Skip to content

fix: omit request body from PINECONE_DEBUG_CURL output (CodeQL)#688

Open
jhamon wants to merge 1 commit into
mainfrom
security/redact-curl-debug-body
Open

fix: omit request body from PINECONE_DEBUG_CURL output (CodeQL)#688
jhamon wants to merge 1 commit into
mainfrom
security/redact-curl-debug-body

Conversation

@jhamon

@jhamon jhamon commented Jul 11, 2026

Copy link
Copy Markdown
Collaborator

Summary

Resolves CodeQL py/clear-text-logging-sensitive-data alert #83 at pinecone/_internal/http_client.py:118.

Problem

_log_curl logs a curl-equivalent command for debugging (only when PINECONE_DEBUG_CURL is set). It included the raw request body via body.decode(), which CodeQL flags as cleartext logging of sensitive data. The body contains request payloads (vectors, query parameters, etc.).

Fix

Replace the raw body with '<N bytes>' in the curl output. This:

  • Removes the taint source, resolving the CodeQL alert.
  • Preserves the body length for debugging context.
  • Keeps full diagnostic value for the method, URL, and (already-redacted) headers.

The API key is already redacted by _redact_headers — this change covers the body.

Verification

No behavior change to production code paths — _log_curl only executes when PINECONE_DEBUG_CURL is set and logs at DEBUG level.

Part of PIN-16 / PIN-27 (security tail), child of PIN-6.

🤖 Generated with Claude Code


Note

Low Risk
Single-line change in debug-only logging with no production request/response behavior impact.

Overview
When PINECONE_DEBUG_CURL is set, _log_curl still emits a curl-style debug line (method, URL, redacted headers) but no longer decodes and logs the raw request body.

The -d fragment is now '<N bytes>' instead of the full UTF-8 payload, so vector/query JSON is not written to debug logs while payload size remains visible for troubleshooting.

This is scoped to the opt-in debug path only; normal HTTP behavior is unchanged.

Reviewed by Cursor Bugbot for commit fc3b656. Bugbot is set up for automated code reviews on this repo. Configure here.

Resolves CodeQL py/clear-text-logging-sensitive-data alert #83.
_log_curl logs a curl-equivalent for debugging, but including the raw
request body could expose vector data. Emit body size instead, which is
enough for debugging while removing the taint source.

Headers are already redacted via _redact_headers (Api-Key masked).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant