laipeng/reflex
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Redact sensitive env vars instead of hiding them

Browse Source
This commit is contained in:
Masen Furer 2024-12-09 17:07:40 -08:00
parent e04dff8154
commit ed0ae46c37
No known key found for this signature in database
GPG Key ID: B0008AD22B3B3A95
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
reflex/config.py
View File

@ -572,7 +572,7 @@ environment = EnvironmentVariables()
# These vars are not logged because they may contain sensitive information. # These vars are not logged because they may contain sensitive information.
_sensitive_env_vars = {"DB_URL", "ASYNC_DB_URL"} _sensitive_env_vars = {"DB_URL", "ASYNC_DB_URL", "REDIS_URL"}
class Config(Base): class Config(Base):
@ -758,18 +758,20 @@ class Config(Base):
# If the env var is set, override the config value. # If the env var is set, override the config value.
if env_var is not None: if env_var is not None:
if key.upper() not in _sensitive_env_vars:
console.info(
f"Overriding config value {key} with env var {key.upper()}={env_var}",
dedupe=True,
)
# Interpret the value. # Interpret the value.
value = interpret_env_var_value(env_var, field.outer_type_, field.name) value = interpret_env_var_value(env_var, field.outer_type_, field.name)
# Set the value. # Set the value.
updated_values[key] = value updated_values[key] = value
if key.upper() in _sensitive_env_vars:
env_var = "***"
console.info(
f"Overriding config value {key} with env var {key.upper()}={env_var}",
dedupe=True,
)
return updated_values return updated_values
def get_event_namespace(self) -> str: def get_event_namespace(self) -> str: