[Refactor] Logging module SENSITIVE_KEYS includes email — valid audit data is over-redacted

[RUKAYAT-CODER]

Overview

src/lib/logging/index.ts defines SENSITIVE_KEYS with email in the list, causing redactObject() to replace all email fields with [REDACTED] in every log entry. This over-redacts audit-trail logs where the email is the actor identifier and is needed for security investigations, while not applying redaction in error reports containing form state where redaction is truly needed.

Specifications

Features:

• email is not globally redacted from all log entries
• Email addresses in form submission data and error reports are redacted contextually
• Audit log entries retain the actor email where authorized

Tasks:

• Remove email from the global SENSITIVE_KEYS list in src/lib/logging/index.ts
• Add email redaction specifically in the error-report handler
• Add email redaction in any handler that processes user-submitted form data
• Update tests that assert [REDACTED] for email to reflect the new targeted behavior

Impacted Files:

• src/lib/logging/index.ts
• src/app/api/errors/report/route.ts

Acceptance Criteria

• Audit log entries for user actions retain the actor email or ID
• Error report logs have email fields replaced with [REDACTED]
• SENSITIVE_KEYS does not include email at the global level

[chinweobtagaz]

@chinweobtagaz has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

hi can i resolve this ????

ℹ️ Repo Maintainers: To accept this application, review their application or assign @chinweobtagaz to this issue.

[AlphaMaleBaDI]

@AlphaMaleBaDI has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

I will implement targeted email redaction boundaries within the logging and error reporting systems to eliminate global audit trail over-redaction.

To deliver a pristine, high-complexity refactoring layer matching all stated acceptance criteria, I plan to:

• Remove email from the global SENSITIVE_KEYS configuration array inside src/lib/logging/index.ts to natively preserve actor visibility across authorized security and audit trail logs.
• Introduce context-specific redaction middleware directly into the error reporting submission stream under src/app/app/api/errors/report/route.ts to scrub form-state email data cleanly before log writing operations.
• Update structural utility sanitization checks across all handlers processing inbound user-submitted form data payloads to safely replace contextual email field strings with standard [REDACTED] tokens.
• Adapt the existing logging unit test cases to reflect the targeted redaction bounds, asserting that authorized audit entries retain actor identities perfectly while error report blocks evaluate to clean, redacted footprints.

Since my local workspace is completely calibrated for TypeScript backend environments and Next.js api architectures, I can jump straight into the logging module refactor and deliver a highly polished PR immediately. Ready to lock it in!

ℹ️ Repo Maintainers: To accept this application, review their application or assign @AlphaMaleBaDI to this issue.

[AbuJulaybeeb]

@AbuJulaybeeb has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi Maintainer, haven reviewed the description of the issue, and well experienced with Js Library,
I would like to hop on the issue and sure to deliver at ETA 2hrs

ℹ️ Repo Maintainers: To accept this application, review their application or assign @AbuJulaybeeb to this issue.

[Bojest001]

@Bojest001 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi maintainer I will to work on this issue

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Bojest001 to this issue.

[drips-wave]

Congratulations, @AbuJulaybeeb! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 30, 2026.

🧑‍💻 @AbuJulaybeeb: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊

[drips-wave]

Congratulations, @AbuJulaybeeb! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 30, 2026.

🧑‍💻 @AbuJulaybeeb: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊