Class: ErrorRedactor

Inherits:

Object

Object
ErrorRedactor

show all

Defined in:: lib/generators/maquina/solid_errors/templates/app/agents/error_redactor.rb

Overview

Redacts sensitive values out of error context and job arguments before they leave the query layer for an AI agent (or any log). Job arguments and request context routinely carry passwords, tokens, and PII; this is the one place that stops them from reaching the agent.

Tune SENSITIVE_KEY_PATTERN for your app. Keys that match are masked; everything else passes through untouched. Nested hashes and arrays are walked recursively.

Constant Summary collapse

SENSITIVE_KEY_PATTERN =

/pass(word)?|secret|token|api[_-]?key|auth|credential|ssn|card|cvv|email/i

MASK =

"[REDACTED]"

Class Method Summary collapse

.redact(value) ⇒ Object

Instance Method Summary collapse

#redact(value) ⇒ Object

Class Method Details

.redact(value) ⇒ `Object`



12
13
14

# File 'lib/generators/maquina/solid_errors/templates/app/agents/error_redactor.rb', line 12

def self.redact(value)
  new.redact(value)
end

Instance Method Details

#redact(value) ⇒ `Object`

# File 'lib/generators/maquina/solid_errors/templates/app/agents/error_redactor.rb', line 16

def redact(value)
  case value
  when Hash
    value.each_with_object({}) do |(key, val), acc|
      acc[key] = sensitive?(key) ? MASK : redact(val)
    end
  when Array
    value.map { |item| redact(item) }
  else
    value
  end
end