Skip to content

fix(github): remove raw webhook payload logging#500

Open
privatenumber wants to merge 1 commit into
mainfrom
fix/github-webhook-safe-logging
Open

fix(github): remove raw webhook payload logging#500
privatenumber wants to merge 1 commit into
mainfrom
fix/github-webhook-safe-logging

Conversation

@privatenumber
Copy link
Copy Markdown

@privatenumber privatenumber commented May 14, 2026

  • Remove raw GitHub webhook body previews from adapter debug/error logs
  • Prevents webhook payload content from being copied into application logs when debug logging is enabled
  • No webhook routing or response behavior change; only log fields change

Context

The GitHub adapter logged a preview of incoming webhook request bodies while handling webhooks.

Raw webhook payloads can contain repository metadata, user-authored issue or pull request text, URLs, installation details, and other provider-controlled content. Even at debug level, SDK logging should avoid copying raw provider payloads into application logs by default.

Problem

Debug logging should provide useful operational context without changing the privacy boundary of webhook data.

The previous log emitted a raw body preview before signature verification. That meant an application with debug logging enabled could record payload content from both valid GitHub webhook events and invalid requests that were later rejected.

This is unnecessary for normal webhook troubleshooting. Derived request metadata is enough to understand routing and parsing failures without retaining payload text.

Changes

The GitHub adapter no longer logs raw webhook bodies or body previews.

Webhook logs now use bounded request-shape metadata:

  • bodyBytes
  • contentType
  • eventType
  • signaturePresent
  • jsonParseStatus for invalid JSON

The change preserves signature verification, ping handling, JSON parsing, and event routing behavior.

Regression tests cover invalid signature, invalid JSON, and valid webhook paths with token-shaped and customer-slug sentinel strings in the payload. The tests assert those sentinels, the full raw body, the old raw-body log message, and bodyPreview do not appear in logger calls.

A patch changeset is included for @chat-adapter/github.

Verification

  • pnpm turbo build --filter @chat-adapter/github
  • pnpm --filter @chat-adapter/github test
  • pnpm --filter @chat-adapter/github typecheck
  • pnpm check
  • git diff --check

@vercel
Copy link
Copy Markdown
Contributor

vercel Bot commented May 14, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
chat Ready Ready Preview, Comment, Open in v0 May 14, 2026 8:27am
chat-sdk-nextjs-chat Ready Ready Preview, Comment, Open in v0 May 14, 2026 8:27am

@privatenumber privatenumber marked this pull request as ready for review May 14, 2026 08:28
@privatenumber privatenumber requested a review from a team as a code owner May 14, 2026 08:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@privatenumber