Open
Conversation
Settings file permissions: - Write settings.json with 0o600 (owner-only) permissions to prevent other users on shared systems from reading stored API keys/tokens. API key sanitization: - Replace fragile string truncation with regex-based redaction across all 3 locations (__main__.py, webapi/wrapper.py x2). - Apply redaction to all exception types, not just HTTPError/SSLError. - Handle both ?key= and &key= URL parameter formats. - Fix bug where missing pattern caused silent stacktrace destruction (truncated to 4 characters). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Settings file permissions: - Write settings.json with 0o600 (owner-only) permissions - Add os.chmod() to enforce permissions on existing files API key redaction: - Replace fragile string truncation with regex-based redaction - Use capture group to preserve URL delimiters in redacted output - Apply to all exception types, not just HTTPError/SSLError - Add redaction to handle_exception() excepthook (was bypassing loguru filter via exc_info=) - Add redaction to CLI error handlers (__main__.py, build_db.py) - Add _redact_secrets() to obfuscate_message.py global log filter - Centralize redaction in dialogue.py base classes for all UI dialogs Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Settings file permissions
settings.jsonwith0o600(owner-only) permissions viaos.open()os.chmod()to enforce permissions on pre-existing filesAPI key redaction (7 locations)
re.sub()redaction?/&) in redacted outputhandle_exception()excepthook — was bypassing loguru filter viaexc_info=__main__.py,build_db.py)_redact_secrets()toobfuscate_message.pyglobal loguru filterdialogue.pybase classes for all UI dialogsSecurity Impact
Severity: High — The old sanitization logic was actively broken: when
&key=was not found in a stacktrace,str.find()returned-1, silently truncating the entire stacktrace to 4 characters. Settings file with API keys was world-readable (0o644) on Linux.Test plan
tests/utils/test_obfuscate_message.py— 11 tests passing (4 existing + 7 new)0o600permissions on Linux🤖 Generated with Claude Code