Skip to content

[log] log(envutil): add debug logging to env var parse fallbacks #3825

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lpcox merged 2 commits into from
Apr 15, 2026
+11 −2
Merged

[log] log(envutil): add debug logging to env var parse fallbacks #3825

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
63760a7
log(envutil): add debug logging to env var parse fallbacks
github-actions[bot] Apr 15, 2026
9def5d0
fix: sanitize env values in debug logs and fix GetEnvDuration doc
lpcox Apr 15, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 11 additions & 2 deletions internal/envutil/envutil.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,13 @@ import (
"strconv"
"strings"
"time"

"github.com/github/gh-aw-mcpg/internal/logger"
"github.com/github/gh-aw-mcpg/internal/logger/sanitize"
)

var logEnvUtil = logger.New("envutil:envutil")

// GetEnvString returns the value of the environment variable specified by envKey.
// If the environment variable is not set or is empty, it returns the defaultValue.
func GetEnvString(envKey, defaultValue string) string {
Expand All @@ -25,18 +30,21 @@ func GetEnvInt(envKey string, defaultValue int) int {
if value, err := strconv.Atoi(envValue); err == nil && value > 0 {
return value
}
logEnvUtil.Printf("GetEnvInt: %s=%q is not a valid positive integer, using default=%d", envKey, sanitize.TruncateSecret(envValue), defaultValue)
}
Comment on lines 32 to 34
Copy link

Copilot AI Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These debug logs print the raw environment variable value (%q). Since Logger.Printf also forwards to the file logger, this can persist potentially sensitive values if a secret-like env var is accidentally parsed via GetEnvInt. Consider sanitizing/truncating the value before logging (e.g., using internal/logger/sanitize helpers).

This issue also appears in the following locations of the same file:

  • line 44
  • line 62

Copilot uses AI. Check for mistakes.
return defaultValue
}

// GetEnvDuration returns the time.Duration value of the environment variable specified by envKey.
// If the environment variable is not set, is empty, or cannot be parsed by time.ParseDuration,
// it returns the defaultValue. Accepts any string valid for time.ParseDuration (e.g. "2h", "30m", "90s").
// If the environment variable is not set, is empty, cannot be parsed by time.ParseDuration,
// or is not positive (> 0), it returns the defaultValue.
// Accepts any string valid for time.ParseDuration (e.g. "2h", "30m", "90s").
func GetEnvDuration(envKey string, defaultValue time.Duration) time.Duration {
if envValue := os.Getenv(envKey); envValue != "" {
if d, err := time.ParseDuration(envValue); err == nil && d > 0 {
return d
}
logEnvUtil.Printf("GetEnvDuration: %s=%q is not a valid positive duration, using default=%v", envKey, sanitize.TruncateSecret(envValue), defaultValue)
}
return defaultValue
}
Expand All @@ -54,6 +62,7 @@ func GetEnvBool(envKey string, defaultValue bool) bool {
case "0", "false", "no", "off":
return false
}
logEnvUtil.Printf("GetEnvBool: %s=%q is not a recognized boolean value, using default=%v", envKey, sanitize.TruncateSecret(envValue), defaultValue)
}
return defaultValue
}
Loading