From 90f208115333f01ca6a21b2751c671d9c6e9a04a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Burak=20Emre=20Kabakc=C4=B1?= Date: Sat, 28 Feb 2026 22:55:06 +0000 Subject: [PATCH] fix(gateway): stop logging WhatsApp credential payloads --- packages/gateway/src/whatsapp/connection/auth-state.ts | 10 ++++++---- .../gateway/src/whatsapp/connection/baileys-client.ts | 2 +- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/packages/gateway/src/whatsapp/connection/auth-state.ts b/packages/gateway/src/whatsapp/connection/auth-state.ts index 2fc4a81e9..f2bcb698e 100644 --- a/packages/gateway/src/whatsapp/connection/auth-state.ts +++ b/packages/gateway/src/whatsapp/connection/auth-state.ts @@ -192,11 +192,13 @@ export function createAuthState(initialState: AuthState | null): { } /** - * Log credentials update instruction for the user. + * Log credentials update without emitting credential material. */ -export function logCredentialsUpdateInstruction(serialized: string): void { +export function logCredentialsUpdateInstruction( + serializedLength: number +): void { logger.info( - "WhatsApp credentials updated. To persist, update your environment:" + { serializedLength }, + "WhatsApp credentials updated in memory; persist via secure secret storage (WHATSAPP_CREDENTIALS)." ); - logger.info(`WHATSAPP_CREDENTIALS=${serialized}`); } diff --git a/packages/gateway/src/whatsapp/connection/baileys-client.ts b/packages/gateway/src/whatsapp/connection/baileys-client.ts index eef5148f9..3d1b93dd9 100644 --- a/packages/gateway/src/whatsapp/connection/baileys-client.ts +++ b/packages/gateway/src/whatsapp/connection/baileys-client.ts @@ -177,7 +177,7 @@ export class BaileysClient extends EventEmitter { if (this.authState) { const serialized = await this.authState.saveCreds(); this.emit("credentialsUpdated", serialized); - logCredentialsUpdateInstruction(serialized); + logCredentialsUpdateInstruction(serialized.length); } });