Skip to content

feat: allow redaction of secrets in commands, rather than filtering them #2933

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: allow redaction of secrets in commands, rather than filtering them #2933

wants to merge 3 commits into from
+124 −4

Conversation

@keithamus
Copy link
Contributor

@keithamus keithamus commented Oct 1, 2025

This attempts to resolve #2769 by adding a new secrets_redact option. When enabled this option will change how secrets_filter works:

  • If secrets_filter = false then no change is made, secrets will appear in the users' history, regardless of secrets_redact.
  • If secrets_filter = true and secrets_redact is false, then the "old" behaviour will occur: any detected secret will exclude that whole command from the users' history.
  • If secrets_filter = true and secrets_redact = true then this new mode will engage: commands with secrets will be edited before they're saved into history and the secret content will be replaced with the string "[REDACTED]".

This could probably do with more testing. I think I've got it largely correct but given how sensitive the topic is I'd prefer some extra scrutiny on this one.

Checks

  • I am happy for maintainers to push small adjustments to this PR, to speed up the review cycle
  • I have checked that there are no existing pull requests for the same thing

@keithamus
feat: allow redaction of secrets in commands, rather than filtering them
f940972 
This attempts to resolve atuinsh#2769 by adding
a new `secrets_redact` option. When enabled this option will change how
`secrets_filter` works:

- If `secrets_filter = false` then no change is made, secrets will appear in the
  users' history, regardless of `secrets_redact`.
- If `secrets_filter = true` and `secrets_redact` is `false`, then the
  "old" behaviour will occur: any detected secret will exclude that whole
  command from the users' history.
- If `secrets_filter = true` and `secrets_redact = true` then this _new_ mode
  will engage: commands with secrets will be edited before they're saved into
  history and the secret _content_ will be replaced with the string
  `"[REDACTED]"`.
keithamus
keithamus commented Oct 1, 2025
View reviewed changes
crates/atuin-client/src/history.rs
Comment on lines +388 to +394
debug_assert!(
!settings.secrets_filter || settings.secrets_redact,
"Only return true if secrets_filter is off or redactions are enabled!"
);
// secrets_redact is enabled, so `redact_if_needed` will remove the secret from the
// command, therefore it is save to save.
true
Copy link
Contributor Author

@keithamus keithamus Oct 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This true looks scary so I added a debug_assert! to make sure we're really sure we can safely pass true 😅

@keithamus
Copy link
Contributor Author

keithamus commented Oct 1, 2025

This doesn't strictly depend on #2932 but it really should be part of the release, as without #2932 this will redact some key names, not values - kind of the opposite of the intent here.

@keithamus keithamus changed the title feat: more accurately filter secret tokens feat: allow redaction of secrets in commands, rather than filtering them Oct 1, 2025
keithamus
keithamus commented Oct 1, 2025
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FR] option to redact secrets rather than delete

1 participant

@keithamus