fix(server): prevent leaking provider env variables in log messages#2451
fix(server): prevent leaking provider env variables in log messages#2451pilartomas merged 1 commit intomainfrom
Conversation
ProviderRegistryRecord was interpolated directly into log and error messages, exposing the variables dict which can contain secrets. Log only provider_record.location instead. Signed-off-by: Tomas Pilar <thomas7pilar@gmail.com>
dosubot
bot
added
the
size:XS
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request addresses a security vulnerability by preventing the unintentional logging of sensitive provider environment variables. Previously, Highlights
🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request addresses a critical security vulnerability by preventing provider environment variables, which may contain secrets, from being leaked into log messages. The change correctly replaces logging the entire ProviderRegistryRecord object with just its location attribute. This is an important fix. I've also noticed a minor issue with a potentially misleading error message in one of the modified lines and have left a suggestion for improvement.
| logger.info(f"Updated provider {provider_record.location}") | ||
| except Exception as ex: | ||
| errors.append(RuntimeError(f"[{provider_record}]: Failed to add provider: {ex}")) | ||
| errors.append(RuntimeError(f"[{provider_record.location}]: Failed to add provider: {ex}")) |
There was a problem hiding this comment.
This error message appears to be copied from the 'new providers' loop. For clarity, since this code block handles updating existing providers via patch_provider, it would be better if the message reflected that an update failed, not an addition.
| errors.append(RuntimeError(f"[{provider_record.location}]: Failed to add provider: {ex}")) | |
| errors.append(RuntimeError(f"[{provider_record.location}]: Failed to update provider: {ex}")) |
1 participant
Summary
ProviderRegistryRecordwas being interpolated directly into log/error messages in the provider registry sync cron job, which exposed thevariablesdict containing secrets (API keys, tokens, etc.){provider_record}with{provider_record.location}in 4 log/error message sitesTest plan
mise run checkpasses