From 4b1853da5c28d5c162d17118cf60256ab8b1ce18 Mon Sep 17 00:00:00 2001
From: Utkarsh patrikar <137105846+utkarsh232005@users.noreply.github.com>
Date: Mon, 8 Jun 2026 19:16:26 +0530
Subject: [PATCH] Potential fix for code scanning alert no. 2: Clear-text
 logging of sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/scripts/tests/test-inactivity-bot.cjs | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/.github/scripts/tests/test-inactivity-bot.cjs b/.github/scripts/tests/test-inactivity-bot.cjs
index a190d58..3442d46 100644
--- a/.github/scripts/tests/test-inactivity-bot.cjs
+++ b/.github/scripts/tests/test-inactivity-bot.cjs
@@ -1071,13 +1071,18 @@ async function runScenario(scenario, index) {
   const capturedLogs = [];
   const originalConsoleLog = console.log;
   const originalConsoleError = console.error;
+  const redactSensitiveText = (text) => text
+    .replace(/((?:password|passwd|token|api[_-]?key|secret)\s*[:=]\s*)([^,\s}]+)/gi, '$1[REDACTED]')
+    .replace(/("(?:password|passwd|token|api[_-]?key|secret)"\s*:\s*")([^"]+)(")/gi, '$1[REDACTED]$3');
+  const sanitizeArgsForOutput = (args) =>
+    args.map(a => redactSensitiveText(String(a))).join(' ');
   console.log = (...args) => {
     capturedLogs.push(args.map(a => String(a)).join(' '));
-    originalConsoleLog(...args);
+    originalConsoleLog(sanitizeArgsForOutput(args));
   };
   console.error = (...args) => {
     capturedLogs.push(args.map(a => String(a)).join(' '));
-    originalConsoleError(...args);
+    originalConsoleError(sanitizeArgsForOutput(args));
   };
 
   try {