Commit
feat(security): Enhance log redaction and update security review
Commit details
Commit notes
Logger improvements: - Add additional sensitive field redaction (iban, apiKey, apiSecret, secret) - Add hash field redaction (passwordHash, tokenHash) - Add nested path patterns for common sensitive data structures - Prevent accidental PII leakage in payout details
Update security review: - Mark CSRF timing attack as FIXED - Mark password reset token vulnerability as FIXED - Mark admin audit logging as FIXED - Document Mollie webhook IP validation as MITIGATED - Add implementation status section documenting all changes
Co-authored-by: armin.naimi <[email redacted]>
- Files changed
- 2
- Lines added
- +64
- Lines removed
- −13