From 2f82b83aaffee4fd8c090dc63f2759fc551b8ac6 Mon Sep 17 00:00:00 2001 From: VenkateshPabbati Date: Wed, 9 Apr 2025 22:31:52 +0530 Subject: [PATCH] Potential fix for code scanning alert no. 21: Clear-text logging of sensitive information Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- lightrag/kg/tidb_impl.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lightrag/kg/tidb_impl.py b/lightrag/kg/tidb_impl.py index d2809f38..d4dd8cd4 100644 --- a/lightrag/kg/tidb_impl.py +++ b/lightrag/kg/tidb_impl.py @@ -25,7 +25,7 @@ from sqlalchemy import create_engine, text # type: ignore def sanitize_sensitive_info(data: dict) -> dict: sanitized_data = data.copy() - sensitive_fields = ['password', 'user', 'host', 'database'] + sensitive_fields = ['password', 'user', 'host', 'database', 'port', 'ssl_verify_cert', 'ssl_verify_identity'] for field in sensitive_fields: if field in sanitized_data: sanitized_data[field] = '***'