Skip to content

Potential fix for code scanning alert no. 5: Clear-text logging of sensitive information#10

Merged
johnteee merged 1 commit into
mainfrom
alert-autofix-11
May 14, 2026
Merged

Potential fix for code scanning alert no. 5: Clear-text logging of sensitive information#10
johnteee merged 1 commit into
mainfrom
alert-autofix-11

Conversation

@johnteee

Copy link
Copy Markdown
Member

Potential fix for https://github.com/TeaEntityLab/teaAgent/security/code-scanning/5

To fix this safely without changing functionality, avoid printing dynamic error text from sensitive OAuth key-ring handling directly. Instead, print a fixed, non-sensitive user-facing message at the call site and (optionally) keep the detailed text only for internal handling. In this snippet, the best minimal change is in mcp_serve_command around lines 26–28: replace print(error, file=sys.stderr) with a constant message such as "Invalid OAuth key ring configuration.".

This preserves control flow and exit behavior (return 1) while ensuring no potentially sensitive content is emitted to logs/stderr, even if _load_key_ring is later modified to include sensitive context.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

…nsitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@johnteee johnteee marked this pull request as ready for review May 14, 2026 10:50
@johnteee johnteee merged commit d68c352 into main May 14, 2026
10 of 15 checks passed
@johnteee johnteee deleted the alert-autofix-11 branch May 14, 2026 10:51
johnteee added a commit that referenced this pull request May 29, 2026
…gate.

Load peer_relay_urls and local_relay_base_url from .teaagent/config.json,
add WAN deployment guide and config template, and record Dependabot #10
resolution steps with full pre-commit verification notes.

Constraint: Dependabot dismiss requires GitHub UI or authenticated gh API.
Tested: TEAAGENT_PRECOMMIT_FULL=1 pre-commit (all hooks passed); uv run pytest -q (2641 passed).
Confidence: high
Co-authored-by: Cursor <cursoragent@cursor.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant