Skip to content

fix(redact): add code_file param to skip false-positive ENV/JSON patterns#16127

Closed
ms-alan wants to merge 1 commit into
NousResearch:mainfrom
ms-alan:fix/ISSUE-15934-redact-code-file
Closed

fix(redact): add code_file param to skip false-positive ENV/JSON patterns#16127
ms-alan wants to merge 1 commit into
NousResearch:mainfrom
ms-alan:fix/ISSUE-15934-redact-code-file

Conversation

@ms-alan

@ms-alan ms-alan commented Apr 26, 2026

Copy link
Copy Markdown
Contributor

Closes #15934

ENV-assignment and JSON-field regex patterns in redact_sensitive_text() cause false positives when reading source code files:

  • MAX_TOKENS=*** triggers the ENV assignment pattern
  • "apiKey": "test" in test fixtures triggers the JSON field pattern

Add code_file=False parameter. When code_file=True, skip only the ENV-assignment and JSON-field regex passes; all other patterns (prefixes, auth headers, private keys, DB connstrings, JWTs, URL secrets) are still applied.

Update file_tools.py (read_file and search_files) to pass code_file=True so agent code analysis is not polluted by false-positive redactions.

fix(redact): add code_file param to skip false-positive ENV/JSON patt…
bec45f7 
…erns

ENV-assignment and JSON-field regex patterns in redact_sensitive_text()
cause false positives when reading source code files:
- MAX_TOKENS=*** triggers the ENV assignment pattern
- "apiKey": "test" in test fixtures triggers the JSON field pattern

Add code_file=False parameter. When code_file=True, skip only the
ENV-assignment and JSON-field regex passes; all other patterns (prefixes,
auth headers, private keys, DB connstrings, JWTs, URL secrets) are
still applied.

Update file_tools.py (read_file and search_files) to pass code_file=True
so agent code analysis is not polluted by false-positive redactions.

Closes NousResearch#15934
@jjjojoj jjjojoj mentioned this pull request Apr 26, 2026
Closed
@alt-glitch alt-glitch added type/bug Something isn't working comp/agent Core agent loop, run_agent.py, prompt builder tool/file File tools (read, write, patch, search) P2 Medium — degraded but workaround exists labels Apr 26, 2026
@alt-glitch

alt-glitch commented Apr 26, 2026

Copy link
Copy Markdown
Collaborator

Likely duplicate of #15923 — same fix adding code_file flag to redact_sensitive_text() to skip ENV/JSON false positives on source code files. Both fix #15934.

@teknium1 teknium1 mentioned this pull request May 4, 2026
Merged
@teknium1

teknium1 commented May 4, 2026

Copy link
Copy Markdown
Contributor

Salvaged via #19715 onto current main. Main has since added a force=False kwarg to the same function; merged the signatures so both force and code_file are accepted. Original commit's author email was empty (local git config) so it was re-attributed to your GitHub public email during salvage. Thanks @ms-alan!

@teknium1 teknium1 closed this May 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

comp/agent Core agent loop, run_agent.py, prompt builder P2 Medium — degraded but workaround exists tool/file File tools (read, write, patch, search) type/bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

bug(redact): ENV/JSON regex patterns cause false positives on source code files

3 participants

@ms-alan @alt-glitch @teknium1