Skip to content

fix: redact blocked command JSON output#27

Merged
jamiesun merged 1 commit into
mainfrom
codex/fix-json-blocked-redaction
Jul 1, 2026
Merged

fix: redact blocked command JSON output#27
jamiesun merged 1 commit into
mainfrom
codex/fix-json-blocked-redaction

Conversation

@jamiesun

@jamiesun jamiesun commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Summary

  • redact secret-like arguments in --json command results using the existing audit redaction helper
  • apply redaction to both the JSON command field and sshx-level error text
  • add a regression test for blocked command JSON output with quoted secret-like values

Fixes #24

Verification

  • go test ./internal/app -run 'TestRun_BlockedCommandJSONRedactsSecretLikeArguments|TestRun_BlockedCommandShortCircuits|TestEmitCommandJSONContracts|TestRedactSensitiveText' -count=1
  • go test ./...
  • git diff --check

@jamiesun jamiesun merged commit ed1035c into main Jul 1, 2026
6 checks passed
@jamiesun jamiesun deleted the codex/fix-json-blocked-redaction branch July 1, 2026 05:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[json] Blocked command output echoes secret-like arguments after audit redaction

1 participant