-
Notifications
You must be signed in to change notification settings - Fork 4.1k
Redaction on matched command outputs and/or multiline redaction #10027
Copy link
Copy link
Open
Labels
area:agentAgent workflows, conversations, prompts, cloud mode, and AI-specific UI.Agent workflows, conversations, prompts, cloud mode, and AI-specific UI.area:settings-keybindingsSettings UI, preferences, keybindings, and keyboard-shortcut management.Settings UI, preferences, keybindings, and keyboard-shortcut management.area:shell-terminalTerminal input/output, shell integration, prompt behavior, and block rendering.Terminal input/output, shell integration, prompt behavior, and block rendering.enhancementNew feature or request.New feature or request.ready-to-specThe issue is ready for a product and technical spec.The issue is ready for a product and technical spec.repro:highThe report includes enough evidence that the issue appears highly reproducible.The report includes enough evidence that the issue appears highly reproducible.triagedIssue has received an initial automated triage pass.Issue has received an initial automated triage pass.
Description
Metadata
Metadata
Assignees
Labels
area:agentAgent workflows, conversations, prompts, cloud mode, and AI-specific UI.Agent workflows, conversations, prompts, cloud mode, and AI-specific UI.area:settings-keybindingsSettings UI, preferences, keybindings, and keyboard-shortcut management.Settings UI, preferences, keybindings, and keyboard-shortcut management.area:shell-terminalTerminal input/output, shell integration, prompt behavior, and block rendering.Terminal input/output, shell integration, prompt behavior, and block rendering.enhancementNew feature or request.New feature or request.ready-to-specThe issue is ready for a product and technical spec.The issue is ready for a product and technical spec.repro:highThe report includes enough evidence that the issue appears highly reproducible.The report includes enough evidence that the issue appears highly reproducible.triagedIssue has received an initial automated triage pass.Issue has received an initial automated triage pass.
Pre-submit Checks
Describe the solution you'd like?
One of the biggest things holding be back from using this more right now in my SysOps/DevOps workflow is what is being transmitted to the agent which means I have to be very careful about commands I use during an agent session and their outputs, or limit my use.
Secret Redaction works great for single line API keys etc but there cases where I want to redact the entire output of a command like
envorkubectl get secret(s)?so I don't have to change terminals when performing commands that would create a sensitive output, so it would be helpful to have a secret redaction option that will match a command and redact the entire output of that command.This could also be achieved allowing multi-line redaction so I can write rules like .Kind: Secret. or something and have it redact the entire output.
Both would be useful, the command output redaction probably the most useful since I could add common patterns like
ssh/id_ed25519orid_rsaand other sensitive files or directories so they never accidentally leak to an agent, I would also maintain a list of commands for my team for which all outputs should be considered secret which would be super handy.Is your feature request related to a problem? Please describe.
No response
Additional context
No response
Operating system (OS)
Linux
How important is this feature to you?
4
Warp Internal (ignore) - linear-label:39cc6478-1249-4ee7-950b-c428edfeecd1
None