Merge pull request #1990 from major/cleanup-dead-redactor

RSPEED-3297: remove dead rlsapi_v1 error redactor

Author: tisnik

src/app/endpoints/rlsapi_v1.py

@@ -5,7 +5,6 @@
 """
 
 import functools
-import re
 import time
 from datetime import UTC, datetime
 from typing import Annotated, Any, Optional, cast
@@ -84,9 +83,6 @@ class TemplateRenderError(Exception):
     OpenAIAPIStatusError,
 )
 
-_PRIVATE_ERROR_BLOCK_PATTERN = re.compile(r"\bPRIVATE\b[^\r\n,;)]*", re.IGNORECASE)
-_SECRET_KEY_PATTERN = re.compile(r"\bsk-[A-Za-z0-9][A-Za-z0-9_-]*")
-
 
 infer_responses: dict[int | str, dict[str, Any]] = {
     200: RlsapiV1InferResponse.openapi_response(),
@@ -103,23 +99,6 @@ class TemplateRenderError(Exception):
 }
 
 
-def _redact_sensitive_error_text(error_text: str) -> str:
-    """Redact sensitive substrings from backend error text before telemetry.
-
-    Backend exceptions can include provider request snippets or credentials in
-    their string representation.  Splunk events need enough context to explain
-    the failure, but they must not contain private prompt blocks or API keys.
-
-    Args:
-        error_text: Raw exception string returned by ``str(error)``.
-
-    Returns:
-        Error text with known sensitive substrings replaced by placeholders.
-    """
-    redacted_text = _PRIVATE_ERROR_BLOCK_PATTERN.sub("PRIVATE [REDACTED]", error_text)
-    return _SECRET_KEY_PATTERN.sub("sk-[REDACTED]", redacted_text)
-
-
 def _build_instructions(systeminfo: RlsapiV1SystemInfo) -> str:
     """Build LLM instructions by rendering the system prompt as a Jinja2 template.
 

tests/unit/app/endpoints/test_rlsapi_v1.py

@@ -28,7 +28,6 @@
     _call_llm,
     _compile_prompt_template,
     _get_default_model_id,
-    _redact_sensitive_error_text,
     _resolve_quota_subject,
     infer_endpoint,
 )
@@ -246,25 +245,6 @@ def test_build_instructions_no_customization(mocker: MockerFixture) -> None:
     assert result == constants.DEFAULT_SYSTEM_PROMPT
 
 
-@pytest.mark.parametrize(
-    ("error_text", "expected"),
-    [
-        (
-            "APIStatusError: PRIVATE prompt sk-backend-secret failed",
-            "APIStatusError: PRIVATE [REDACTED]",
-        ),
-        (
-            "provider rejected token sk-proj-secret_key with status 401",
-            "provider rejected token sk-[REDACTED] with status 401",
-        ),
-    ],
-    ids=["private_block", "secret_key"],
-)
-def test_redact_sensitive_error_text(error_text: str, expected: str) -> None:
-    """Test backend error text redaction removes prompt and key secrets."""
-    assert _redact_sensitive_error_text(error_text) == expected
-
-
 # --- Test Jinja2 template rendering ---