Skip to content

[Feature-17398][Task] Avoid leaking sensitive Dinky task logs#18397

Open
qiuyanjun888 wants to merge 2 commits into
apache:devfrom
qiuyanjun888:Feature-17398
Open

[Feature-17398][Task] Avoid leaking sensitive Dinky task logs#18397
qiuyanjun888 wants to merge 2 commits into
apache:devfrom
qiuyanjun888:Feature-17398

Conversation

@qiuyanjun888

Copy link
Copy Markdown
Contributor

Was this PR generated or assisted by AI?

YES. This pull request was assisted by Hermes Agent / OpenAI Codex for code changes, focused tests, documentation updates, and local verification. The scope and final submission were directed by the contributor.

Purpose of the pull request

Fix #17398.

Avoid leaking sensitive Dinky task information in task logs.

This pull request supersedes #18395, which was closed because the original description did not include the AI-assistance declaration required by the current pull request template.

Brief change log

  • Summarize Dinky task parameters instead of logging full task parameter JSON.
  • Summarize local variables by size and keys instead of logging values.
  • Avoid logging full Dinky API success response bodies; log status code and response length only.
  • Sanitize Dinky API error messages before logging or throwing task exceptions.
  • Avoid logging raw malformed Dinky API responses through JSON parse exceptions.
  • Extend SensitiveDataConverter coverage for common sensitive key/value formats.

Verify this pull request

This change added tests and can be verified as follows:

  • ./mvnw -pl dolphinscheduler-task-plugin/dolphinscheduler-task-api,dolphinscheduler-task-plugin/dolphinscheduler-task-dinky -am -DskipUT=false -DskipITs -DskipE2E -Dcheckstyle.skip -Dspotless.check.skip -Djacoco.skip=true -Dsurefire.failIfNoSpecifiedTests=false -Dtest=SensitiveDataConverterTest,DinkyLogSanitizerTest test
  • ./mvnw -pl dolphinscheduler-task-plugin/dolphinscheduler-task-api,dolphinscheduler-task-plugin/dolphinscheduler-task-dinky -am spotless:apply
  • git diff --check

Pull Request Notice

Pull Request Notice

@SbloodyS SbloodyS added the improvement make more easy to user or prompt friendly label Jul 10, 2026
@SbloodyS SbloodyS added this to the 3.5.0 milestone Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backend improvement make more easy to user or prompt friendly test

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Feature][API] Logs support blocking database passwords or sensitive configurations such as S3/OSS access-key and secert-key

2 participants