Privacy.ts: Additional safety for debug logs

2026-04-25 10:58:19 +01:00 · 2025-07-22 06:44:08 +10:00
parent 75c867ee1f
commit 387fb8bfc1
2 changed files with 132 additions and 9 deletions
--- a/ts/test-node/util/privacy_test.ts
+++ b/ts/test-node/util/privacy_test.ts
@@ -9,6 +9,110 @@ import { APP_ROOT_PATH } from '../../util/privacy';
 Privacy.addSensitivePath('sensitive-path');

 describe('Privacy', () => {
+  describe('redactCardNumbers', () => {
+    it('should redact anything that looks like a credit card', () => {
+      const text =
+        'This is a log line with a card number 1234-1234-1234\n' +
+        'and another one 1234 1234 1234 1234 123';
+
+      const actual = Privacy.redactCardNumbers(text);
+      const expected =
+        'This is a log line with a card number [REDACTED]\n' +
+        'and another one [REDACTED]';
+      assert.equal(actual, expected);
+    });
+
+    it('should redact weird credit card numbers', () => {
+      const text =
+        '12341234123\n' +
+        '123412341234\n' +
+        '1234123412341\n' +
+        '12341234123412\n' +
+        '123412341234123\n' +
+        '1234123412341234\n' +
+        '12341234123412341\n' +
+        '123412341234123412\n' +
+        '1234123412341234123\n' +
+        '12341234123412341234\n' +
+        '1-2-3-4-1-2-3-4-1-2-3\n' +
+        '1-2-3-4-1-2-3-4-1-2-3-4\n' +
+        '1-2-3-4-1-2-3-4-1-2-3-4-1\n' +
+        '1-2-3-4-1-2-3-4-1-2-3-4-1-2\n' +
+        '1-2-3-4-1-2-3-4-1-2-3-4-1-2-3\n' +
+        '1-2-3-4-1-2-3-4-1-2-3-4-1-2-3-4\n' +
+        '1-2-3-4-1-2-3-4-1-2-3-4-1-2-3-4-1\n' +
+        '1-2-3-4-1-2-3-4-1-2-3-4-1-2-3-4-1-2\n' +
+        '1-2-3-4-1-2-3-4-1-2-3-4-1-2-3-4-1-2-3\n' +
+        '1-2-3-4-1-2-3-4-1-2-3-4-1-2-3-4-1-2-3-4\n' +
+        '1 2 3 4 1 2 3 4 1 2 3\n' +
+        '1 2 3 4 1 2 3 4 1 2 3 4\n' +
+        '1 2 3 4 1 2 3 4 1 2 3 4 1\n' +
+        '1 2 3 4 1 2 3 4 1 2 3 4 1 2\n' +
+        '1 2 3 4 1 2 3 4 1 2 3 4 1 2 3\n' +
+        '1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4\n' +
+        '1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1\n' +
+        '1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2\n' +
+        '1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3\n' +
+        '1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4\n' +
+        '1 2 3 a 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4\n' +
+        '1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 a 2 3 4\n' +
+        '';
+
+      const actual = Privacy.redactCardNumbers(text);
+      const expected =
+        '12341234123\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]4\n' +
+        '1-2-3-4-1-2-3-4-1-2-3\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]-4\n' +
+        '1 2 3 4 1 2 3 4 1 2 3\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED]\n' +
+        '[REDACTED] 4\n' +
+        '1 2 3 a [REDACTED]\n' +
+        '[REDACTED] a 2 3 4\n' +
+        '';
+      assert.equal(actual, expected);
+    });
+
+    it('should not redact things that are close to credit card numbers', () => {
+      const text = `
+        12--3412341234
+        1234123  412341234
+        1e23412341234
+      `;
+
+      const actual = Privacy.redactCardNumbers(text);
+      const expected = `
+        12--3412341234
+        1234123  412341234
+        1e23412341234
+      `;
+      assert.equal(actual, expected);
+    });
+  });
+
  describe('redactPhoneNumbers', () => {
    it('should redact all phone numbers', () => {
      const text =
@@ -143,6 +247,7 @@ describe('Privacy', () => {
        'phone2 +13334445566 lorem\n' +
        'group2 group(abcdefghij) doloret\n' +
        'path3 sensitive-path/attachment.noindex\n' +
+        'cc 1234 1234 1234 1234 and another 1234123412341234\n' +
        'attachment://v2/ab/abcde?key=specialkey\n';

      const actual = Privacy.redactAll(text);
@@ -155,6 +260,7 @@ describe('Privacy', () => {
        'phone2 +[REDACTED]566 lorem\n' +
        'group2 group([REDACTED]hij) doloret\n' +
        'path3 [REDACTED]/attachment.noindex\n' +
+        'cc [REDACTED] and another [REDACTED]\n' +
        'attachment://v2/ab/abcde?key=[REDACTED]\n';
      assert.equal(actual, expected);
    });