stability: redact tokens from logs and error responses #5
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Problem
In debug mode (
GITEA_DEBUG=true),pkg/to/to.goandpkg/loglog marshalled tool inputs/results. Some tool inputs include anAuthorizationheader pass-through; error bodies from the Gitea SDK can also echo URLs containing the token in query params for older clients. Today there is no sanitizer — a debug log file (~/.gitea-mcp/gitea-mcp.log) shipped from a customer environment could leak credentials.Suggested direction
pkg/logthat stripsAuthorization:headers,token=...query params, and anything matching common bearer-token patterns before writing***