From 36aef0fdfaa49ce7e8ba5590797fb5ae16719184 Mon Sep 17 00:00:00 2001
From: Jonathan Langevin <codingsloth@pm.me>
Date: Thu, 12 Mar 2026 06:53:41 -0400
Subject: [PATCH] Potential fix for code scanning alert no. 84: Clear-text
 logging of sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 logger_decorator.go | 41 +++++++++++++++++++++++++++++++++++++----
 1 file changed, 37 insertions(+), 4 deletions(-)

diff --git a/logger_decorator.go b/logger_decorator.go
index 0ce98503..a79046c5 100644
--- a/logger_decorator.go
+++ b/logger_decorator.go
@@ -272,6 +272,35 @@ func (d *LevelModifierLoggerDecorator) Debug(msg string, args ...any) {
 	d.logWithLevel("debug", msg, args...)
 }
 
+// sanitizeLogArgs masks potentially sensitive values in structured log arguments.
+// It assumes key/value pairs (key at even index, value at odd index).
+func sanitizeLogArgs(args []any) []any {
+	if len(args) == 0 {
+		return args
+	}
+
+	// Work on a shallow copy to avoid surprising callers that reuse the slice.
+	sanitized := make([]any, len(args))
+	copy(sanitized, args)
+
+	for i := 0; i < len(sanitized); i += 2 {
+		key, ok := sanitized[i].(string)
+		if !ok {
+			continue
+		}
+
+		// Mask values for known potentially sensitive keys.
+		if key == "tenant" || key == "requestId" {
+			valueIndex := i + 1
+			if valueIndex < len(sanitized) {
+				sanitized[valueIndex] = "***"
+			}
+		}
+	}
+
+	return sanitized
+}
+
 // PrefixLoggerDecorator adds a prefix to all log messages.
 // This decorator automatically prepends a configured prefix to every log message.
 type PrefixLoggerDecorator struct {
@@ -300,17 +329,21 @@ func (d *PrefixLoggerDecorator) formatMessage(msg string) string {
 }
 
 func (d *PrefixLoggerDecorator) Info(msg string, args ...any) {
-	d.inner.Info(d.formatMessage(msg), args...)
+	safeArgs := sanitizeLogArgs(args)
+	d.inner.Info(d.formatMessage(msg), safeArgs...)
 }
 
 func (d *PrefixLoggerDecorator) Error(msg string, args ...any) {
-	d.inner.Error(d.formatMessage(msg), args...)
+	safeArgs := sanitizeLogArgs(args)
+	d.inner.Error(d.formatMessage(msg), safeArgs...)
 }
 
 func (d *PrefixLoggerDecorator) Warn(msg string, args ...any) {
-	d.inner.Warn(d.formatMessage(msg), args...)
+	safeArgs := sanitizeLogArgs(args)
+	d.inner.Warn(d.formatMessage(msg), safeArgs...)
 }
 
 func (d *PrefixLoggerDecorator) Debug(msg string, args ...any) {
-	d.inner.Debug(d.formatMessage(msg), args...)
+	safeArgs := sanitizeLogArgs(args)
+	d.inner.Debug(d.formatMessage(msg), safeArgs...)
 }