Skip to content

Commit 056a38f

Browse files
authored
Merge pull request #6 from TeaEntityLab/alert-autofix-5
Potential fix for code scanning alert no. 5: Clear-text logging of sensitive information
2 parents 4ad0d26 + 342e8d6 commit 056a38f

1 file changed

Lines changed: 5 additions & 5 deletions

File tree

teaagent/cli/_handlers/_mcp.py

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -80,11 +80,11 @@ def _load_key_ring(
8080
path: Path, *, active_kid_override: str | None, rotation_window_seconds: int = 0
8181
) -> tuple[OAuthKeyRing | None, str | None]:
8282
if not path.exists():
83-
return None, f'OAuth key ring file not found: {path}'
83+
return None, 'OAuth key ring file not found.'
8484
try:
8585
payload = json.loads(path.read_text(encoding='utf-8'))
86-
except (OSError, json.JSONDecodeError) as exc:
87-
return None, f'Failed to read OAuth key ring file {path}: {exc}'
86+
except (OSError, json.JSONDecodeError):
87+
return None, 'Failed to read OAuth key ring file.'
8888
if not isinstance(payload, dict):
8989
return None, 'OAuth key ring file must contain a JSON object.'
9090
raw_keys = payload.get('keys')
@@ -98,7 +98,7 @@ def _load_key_ring(
9898
if not isinstance(secret, str) or len(secret) < 16:
9999
return (
100100
None,
101-
f'OAuth key ring secret for kid {kid!r} must be a string >= 16 chars.',
101+
'OAuth key ring secrets must be strings with length >= 16 chars.',
102102
)
103103
keys[kid] = secret.encode('utf-8')
104104

@@ -109,7 +109,7 @@ def _load_key_ring(
109109
"OAuth key ring file requires string 'active_kid' or --oauth-active-kid.",
110110
)
111111
if active_kid not in keys:
112-
return None, f'OAuth active kid {active_kid!r} not found in key ring keys.'
112+
return None, 'OAuth active kid not found in key ring keys.'
113113

114114
return OAuthKeyRing(
115115
active_kid=active_kid,

0 commit comments

Comments
 (0)