RomanNum3ral
/
gstack
mirror of https://github.com/garrytan/gstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
gstack/browse
History
Arun Kumar Thiagarajan 75e6ca2989 fix(security): redact sensitive values in storage command output 
The browse `storage` command dumps all localStorage and sessionStorage
as JSON. This can expose tokens, API keys, JWTs, and session credentials
in QA reports and agent transcripts.

Fix: redact values where the key matches sensitive patterns (token,
secret, key, password, auth, jwt, csrf) or the value starts with known
credential prefixes (eyJ for JWT, sk- for Stripe, ghp_ for GitHub, etc.).

Redacted values show length to aid debugging: [REDACTED — 128 chars]
 		2026-03-20 12:00:29 +05:30
..
bin feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226) 2026-03-19 18:20:50 -07:00
src fix(security): redact sensitive values in storage command output 2026-03-20 12:00:29 +05:30
test feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226) 2026-03-19 18:20:50 -07:00
SKILL.md feat: opt-in usage telemetry + community intelligence platform (v0.8.6) (#210) 2026-03-19 17:21:05 -07:00
SKILL.md.tmpl feat: browse handoff — headless-to-headed browser switching (v0.7.4) (#201) 2026-03-19 00:38:58 -05:00