aline-ai 0.2.3__py3-none-any.whl → 0.2.5__py3-none-any.whl

realign/redactor.py

@@ -142,17 +142,55 @@ def redact_content(content: str, secrets: List[SecretMatch]) -> str:
     for line_num, line_secrets in secrets_by_line.items():
         secret_types = [s.type for s in line_secrets]
         # Keep the JSON structure but redact the sensitive value
-        # This is a simple approach - we mark the line as redacted
         original_line = lines[line_num]
-        # Try to preserve JSON structure by finding quotes and redacting content
-        if '"' in original_line:
-            # Simple redaction: find the value part and replace it
-            lines[line_num] = original_line.replace(
-                original_line[original_line.find(':'):] if ':' in original_line else original_line,
-                f': "[REDACTED: {", ".join(set(secret_types))}]"'
-            )
-        else:
-            lines[line_num] = f"[REDACTED LINE - {', '.join(set(secret_types))}]"
+
+        # Try to parse as JSON and redact only values
+        import json
+        import re
+
+        try:
+            # Try to parse the line as JSON
+            json_obj = json.loads(original_line)
+
+            # Redact all string values that might contain secrets
+            def redact_json_values(obj):
+                """Recursively redact values in JSON object."""
+                if isinstance(obj, dict):
+                    return {k: redact_json_values(v) for k, v in obj.items()}
+                elif isinstance(obj, list):
+                    return [redact_json_values(item) for item in obj]
+                elif isinstance(obj, str):
+                    # Check if this value might be sensitive (heuristic: not too short)
+                    # This is a simple approach - we redact string values on lines with secrets
+                    return f"[REDACTED: {', '.join(set(secret_types))}]"
+                else:
+                    return obj
+
+            redacted_obj = redact_json_values(json_obj)
+            lines[line_num] = json.dumps(redacted_obj, ensure_ascii=False)
+
+        except (json.JSONDecodeError, Exception):
+            # If JSON parsing fails, fall back to simple replacement
+            # Try to preserve structure by using regex to find and replace values
+            if ':' in original_line:
+                # Find the value part after the colon, preserving the closing braces/brackets
+                # Match pattern: : "value" or : value, capture trailing punctuation
+                pattern = r':\s*"[^"]*"(\s*[,}\]])'
+                if re.search(pattern, original_line):
+                    lines[line_num] = re.sub(
+                        pattern,
+                        rf': "[REDACTED: {", ".join(set(secret_types))}]"\1',
+                        original_line
+                    )
+                else:
+                    # Fallback: replace from colon onwards but keep trailing punctuation
+                    match = re.search(r'(.*?:\s*)(.+?)(\s*[}\]]*\s*)$', original_line)
+                    if match:
+                        lines[line_num] = f'{match.group(1)}"[REDACTED: {", ".join(set(secret_types))}]"{match.group(3)}'
+                    else:
+                        lines[line_num] = f'{original_line}: "[REDACTED: {", ".join(set(secret_types))}]"'
+            else:
+                lines[line_num] = f"[REDACTED LINE - {', '.join(set(secret_types))}]"
 
     redacted_content = '\n'.join(lines)
     redacted_size = len(redacted_content)