feat: un-redacted physical-device logs — wire IOSDeviceConsoleLogSource#15
Draft
DevSrSouza wants to merge 1 commit into
Draft
feat: un-redacted physical-device logs — wire IOSDeviceConsoleLogSource#15DevSrSouza wants to merge 1 commit into
DevSrSouza wants to merge 1 commit into
Conversation
Physical-device os_log showed every private argument as <private>: the only wired source was the passive LoggingSupport relay, and logd redacts before it sends. The un-redacting source -- IOSDeviceConsoleLogSource -- has existed since #11 but was "retained but unwired" for a future opt-in and was never connected to a session. Wire it by swapping the physical-device primary per target: - empty target -> passive whole-device LoggingSupport stream (real levels, no launch) - a bundle id -> launch the app under `devicectl --console` with OS_ACTIVITY_DT_MODE=enable, mirroring that app's os_log un-redacted plus print()/stdout (the Xcode-console experience). One source per mode, so no duplicate lines. The app picker now passes the bundle id (the console launches by bundle id) rather than the display name. Tradeoff: selecting an app (re)launches it and waits for the device to be unlocked -- by design, the only way to tap un-redacted app output without a debugger or a logging profile. Validated on a connected iPhone 12 (iOS 26.5): the devicectl console launch yields 0 <private> lines (vs. all-private passive), real content + the app's glyph/category Logger format the parser already handles. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Contributor
Author
|
Drafting for now. Investigation found this console-launch path has two inherent limits vs. the passive LoggingSupport stream:
The cleaner fix is app-side: enable Kermit's If revisited, repurpose this PR: keep the passive stream as the default for a targeted app, and put console-launch behind an explicit opt-in toggle — still useful for |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
On a physical iPhone, every
os_logwith a private argument showed as<private>. The only source wired for physical devices is the passive LoggingSupport relay (IOSDeviceOSLogSource), and the device'slogdredacts private data before it ever reaches the relay — same reason Console.app shows<private>for device logs.The un-redacting source already existed —
IOSDeviceConsoleLogSource— but commit #11 deliberately left it "retained but unwired … for a future opt-in". Git confirms it was never instantiated by any caller on any branch. So this isn't a regression; the opt-in was simply never built.Change
Swap the physical-device primary source based on the target:
IOSDeviceOSLogSource(passive)<private>IOSDeviceConsoleLogSourcedevicectl --consolewithOS_ACTIVITY_DT_MODE=enable→ un-redactedos_log+print()One source per mode → no duplicate lines (unlike an additive design, which would show each app line twice: redacted via passive + un-redacted via console). The app picker now passes the bundle id (the console launches by bundle id) instead of the display name.
Tradeoff: selecting an app (re)launches it and waits for the device to be unlocked — that's intrinsic; it's the only way to tap an app's un-redacted output without a debugger or a logging profile.
Validation
This console path had never actually run (dead code since #11), so I validated the exact
devicectlcommand on a connected iPhone 12 (iOS 26.5):<private>.<private>— real content (company IDs, paths) and the app's own🟢 (Category)Logger format thatIOSDeviceConsoleParseralready decodes (glyph → level,(Category)→ tag).🤖 Generated with Claude Code