• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

tecnickcom / gogen / 28904081343 / 1
100%
main: 100%

Build:
DEFAULT BRANCH: main
Ran 07 Jul 2026 10:53PM UTC
Files 181
Run time 11s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst

07 Jul 2026 10:46PM UTC coverage: 99.986% (+0.01%) from 99.972%
28904081343.1

push

github

nicolaasuni
feat(redact): generic single-pass log redaction engine with new detection classes, configurable Redactor API, and convergence guarantees

Extend the redaction engine from HTTP-centric pattern matching to a generic, configurable, allocation-free scanner for logs, HTTP dumps, JSON, XML, and form data, with every change verified by 100% test coverage, fuzzing, and benchmarks.

- Add new detection classes: sensitive HTTP header names beyond Authorization (Cookie, Set-Cookie, X-Api-Key, X-Auth-Token, ...), URL userinfo passwords in bare DSNs (postgres://user:***@host, last-@ semantics), JWT/JWE compact tokens (eyJ...), vendor credential literals by prefix (GitHub, GitLab, Slack, Stripe, AWS, Google, OpenAI/Anthropic sk-, Hugging Face, SendGrid, DigitalOcean, Docker Hub, Shopify), PEM private-key blocks (multi-line, JSON-escaped, and mid-line forms; certificates stay visible), and XML element content including leading CDATA sections.
- Expand key-token coverage with closed-compound and environment names (apikey, passphrase, clientsecret, refreshtoken, sessionid, csrf, signature, pgpassword, connectionstring, ...) backed by a single token source with an allocation-free case-insensitive lookup.
- Extend credit-card detection to 13-19 digit PANs (UnionPay, extended Discover, 19-digit Visa), space/dash-grouped formats with windowed candidate matching, and a conservative two-tier Maestro policy (well-known IINs by default, short forms behind the Luhn gate), while excluding legacy prefixes from grouped matching to avoid phone-number false positives.
- Fix redaction gaps and structure damage: JSON object/array values under sensitive keys, truncated JSON containers, CRLF preservation on redacted lines, quoted URL values, XML attribute tails, and JSON key/value parsing hardened against malformed input.
- Guarantee convergent redaction: byte-stable in one pass on well-formed input, fixed point after at most one extra pass on adversarial input, enforced by a permanent... (continued)

14624 of 14626 relevant lines covered (99.99%)

1013.65 hits per line

Source Files on job 28904081343.1
  • Tree
  • List 181
  • Changed 3
  • Source Changed 2
  • Coverage Changed 3
Coverage ∆ File Lines Relevant Covered Missed Hits/Line
  • Back to Build 28904081343
  • f0e6429a on github
  • Prev Job for on main (#28888206532.1)
  • Next Job for on main (#28934407441.1)
  • Delete
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc