chore: import upstream snapshot with attribution
This commit is contained in:
@@ -0,0 +1,31 @@
|
||||
import { describe, expect, it } from "vitest";
|
||||
import { safeEnvironmentLogFields } from "../app/services/safeEnvironmentLog.js";
|
||||
|
||||
// AuthenticatedEnvironment carries `apiKey` (and pkApiKey) — these must never
|
||||
// reach the logger when an environment is logged.
|
||||
const environment = {
|
||||
id: "env_1",
|
||||
slug: "prod",
|
||||
type: "PRODUCTION",
|
||||
projectId: "proj_1",
|
||||
organizationId: "org_1",
|
||||
apiKey: "tr_prod_SUPERSECRET",
|
||||
pkApiKey: "pk_prod_SECRET",
|
||||
} as any;
|
||||
|
||||
describe("safeEnvironmentLogFields", () => {
|
||||
it("emits only non-secret identity fields, never the api key", () => {
|
||||
const fields = safeEnvironmentLogFields(environment);
|
||||
const serialized = JSON.stringify(fields);
|
||||
expect(serialized).not.toContain("tr_prod_SUPERSECRET");
|
||||
expect(serialized).not.toContain("pk_prod_SECRET");
|
||||
expect(serialized).not.toContain("apiKey");
|
||||
expect(fields).toEqual({
|
||||
id: "env_1",
|
||||
slug: "prod",
|
||||
type: "PRODUCTION",
|
||||
projectId: "proj_1",
|
||||
organizationId: "org_1",
|
||||
});
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user