Unknown macro: {"name"}

`... +22s

thomasr says:

We can't leave it in like that for production. Huge potential for PR disaster. Either we redact in production or take that whole line out.

durran.jordan says:

Yeah I would prefer redacting as the connection information has been very useful in debuggin issues.

lucas.hrabovsky says:

The redact-secrets module could be helpful here:

> Deeply iterate over an object and redact secret values by replacing them with a predefined string.

Combine with an override of debug#formatArgs() should give the desired result (something like the below)

var debug = require('debug');
var _format = debug.formatArgs;
var redact = require('redact-secrets')('[REDACTED]');
debug.formatArgs = function(...args) {
  const redactedArgs = args.map((arg) => (typeof arg === 'object') ? redact.map(arg) : arg);
  return _format.apply(debug, redactedArgs);
};


Generated at Wed Feb 07 22:27:26 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.