feat: do not print user codes or network keys in logfile (#4383)

packages/zwave-js/src/lib/commandclass/CommandClass.ts

@@ -10,7 +10,6 @@ import {
 	NODE_ID_BROADCAST,
 	parseCCId,
 	serializeCacheValue,
-	stripUndefined,
 	ValueDB,
 	ValueID,
 	valueIdToString,
@@ -433,11 +432,6 @@ export class CommandClass {
 		return ret;
 	}
 
-	protected toJSONInherited(props: JSONObject): JSONObject {
-		const { payload, ...ret } = this.toJSONInternal();
-		return stripUndefined({ ...ret, ...props });
-	}
-
 	protected throwMissingCriticalInterviewResponse(): never {
 		throw new ZWaveError(
 			`The node did not respond to a critical interview query in time.`,

packages/zwave-js/src/lib/commandclass/DoorLockLoggingCC.ts

@@ -7,7 +7,7 @@ import {
 	ZWaveError,
 	ZWaveErrorCodes,
 } from "@zwave-js/core";
-import { buffer2hex, isPrintableASCII, num2hex } from "@zwave-js/shared";
+import { isPrintableASCII, num2hex } from "@zwave-js/shared";
 import type { Driver } from "../driver/Driver";
 import { MessagePriority } from "../message/Constants";
 import { PhysicalCCAPI } from "./API";
@@ -23,6 +23,7 @@ import {
 	gotDeserializationOptions,
 	implementedVersion,
 } from "./CommandClass";
+import { userCodeToLogString } from "./UserCodeCC";
 
 interface DateSegments {
 	year: number;
@@ -358,10 +359,9 @@ export class DoorLockLoggingCCRecordReport extends DoorLockLoggingCC {
 				message["user ID"] = this.record.userId;
 			}
 			if (this.record.userCode) {
-				message["user code"] =
-					typeof this.record.userCode === "string"
-						? this.record.userCode
-						: buffer2hex(this.record.userCode);
+				message["user code"] = userCodeToLogString(
+					this.record.userCode,
+				);
 			}
 		}
 		return {

packages/zwave-js/src/lib/commandclass/NodeNamingCC.ts

@@ -7,7 +7,6 @@ import {
 	ZWaveError,
 	ZWaveErrorCodes,
 } from "@zwave-js/core";
-import type { JSONObject } from "@zwave-js/shared";
 import type { Driver } from "../driver/Driver";
 import { MessagePriority } from "../message/Constants";
 import {
@@ -400,10 +399,6 @@ export class NodeNamingAndLocationCCLocationReport extends NodeNamingAndLocation
 			message: { location: this.location },
 		};
 	}
-
-	public toJSON(): JSONObject {
-		return super.toJSONInherited({ location: this.location });
-	}
 }
 
 @CCCommand(NodeNamingAndLocationCommand.LocationGet)

packages/zwave-js/src/lib/commandclass/NotificationCC.ts

@@ -21,7 +21,7 @@ import {
 	ZWaveError,
 	ZWaveErrorCodes,
 } from "@zwave-js/core";
-import { buffer2hex, JSONObject, num2hex, pick } from "@zwave-js/shared";
+import { buffer2hex, num2hex, pick } from "@zwave-js/shared";
 import { isArray } from "alcalzone-shared/typeguards";
 import type { Driver } from "../driver/Driver";
 import { MessagePriority } from "../message/Constants";
@@ -994,24 +994,6 @@ export class NotificationCCReport extends NotificationCC {
 		};
 	}
 
-	public toJSON(): JSONObject {
-		return super.toJSONInherited({
-			alarmType: this.alarmType,
-			notificationType:
-				this.notificationType != undefined
-					? this.driver.configManager.lookupNotification(
-							this.notificationType,
-					  )?.name
-					: this.notificationType,
-			notificationStatus: this.notificationStatus,
-			notificationEvent: this.notificationEvent,
-			alarmLevel: this.alarmLevel,
-			zensorNetSourceNodeId: this.zensorNetSourceNodeId,
-			eventParameters: this.eventParameters,
-			sequenceNumber: this.sequenceNumber,
-		});
-	}
-
 	private parseEventParameters(): void {
 		if (
 			this.notificationType == undefined ||

packages/zwave-js/src/lib/commandclass/Security2CC.ts

@@ -1542,7 +1542,8 @@ export class Security2CCNetworkKeyReport extends Security2CC {
 					SecurityClass,
 					this.grantedKey,
 				),
-				"network key": buffer2hex(this.networkKey),
+				// This shouldn't be logged, so users can safely post their logs online
+				// "network key": buffer2hex(this.networkKey),
 			},
 		};
 	}

packages/zwave-js/src/lib/commandclass/SecurityCC.ts

@@ -785,12 +785,13 @@ export class SecurityCCNetworkKeySet extends SecurityCC {
 		return super.serialize();
 	}
 
-	public toLogEntry(): MessageOrCCLogEntry {
-		return {
-			...super.toLogEntry(),
-			message: { "network key": buffer2hex(this.networkKey) },
-		};
-	}
+	// The network key shouldn't be logged, so users can safely post their logs online
+	// public toLogEntry(): MessageOrCCLogEntry {
+	// 	return {
+	// 		...super.toLogEntry(),
+	// 		message: { "network key": buffer2hex(this.networkKey) },
+	// 	};
+	// }
 }
 
 @CCCommand(SecurityCommand.CommandsSupportedReport)

packages/zwave-js/src/lib/commandclass/UserCodeCC.ts

@@ -13,11 +13,9 @@ import {
 	ZWaveErrorCodes,
 } from "@zwave-js/core";
 import {
-	buffer2hex,
 	getEnumMemberName,
 	isPrintableASCII,
 	isPrintableASCIIWithNewlines,
-	JSONObject,
 	num2hex,
 	pick,
 } from "@zwave-js/shared";
@@ -312,6 +310,12 @@ function persistUserCode(
 	return true;
 }
 
+/** Formats a user code in a way that's safe to print in public logs */
+export function userCodeToLogString(userCode: string | Buffer): string {
+	if (userCode === "") return "(empty)";
+	return "*".repeat(userCode.length);
+}
+
 @API(CommandClasses["User Code"])
 export class UserCodeCCAPI extends PhysicalCCAPI {
 	public supportsCommand(cmd: UserCodeCommand): Maybe<boolean> {
@@ -966,23 +970,10 @@ export class UserCodeCCSet extends UserCodeCC {
 			message: {
 				"user id": this.userId,
 				"id status": getEnumMemberName(UserIDStatus, this.userIdStatus),
-				"user code":
-					typeof this.userCode === "string"
-						? this.userCode
-						: buffer2hex(this.userCode),
+				"user code": userCodeToLogString(this.userCode),
 			},
 		};
 	}
-
-	public toJSON(): JSONObject {
-		return super.toJSONInherited({
-			userId: this.userId,
-			userCode:
-				typeof this.userCode === "string"
-					? this.userCode
-					: buffer2hex(this.userCode),
-		});
-	}
 }
 
 @CCCommand(UserCodeCommand.Report)
@@ -1056,10 +1047,7 @@ export class UserCodeCCReport
 			message: {
 				"user id": this.userId,
 				"id status": getEnumMemberName(UserIDStatus, this.userIdStatus),
-				"user code":
-					typeof this.userCode === "string"
-						? this.userCode
-						: buffer2hex(this.userCode),
+				"user code": userCodeToLogString(this.userCode),
 			},
 		};
 	}
@@ -1428,7 +1416,7 @@ export class UserCodeCCMasterCodeSet extends UserCodeCC {
 	public toLogEntry(): MessageOrCCLogEntry {
 		return {
 			...super.toLogEntry(),
-			message: { "master code": this.masterCode },
+			message: { "master code": userCodeToLogString(this.masterCode) },
 		};
 	}
 }
@@ -1461,7 +1449,7 @@ export class UserCodeCCMasterCodeReport extends UserCodeCC {
 	public toLogEntry(): MessageOrCCLogEntry {
 		return {
 			...super.toLogEntry(),
-			message: { "master code": this.masterCode },
+			message: { "master code": userCodeToLogString(this.masterCode) },
 		};
 	}
 }
@@ -1637,12 +1625,9 @@ export class UserCodeCCExtendedUserCodeSet extends UserCodeCC {
 	public toLogEntry(): MessageOrCCLogEntry {
 		const message: MessageRecord = {};
 		for (const { userId, userIdStatus, userCode } of this.userCodes) {
-			message[
-				`code #${userId}`
-			] = `${userCode} (status: ${getEnumMemberName(
-				UserIDStatus,
-				userIdStatus,
-			)})`;
+			message[`code #${userId}`] = `${userCodeToLogString(
+				userCode,
+			)} (status: ${getEnumMemberName(UserIDStatus, userIdStatus)})`;
 		}
 		return {
 			...super.toLogEntry(),
@@ -1691,12 +1676,9 @@ export class UserCodeCCExtendedUserCodeReport extends UserCodeCC {
 	public toLogEntry(): MessageOrCCLogEntry {
 		const message: MessageRecord = {};
 		for (const { userId, userIdStatus, userCode } of this.userCodes) {
-			message[
-				`code #${userId}`
-			] = `${userCode} (status: ${getEnumMemberName(
-				UserIDStatus,
-				userIdStatus,
-			)})`;
+			message[`code #${userId}`] = `${userCodeToLogString(
+				userCode,
+			)} (status: ${getEnumMemberName(UserIDStatus, userIdStatus)})`;
 		}
 		message["next user id"] = this.nextUserId;
 		return {