Skip to content

fix: redact token from TokenSecret repr to prevent API key leaks#11810

Open
Aarkin7 wants to merge 3 commits into
deepset-ai:mainfrom
Aarkin7:fix/tokensecret-repr-redact
Open

fix: redact token from TokenSecret repr to prevent API key leaks#11810
Aarkin7 wants to merge 3 commits into
deepset-ai:mainfrom
Aarkin7:fix/tokensecret-repr-redact

Conversation

@Aarkin7

@Aarkin7 Aarkin7 commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Related Issues

Proposed Changes:

TokenSecret is a @DataClass(frozen=True) with no custom repr, so Python auto-generates one that prints every field, including the raw _token. Any path that formats locals: print(), exception tracebacks, Sentry/structlog breadcrumbs, Jupyter cell echo, pprint, leaks the user's API key.

Added an explicit repr on TokenSecret that renders _token as . Since str() falls back to repr, both paths are covered. eq/hash are untouched (still dataclass-generated), so equality semantics don't change. EnvVarSecret is left alone, it stores env-var names, not values.

How did you test it?

  • Extended test_token_secret with three asserts: the raw token never appears in repr() or str(), and the placeholder is present. This pins the contract so a future refactor can't silently reintroduce the leak.
  • hatch run test:unit test/utils/test_auth.py: passes.
  • hatch run test:unit test/ -k "token or secret or auth": 47 tests pass, none affected.
  • hatch run test:types and hatch run fmt: clean.

Notes for the reviewer

  • I deliberately did not include the token length in the placeholder (some examples use <redacted, N chars>). Length leaks info for negligible debugging value.
  • Out of scope: vars(secret), secret.dict, and dataclasses.asdict(secret) still expose _token. Closing those requires removing _token from the instance dict entirely (closure/descriptor), much larger change with pickle/copy implications. This PR closes the dominant leak path (everything that goes through repr) without touching the data model.

Checklist

  • I have read the contributors guidelines and the code of conduct.
  • I have updated the related issue with new insights and changes.
  • I have added unit tests and updated the docstrings.
  • I've used one of the conventional commit types for my PR title: fix:, feat:, build:, chore:, ci:, docs:, style:, refactor:, perf:, test: and added ! in case the PR includes breaking changes.
  • I have documented my code.
  • I have added a release note file, following the contributors guidelines.
  • I have run pre-commit hooks and fixed any issue.

@Aarkin7 Aarkin7 requested a review from a team as a code owner June 29, 2026 12:57
@Aarkin7 Aarkin7 requested review from bogdankostic and removed request for a team June 29, 2026 12:57
@vercel

vercel Bot commented Jun 29, 2026

Copy link
Copy Markdown

@Aarkin7 is attempting to deploy a commit to the deepset Team on Vercel.

A member of the Team first needs to authorize it.

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Coverage report

Click to see where and how coverage changed

FileStatementsMissingCoverageCoverage
(new stmts)		Lines missing
  haystack/utils
  auth.py
Project Total  

This report was generated by python-coverage-comment-action

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bogdankostic bogdankostic Awaiting requested review from bogdankostic bogdankostic is a code owner automatically assigned from deepset-ai/open-source-engineering

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

topic:tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

TokenSecret.__repr__ leaks the raw API key into logs, tracebacks, and stdout

1 participant

@Aarkin7