Skip to content

nsc-events-fullstack_32_173-remove-console-logging-frontend#177

Open
NahomAlemu wants to merge 1 commit intomainfrom
bug-173-remove-console-logging-frontend
Open

nsc-events-fullstack_32_173-remove-console-logging-frontend#177
NahomAlemu wants to merge 1 commit intomainfrom
bug-173-remove-console-logging-frontend

Conversation

@NahomAlemu
Copy link
Copy Markdown
Contributor

@NahomAlemu NahomAlemu commented Mar 7, 2026

Summary & Changes 📃

  • Resolves: Security: Remove console logging of sensitive information in frontend #173
  • Summary: Remove console logging statements from frontend codebase that could expose sensitive
    information
    • 🔨 Fixes security vulnerability where API URLs, tokens, JWT data, and user information were being
      logged to browser console
    • 👀 Console remains clean in production with no sensitive data exposure; error handling preserved
      through UI feedback (snackbar messages, state updates)
    • 🗨️ Removed 40+ console.log/console.error statements across 21 files; test mock files intentionally
      left unchanged
  • Changes:
    • ✅ Removed API URL logging from auth components (sign-in, sign-up, change-password)
    • ✅ Removed JWT token and user data logging from useAuth, userUtils
    • ✅ Removed event data debug logging from useEventForm, useEditForm hooks
    • ✅ Removed navigation/state debugging from event-detail page
    • ✅ Removed error console.error statements (replaced with silent handling or UI feedback)
    • 🛠️ No breaking changes - all error handling preserved via snackbar/state
    • 📝 Files modified: LoginWindow, CoverPhotoDialog, AttendDialog, ArchiveDialog, sign-in/page,
      signupApi, useEventForm, useEditForm, useAuth, userUtils, event-detail/page, profile/page, and 9 others

How to Test 🧪

  1. Steps to Reproduce:
    - Step 1: Run npm run build in nsc-events-nextjs - should compile successfully
    - Step 2: Run npm run lint - should pass with no errors
    - Step 3: Open browser DevTools console, navigate through the app (login, view events, attend events,
    edit events)
  2. Expected Behavior: Console should be clean with no API URLs, tokens, or sensitive data logged
  3. Actual Behavior (if bug): Previously, console showed API endpoints, JWT tokens, and debug data

Checklist ✅

  • I have tested this PR locally and it works as expected.
  • This PR resolves an issue (Resolves #173).
  • Reviewers, assignees(self), tags, and labels are correctly assigned.
  • Squash commits and enable auto-merge if approved.

@NahomAlemu NahomAlemu self-assigned this Mar 7, 2026
@NahomAlemu NahomAlemu added the security Vulnerability patches, encryption, or access control label Mar 7, 2026
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 7, 2026

✅ Full E2E Test Results

Running full test suite (critical files changed)

Status Count
✅ Passed 47
❌ Failed 0
📊 Total 47

View detailed report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmathew12 jmathew12 Awaiting requested review from jmathew12

@IsaacJrTypes IsaacJrTypes Awaiting requested review from IsaacJrTypes

@LiteWilliamNguyen LiteWilliamNguyen Awaiting requested review from LiteWilliamNguyen

@taylorpapke taylorpapke Awaiting requested review from taylorpapke

@katrina-l-hill katrina-l-hill Awaiting requested review from katrina-l-hill

@TVW96 TVW96 Awaiting requested review from TVW96

@beimnettes beimnettes Awaiting requested review from beimnettes

At least 2 approving reviews are required to merge this pull request.

Assignees

@NahomAlemu NahomAlemu

Labels

security Vulnerability patches, encryption, or access control

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Security: Remove console logging of sensitive information in frontend

1 participant

@NahomAlemu