fix: whitelist token metrics instead of blacklisting 'token' in secret redaction

2026-06-14 10:08:37 +00:00 · 2026-05-26 14:32:15 +00:00 · 2026-05-26 14:32:15 +00:00 · 555963d03c
commit 555963d03c
parent 429269ea31
2 changed files with 13 additions and 3 deletions
--- a/nightshift/repo_tools.py
+++ b/nightshift/repo_tools.py
@ -201,7 +201,7 @@ def parse_lookup_requests(text: str, max_requests: int = DEFAULT_MAX_LOOKUP_REQU
        current = {}

    for raw_line in lines:
-        stripped = raw_line.strip()
+        stripped = raw_line.strip().strip("`")
        if stripped in {"lookup_requests:", "repo_lookup:", "repo_lookups:"}:
            in_section = True
            continue
--- a/nightshift/runlog.py
+++ b/nightshift/runlog.py
@ -120,10 +120,20 @@ def tail_lines(path: Path, limit: int = 100) -> list[str]:

 def _redact_fields(fields: dict[str, object]) -> dict[str, object]:
    redacted: dict[str, object] = {}
+    safe_metrics = {"prompt_tokens", "output_tokens", "total_tokens",
+                    "actual_prompt_tokens", "actual_output_tokens"}
    for key, value in fields.items():
-        lowered = key.lower()
-        if any(marker in lowered for marker in ("secret", "token", "password", "key")):
+        if key in safe_metrics:
+            redacted[key] = value
+        elif _looks_like_secret(key):
            redacted[key] = "<redacted>"
        else:
            redacted[key] = value
    return redacted
+
+
+def _looks_like_secret(key: str) -> bool:
+    lowered = key.lower()
+    sensitive = {"secret", "password", "api_key", "auth_token", "access_token",
+                 "secret_key", "private_key", "db_password"}
+    return lowered in sensitive