summaryrefslogtreecommitdiffhomepage
path: root/tasks.md
diff options
context:
space:
mode:
authorAdam Malczewski <[email protected]>2026-06-05 17:23:13 +0900
committerAdam Malczewski <[email protected]>2026-06-05 17:23:13 +0900
commit5ae88d4e98b3b585526ab0534be8e4c12f1ac071 (patch)
tree86d6b83ac02f978979dc76fefa2308234e17d06a /tasks.md
parent64a66d5e41c5ab54a1d0a7712866be722b742d4b (diff)
downloaddispatch-5ae88d4e98b3b585526ab0534be8e4c12f1ac071.tar.gz
dispatch-5ae88d4e98b3b585526ab0534be8e4c12f1ac071.zip
fix(observability): record-mode redaction leaked capitalized Authorization header — case-insensitive mask (+3 regression tests)
A live capture exposed that provider record mode saved the request Authorization header with the API key in CLEARTEXT: onExchange redaction matched lowercase 'authorization', but streamChat sends 'Authorization' (capital A) and recordFetch captures headers verbatim, so the real header slipped through. The provider.request SPAN redaction was unaffected (it masks from config.apiKey directly — journal + trace-DB showed zero leaks); the leak was record-mode-only and caught PRE-COMMIT (fixture was /tmp-only, scrubbed). Fix: redact auth case-insensitively across all captured header keys (strip Bearer, maskSecret the token, re-prepend, preserve key casing). New tests: reproduce the exact capital-Authorization leak (would have caught it), a lowercase case, and a guard that no authorization header of ANY casing survives carrying a raw sk- token. 334 tests (331 -> +3), typecheck + biome 0/0. This is the live-capture step (D5) earning its keep — real data exposed what the synthetic redaction test assumed away.
Diffstat (limited to 'tasks.md')
-rw-r--r--tasks.md14
1 files changed, 10 insertions, 4 deletions
diff --git a/tasks.md b/tasks.md
index e645eca..55ea9ff 100644
--- a/tasks.md
+++ b/tasks.md
@@ -255,10 +255,16 @@ independent of the SQLite trace-store; the lib is redaction-free (caller self-re
44→48 tests → **331 vitest**, typecheck + biome 0/0. CR: none.
prompts/provider-trace-replay.md, reports/provider-trace-replay.md.
- [x] **Build wiring** (orchestrator): root tsconfig ref ✓; provider dep `@dispatch/trace-replay` ✓; `bun install` ✓.
-- [ ] **Live capture** (orchestrator): boot with `DISPATCH_RECORD_FIXTURE` + real key →
- capture a real flash exchange → secret-free check → re-summon provider to swap the
- synthetic text-turn fixture for the real one + update expected text (validates our SSE
- assumptions against reality — D5).
+- [~] **Live capture** (orchestrator): FOUND A BUG (the whole point of D5). The real
+ capture leaked the live API key — record-mode self-redaction MISSED the `Authorization`
+ header (capital A + `Bearer ` prefix; redaction matched lowercase `authorization`).
+ Committed span/journal path is SAFE (journal + trace-DB = ZERO_LEAKS); only the
+ record-mode fixture path leaked, caught PRE-COMMIT (fixture was /tmp-only, scrubbed).
+- [ ] **Record-mode redaction fix** (provider owner): case-insensitive auth-header mask +
+ a test using the REAL `Authorization: Bearer …` representation (must fail before, pass
+ after). prompts/provider-trace-replay-fix.md.
+- [ ] **Re-capture + swap** (orchestrator): after the fix, re-run live capture → secret
+ check → re-summon to commit the clean real fixture + update assertions.
Summons: prompts/phase-a-{kernel-logging,journal-sink}.md;
reports/phase-a-{kernel-logging,journal-sink}.md.