Skip to content

Redact ice server credentials in logs #1408

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
biglittlebigben merged 7 commits into from
Feb 11, 2026
Merged

Redact ice server credentials in logs #1408

biglittlebigben merged 7 commits into from
Feb 11, 2026

Conversation

@biglittlebigben
Copy link
Contributor

@biglittlebigben biglittlebigben commented Feb 10, 2026
edited
Loading

@changeset-bot
Copy link

changeset-bot bot commented Feb 10, 2026
edited
Loading

🦋 Changeset detected

Latest commit: e092f0d

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

💥 An error occurred when fetching the changed packages and changesets in this PR 
Some errors occurred when validating the changesets config:
The package or glob expression "github.com/livekit/protocol" specified in the `fixed` option does not match any package in the project. You may have misspelled the package name or provided an invalid glob expression. Note that glob expressions must be defined according to https://www.npmjs.com/package/micromatch.

boks1971
boks1971 approved these changes Feb 11, 2026
View reviewed changes
protobufs/livekit_rtc.proto
repeated string urls = 1;
string username = 2;
string credential = 3;
string username = 2 [
Copy link
Contributor

@boks1971 boks1971 Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might be okay to not do this for "username"?

Copy link
Contributor Author

@biglittlebigben biglittlebigben Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We started redacting user and participant names in other places, particularly SIP and io. I think usernames should generally be redacted.

paulwe
paulwe approved these changes Feb 11, 2026
View reviewed changes
protobufs/livekit_rtc.proto Outdated
string credential = 3;
string username = 2 [
(logger.redact) = true,
(logger.redact_format) = "<redacted ({{ .Size }} bytes)>"
Copy link
Contributor

@paulwe paulwe Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we only care about size for metadata columns...

Copy link
Contributor Author

@biglittlebigben biglittlebigben Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed redact_format entries (we do have them in other places where we redact username/pwd though)

biglittlebigben and others added 5 commits February 10, 2026 19:57
@biglittlebigben
No size for redacted username/pwd
172fe88
@biglittlebigben
Merge remote-tracking branch 'origin/benjamin/redact_ice_credentials_…
4d6eeb5 
…logs' into benjamin/redact_ice_credentials_logs
@biglittlebigben
typo
42a803a
@github-actions
generated protobuf
26d90c1
@biglittlebigben
changes
e092f0d 
Redact ice server credentials from logs to enhance security.
@biglittlebigben biglittlebigben merged commit 3688e15 into main Feb 11, 2026
7 of 8 checks passed
@biglittlebigben biglittlebigben deleted the benjamin/redact_ice_credentials_logs branch February 11, 2026 04:23
@github-actions github-actions bot mentioned this pull request Feb 10, 2026
Open
shreyasj-livekit pushed a commit that referenced this pull request Feb 11, 2026
@biglittlebigben @github-actions @shreyasj-livekit
Redact ice server credentials in logs (#1408)
a03310c 
---------

Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
@github-actions github-actions bot mentioned this pull request Feb 11, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@paulwe paulwe paulwe approved these changes

@boks1971 boks1971 boks1971 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@biglittlebigben @paulwe @boks1971