fix: Added redactDatabaseUrl() utility that masks username/password with *** before logging (#24)#25
Conversation
…ith *** before logging (#24)
📝 WalkthroughWalkthroughVersion bump to 0.2.6 with upgraded Prisma SQLite adapter dependency. Added a credential masking helper function to sanitize database URLs in logging output for PostgreSQL and MySQL connections, removing GeneratorConfig import as part of refactoring. Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
This PR adds a security improvement by implementing credential redaction in database connection URLs before they are logged to the console. The changes also include a version bump and dependency updates.
Changes:
- Added
redactDatabaseUrl()utility function that masks username and password with***in database URLs before logging - Applied the redaction function to PostgreSQL and MySQL database connection logging
- Removed unused
GeneratorConfigimport from server.ts - Bumped package version from 0.2.5 to 0.2.6
- Updated
@prisma/adapter-better-sqlite3from v6.2.1 to v7.3.0 with transitive dependency updates
Reviewed changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| src/server.ts | Implemented redactDatabaseUrl() function and applied it to PostgreSQL and MySQL connection logging; removed unused import |
| package.json | Updated package version to 0.2.6 and bumped @prisma/adapter-better-sqlite3 to v7.3.0 |
| pnpm-lock.yaml | Updated lock file to reflect new dependency versions and transitive dependencies |
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Fix all issues with AI agents
In `@package.json`:
- Around line 27-29: The package versions for Prisma adapters are inconsistent:
`@prisma/adapter-better-sqlite3` and `@prisma/adapter-mariadb` are at ^7.3.0 while
`@prisma/adapter-pg` is at ^6.18.0; update the `@prisma/adapter-pg` dependency in
package.json to ^7.3.0 to align all three adapters
(`@prisma/adapter-better-sqlite3`, `@prisma/adapter-mariadb`, `@prisma/adapter-pg`),
then regenerate the lockfile (npm/yarn/pnpm install) to ensure a consistent
dependency tree.
| "@prisma/adapter-better-sqlite3": "^7.3.0", | ||
| "@prisma/adapter-mariadb": "^7.1.0", | ||
| "@prisma/adapter-pg": "^6.18.0", |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Check latest versions of Prisma adapters
echo "=== Latest versions on npm registry ==="
for adapter in "adapter-pg" "adapter-better-sqlite3" "adapter-mariadb"; do
echo "Checking `@prisma/`$adapter..."
curl -s "https://registry.npmjs.org/@prisma/$adapter" | jq -r '.["dist-tags"] | {latest, next}' 2>/dev/null || echo "Failed to fetch"
doneRepository: zenstackhq/proxy
Length of output: 329
🏁 Script executed:
#!/bin/bash
# Also check if there are any version constraint issues by looking at package.json and package-lock.json
echo "=== Checking package.json structure ==="
head -50 package.json
echo "..."
grep -A 5 "@prisma/adapter" package.jsonRepository: zenstackhq/proxy
Length of output: 1795
🏁 Script executed:
#!/bin/bash
# Check prisma version in package.json
echo "=== Prisma related dependencies ==="
grep -E '"@prisma|"prisma' package.jsonRepository: zenstackhq/proxy
Length of output: 221
🏁 Script executed:
#!/bin/bash
# Search for any comments or issues about adapter versions in the codebase
echo "=== Searching for adapter version related comments ==="
rg -i "adapter-pg|adapter-pg.*version|prisma.*version" --type-list | head -20
rg -i "adapter.*version|prisma.*compat" -A 2 -B 2 2>/dev/null | head -40Repository: zenstackhq/proxy
Length of output: 521
🏁 Script executed:
#!/bin/bash
# Check if adapter-pg v6 is intentionally constrained or just overlooked
echo "=== Checking how adapters are used in code ==="
fd -e ts -e js | xargs rg "adapter-pg|adapter-better-sqlite3|adapter-mariadb" 2>/dev/null | head -20Repository: zenstackhq/proxy
Length of output: 742
🏁 Script executed:
#!/bin/bash
# Check `@zenstackhq/server` which likely contains Prisma
grep -A 2 -B 2 "@zenstackhq/server" package.jsonRepository: zenstackhq/proxy
Length of output: 225
Update Prisma adapters to consistent versions.
The @prisma/adapter-pg is on ^6.18.0 while @prisma/adapter-better-sqlite3 and @prisma/adapter-mariadb are on ^7.x. Since all three adapters are actively used in the codebase and the latest available version for all of them is 7.3.0, they should be aligned to ^7.3.0 to avoid potential compatibility issues across the adapter layer.
🤖 Prompt for AI Agents
In `@package.json` around lines 27 - 29, The package versions for Prisma adapters
are inconsistent: `@prisma/adapter-better-sqlite3` and `@prisma/adapter-mariadb` are
at ^7.3.0 while `@prisma/adapter-pg` is at ^6.18.0; update the `@prisma/adapter-pg`
dependency in package.json to ^7.3.0 to align all three adapters
(`@prisma/adapter-better-sqlite3`, `@prisma/adapter-mariadb`, `@prisma/adapter-pg`),
then regenerate the lockfile (npm/yarn/pnpm install) to ensure a consistent
dependency tree.
Summary by CodeRabbit
Chores
Bug Fixes
✏️ Tip: You can customize this high-level summary in your review settings.