fix(publicenv): redact internal work context terms
This commit is contained in:
Your Name
@@ -38,6 +38,14 @@ _HOST_ALIASES = {
|
||||
|
||||
_PRIVATE_LAN_RE = re.compile(r"192\.168\.0\.\d{1,3}(?::\d{1,5})?")
|
||||
|
||||
_WORK_CONTEXT_REPLACEMENTS = {
|
||||
"工作視窗": "內部協作環境",
|
||||
"批准!繼續": "內部短訊指令",
|
||||
"批准!": "內部短訊指令",
|
||||
"source_thread_id": "redacted_thread_id",
|
||||
"codex_delegation": "redacted_delegation",
|
||||
}
|
||||
|
||||
|
||||
def redact_public_lan_text(value: str) -> str:
|
||||
"""Replace internal LAN addresses with public-safe asset aliases."""
|
||||
@@ -52,7 +60,10 @@ def redact_public_lan_text(value: str) -> str:
|
||||
redacted = redacted.replace(f"https://{host}", alias)
|
||||
redacted = redacted.replace(host, alias)
|
||||
|
||||
return _PRIVATE_LAN_RE.sub("host:internal-node", redacted)
|
||||
redacted = _PRIVATE_LAN_RE.sub("host:internal-node", redacted)
|
||||
for phrase, replacement in _WORK_CONTEXT_REPLACEMENTS.items():
|
||||
redacted = redacted.replace(phrase, replacement)
|
||||
return redacted
|
||||
|
||||
|
||||
def redact_public_lan_topology(value: Any) -> Any:
|
||||
|
||||
@@ -33,6 +33,15 @@ def test_redact_public_lan_topology_recurses_json_values() -> None:
|
||||
assert redacted["nested"][0]["endpoint"] == "host:observability-a/signoz"
|
||||
|
||||
|
||||
def test_redact_public_lan_text_replaces_internal_work_context_terms() -> None:
|
||||
redacted = redact_public_lan_text("不得顯示工作視窗對話、批准!繼續 或 source_thread_id")
|
||||
|
||||
assert "工作視窗" not in redacted
|
||||
assert "批准!" not in redacted
|
||||
assert "source_thread_id" not in redacted
|
||||
assert "內部協作環境" in redacted
|
||||
|
||||
|
||||
def test_public_monitoring_tool_payload_drops_internal_probe_url() -> None:
|
||||
payload = public_monitoring_tool_payload(
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user