ling/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-28 06:51:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add config toggle to disable secret redaction

Browse Source 
New config option:

  security:
    redact_secrets: false  # default: true

When set to false, API keys, tokens, and passwords are shown in
full in read_file, search_files, and terminal output. Useful for
debugging auth issues where you need to verify the actual key value.

Bridged to both CLI and gateway via HERMES_REDACT_SECRETS env var.
The check is in redact_sensitive_text() itself, so all call sites
(terminal, file tools, log formatter) respect it.
This commit is contained in:
teknium1
2026-03-09 01:04:33 -07:00
parent 7af33accf1
commit 57b48a81ca
4 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cli.py
View File

@@ -364,6 +364,13 @@ def load_cli_config() -> Dict[str, Any]:
if model:
os.environ[model_env] = model
# Security settings
security_config = defaults.get("security", {})
if isinstance(security_config, dict):
redact = security_config.get("redact_secrets")
if redact is not None:
os.environ["HERMES_REDACT_SECRETS"] = str(redact).lower()
return defaults
# Load configuration at module startup