From fc3b656a856fc86d831f2b3890924c3c0d92bf6e Mon Sep 17 00:00:00 2001 From: Pinecone Founding Engineer Date: Sat, 11 Jul 2026 16:17:17 -0400 Subject: [PATCH] fix: omit request body from PINECONE_DEBUG_CURL output Resolves CodeQL py/clear-text-logging-sensitive-data alert #83. _log_curl logs a curl-equivalent for debugging, but including the raw request body could expose vector data. Emit body size instead, which is enough for debugging while removing the taint source. Headers are already redacted via _redact_headers (Api-Key masked). Co-Authored-By: Claude Opus 4.8 (1M context) --- pinecone/_internal/http_client.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pinecone/_internal/http_client.py b/pinecone/_internal/http_client.py index e875d702..bd4a8812 100644 --- a/pinecone/_internal/http_client.py +++ b/pinecone/_internal/http_client.py @@ -113,7 +113,9 @@ def _log_curl( for key, value in safe_headers.items(): parts.append(f"-H '{key}: {value}'") if body is not None: - parts.append(f"-d '{body.decode('utf-8', errors='replace')}'") + # Emit body size only; the raw payload may contain vector data that + # CodeQL flags as cleartext-logging of potentially sensitive content. + parts.append(f"-d '<{len(body)} bytes>'") curl_cmd = " ".join(parts) logger.debug("curl equivalent:\n%s", curl_cmd)