Commit c8e125b
committed
fix(security): stop logging the package link (it contains the UPN key)
The package link ends with ?upn=<UPN_KEY>, where UPN is the AES key the
worker uses to encrypt that user's data. Logging the link puts the
decryption key in CloudWatch for the duration of the log group's
retention window (30 days), which contradicts the README's stated
security model ('encryption key must always remain on the client side,
must never be stored on the server side').
Drop the link from the print; package_id alone is enough to correlate
log lines.1 parent f0d0e2f commit c8e125b
1 file changed
Lines changed: 4 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
919 | 919 | | |
920 | 920 | | |
921 | 921 | | |
922 | | - | |
| 922 | + | |
| 923 | + | |
| 924 | + | |
| 925 | + | |
923 | 926 | | |
924 | 927 | | |
925 | 928 | | |
| |||
0 commit comments