Skip to content

Redact sensitive telemetry query params#4224

Merged
robacourt merged 1 commit intomainfrom
rob/redact-url-params
Apr 29, 2026
Merged

Redact sensitive telemetry query params#4224
robacourt merged 1 commit intomainfrom
rob/redact-url-params

Conversation

@robacourt
Copy link
Copy Markdown
Contributor

@robacourt robacourt commented Apr 29, 2026

Summary

  • redact sensitive query params before they are added to OTEL span attributes
  • sanitize the request debug log path so secrets do not reach OTLP log export
  • add focused coverage for query-string, url.full, per-param attributes, and log redaction

Testing

  • mix test test/electric/plug/utils_test.exs test/electric/plug/serve_shape_plug_test.exs test/electric/plug/serve_shape_plug_logging_test.exs

@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 29, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 64.69%. Comparing base (a31f752) to head (cc5dd64).
⚠️ Report is 5 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #4224   +/-   ##
=======================================
  Coverage   64.69%   64.69%           
=======================================
  Files         143      143           
  Lines       18979    18979           
  Branches     4615     4608    -7     
=======================================
  Hits        12279    12279           
  Misses       6697     6697           
  Partials        3        3
Flag Coverage Δ
packages/agents 53.73% <ø> (ø)
packages/agents-runtime 78.49% <ø> (ø)
packages/agents-server 66.03% <ø> (ø)
packages/agents-server-ui 0.00% <ø> (ø)
packages/electric-ax 30.11% <ø> (ø)
packages/experimental 87.73% <ø> (ø)
packages/react-hooks 86.48% <ø> (ø)
packages/start 82.83% <ø> (ø)
packages/typescript-client 94.30% <ø> (ø)
packages/y-electric 56.05% <ø> (ø)
typescript 64.69% <ø> (ø)
unit-tests 64.69% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@robacourt robacourt merged commit 119731e into main Apr 29, 2026
58 of 60 checks passed
@robacourt robacourt deleted the rob/redact-url-params branch April 29, 2026 11:11
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 29, 2026

This PR has been released! 🚀

The following packages include changes from this PR:

  • @core/sync-service@1.6.2

Thanks for contributing to Electric!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@icehaunter icehaunter icehaunter approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@robacourt @icehaunter