Skip to content

fix: Added redactDatabaseUrl() utility that masks username/password before logging #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jiashengguo wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

fix: Added redactDatabaseUrl() utility that masks username/password before logging #24

jiashengguo wants to merge 1 commit into from
+44 −15

Conversation

@jiashengguo
Copy link
Member

@jiashengguo jiashengguo commented Jan 27, 2026
edited by coderabbitai bot
Loading

  • update @prisma/adapter-better-sqlite3 version to support node 25

Summary by CodeRabbit

  • Chores

    • Updated package version to 0.2.6.
    • Updated database adapter dependency.

  • Bug Fixes

    • Database credentials are now redacted in server logs for enhanced security.

✏️ Tip: You can customize this high-level summary in your review settings.

@jiashengguo jiashengguo requested review from Copilot and removed request for Copilot January 27, 2026 13:25
@coderabbitai
Copy link

coderabbitai bot commented Jan 27, 2026
edited
Loading

📝 Walkthrough

Walkthrough

The pull request bumps the package version to 0.2.6, updates the Prisma better-sqlite3 adapter dependency to ^7.3.0, and introduces a new redactDatabaseUrl() function to mask credentials in database URLs. PostgreSQL and MySQL connection logging now uses this function to prevent sensitive information from appearing in logs.

Changes

Cohort / File(s) Summary
Dependency & Version Updates
package.json		 Version bumped from 0.2.5 to 0.2.6; @prisma/adapter-better-sqlite3 dependency updated from ^6.2.1 to ^7.3.0
Security & Logging
src/server.ts		 New redactDatabaseUrl() utility function masks username and password in database URLs; PostgreSQL and MySQL connection logs updated to use redacted URLs instead of raw URLs

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A version bump, so small and neat,
A dependency update, crisp and sweet!
But hark! Credentials now hide with care,
Redacted logs—no secrets laid bare! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1
❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 66.67% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly describes the main change: adding a redactDatabaseUrl() utility to mask credentials before logging, which is the primary purpose of the PR.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@jiashengguo jiashengguo requested a review from Copilot January 27, 2026 13:26
Copilot AI reviewed Jan 27, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enhances security by adding a redactDatabaseUrl() utility function that masks usernames and passwords in database connection URLs before logging, and updates the @prisma/adapter-better-sqlite3 dependency to version 7.3.0 to support Node.js version 25.

Changes:

  • Added redactDatabaseUrl() utility function to mask credentials in database URLs
  • Applied redaction to PostgreSQL and MySQL connection logging
  • Updated @prisma/adapter-better-sqlite3 from ^6.2.1 to ^7.3.0 (includes better-sqlite3 12.6.2 with Node 25 support)
  • Removed unused GeneratorConfig import
  • Bumped package version from 0.2.5 to 0.2.6

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.

File Description
src/server.ts Added redactDatabaseUrl() function and applied it to PostgreSQL and MySQL connection logging; removed unused import
package.json Updated @prisma/adapter-better-sqlite3 to ^7.3.0 and bumped package version to 0.2.6
pnpm-lock.yaml Updated lock file with new dependency versions including better-sqlite3 12.6.2 with Node 25 support
Files not reviewed (1)
  • pnpm-lock.yaml: Language not supported

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

src/server.ts
return path.join(prismaSchemaDir, filePath)
}

function redactDatabaseUrl(url: string): string {
Copy link

Copilot AI Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The redactDatabaseUrl function is missing a JSDoc comment. All other helper functions in this file (e.g., resolvePrismaSchemaDir on line 19, resolveSQLitePath on line 37, createAdapter on line 65) have JSDoc documentation. Please add a JSDoc comment describing the function's purpose, parameter, and return value to maintain consistency with the established pattern in this file.

Copilot uses AI. Check for mistakes.
coderabbitai[bot]
coderabbitai bot reviewed Jan 27, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Fix all issues with AI agents 
In `@src/server.ts`:
- Around line 49-63: The redactDatabaseUrl function currently returns the raw
input on URL parse failure and only masks parsedUrl.username/password, which can
leak credentials and query-params; update redactDatabaseUrl to (1) when parsing
succeeds, also scrub sensitive query parameters (case-insensitive keys like
password, pass, user, username, token, secret) by replacing their values with
'***' in parsedUrl.searchParams before returning parsedUrl.toString(), and (2)
on parse failure, perform a conservative string-based redaction: mask basic-auth
patterns (user:pass@) and mask sensitive query-like key=value pairs anywhere in
the string using a regex that matches the same keys (replace values with '***')
instead of returning the original url. Ensure you reference and update the
existing function redactDatabaseUrl and the parsedUrl variable handling.

src/server.ts
Comment on lines +49 to +63
function redactDatabaseUrl(url: string): string {
try {
const parsedUrl = new URL(url)
if (parsedUrl.password) {
parsedUrl.password = '***'
}
if (parsedUrl.username) {
parsedUrl.username = '***'
}
return parsedUrl.toString()
} catch {
// If URL parsing fails, return the original (might be a file path for SQLite)
return url
}
}
Copy link

@coderabbitai coderabbitai bot Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Avoid leaking credentials on parse failure (and in query params).

If new URL(url) throws, the current fallback returns the raw string, which can leak secrets. Also, credentials in query params (e.g., ?password=) are not masked. Consider a conservative fallback redaction.

🔒 Suggested fix 
 function redactDatabaseUrl(url: string): string {
   try {
     const parsedUrl = new URL(url)
     if (parsedUrl.password) {
       parsedUrl.password = '***'
     }
     if (parsedUrl.username) {
       parsedUrl.username = '***'
     }
+    for (const key of ['password', 'passwd', 'pwd', 'user', 'username']) {
+      if (parsedUrl.searchParams.has(key)) {
+        parsedUrl.searchParams.set(key, '***')
+      }
+    }
     return parsedUrl.toString()
   } catch {
-    // If URL parsing fails, return the original (might be a file path for SQLite)
-    return url
+    // If URL parsing fails, redact userinfo/query credentials conservatively
+    return url
+      .replace(/\/\/([^:@\/?#]+):([^@\/?#]*)@/g, '//***:***@')
+      .replace(/\/\/([^:@\/?#]+)@/g, '//***@')
+      .replace(/([?&](?:password|passwd|pwd|user|username)=)[^&]*/gi, '$1***')
   }
 }
🤖 Prompt for AI Agents 
In `@src/server.ts` around lines 49 - 63, The redactDatabaseUrl function currently
returns the raw input on URL parse failure and only masks
parsedUrl.username/password, which can leak credentials and query-params; update
redactDatabaseUrl to (1) when parsing succeeds, also scrub sensitive query
parameters (case-insensitive keys like password, pass, user, username, token,
secret) by replacing their values with '***' in parsedUrl.searchParams before
returning parsedUrl.toString(), and (2) on parse failure, perform a conservative
string-based redaction: mask basic-auth patterns (user:pass@) and mask sensitive
query-like key=value pairs anywhere in the string using a regex that matches the
same keys (replace values with '***') instead of returning the original url.
Ensure you reference and update the existing function redactDatabaseUrl and the
parsedUrl variable handling.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jiashengguo