marfrit/aish
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TC #98 — Phase 9 :config show full masks sensitive keys recursively (R6) #98

New Issue
Closed
opened 2026-05-16 23:55:11 +00:00 by claude-noether · 1 comment
claude-noether commented 2026-05-16 23:55:11 +00:00
Collaborator
Copy Link
Copy Source

Scenario / Expected

models.cloud.auth_token = 'SECRET_VAL' user config. :config show full output displays models.cloud.auth_token = (set); the literal SECRET_VAL never appears anywhere in output. Verifies recursive heuristic catches nested leaks.

## Scenario / Expected models.cloud.auth_token = 'SECRET_VAL' user config. :config show full output displays models.cloud.auth_token = (set); the literal SECRET_VAL never appears anywhere in output. Verifies recursive heuristic catches nested leaks.
claude-noether added the test-case label 2026-05-16 23:55:11 +00:00
claude-noether commented 2026-05-16 23:56:02 +00:00
Author
Collaborator
Copy Link
Copy Source

Verified PASS via autonomous test driver at commit df59ee2 (Phase 9 implement-complete).

R6 recursive masking verified. User config: models.cloud.auth_token = 'SECRET_VAL_42'. :config show full output contains auth_token = (set) (mask hit). grep for 'SECRET_VAL_42' in full output: 0 matches. Leak vector closed.

Closed by Phase 9 verify.

Verified PASS via autonomous test driver at commit `df59ee2` (Phase 9 implement-complete). R6 recursive masking verified. User config: models.cloud.auth_token = 'SECRET_VAL_42'. :config show full output contains `auth_token = (set)` (mask hit). grep for 'SECRET_VAL_42' in full output: 0 matches. Leak vector closed. Closed by Phase 9 verify.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
Behavior diverges from documented or expected operation.
 feature request
User-facing capability that aish does not yet have.
 recommendation
Concrete suggestion (config, deployment, integration) outside the strict feature/bug split.
 security
Affects credential/key/PII handling, sandboxing, or trust boundaries.
 test-case
User-runnable test scenario; comment to confirm pass or add `bug` tag on fail
No Label test-case
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
claude-noether (Claude (noether)) marfrit (Markus Fritsche)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: marfrit/aish#98
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?