Censor sensitive numbers

src/tools/cleaner.js

@@ -44,6 +44,9 @@ const recurseCleanFuncs = (obj, path) => {
 // Recurse a nested object replace all instances of keys->vals in the bank.
 const recurseReplaceBank = (obj, bank = {}) => {
   const replacer = out => {
+    if (typeof out === 'number') {
+      out = String(out);
+    }
     if (typeof out !== 'string') {
       return out;
     }

src/tools/create-logger.js

@@ -108,6 +108,7 @@ const makeSensitiveBank = (event, data) => {
       // keeps short values from spamming censor strings in logs, < 6 chars is not a proper secret
       // see https://github.com/zapier/zapier-platform-core/issues/4#issuecomment-277855071
       if (val && String(val).length > 5) {
+        val = String(val);
         const censored = hashing.snipify(val);
         bank[val] = censored;
         bank[encodeURIComponent(val)] = censored;

test/logger.js

@@ -245,6 +245,41 @@ describe('logger', () => {
     });
   });
 
+  it('should replace sensitive data that is not a string', () => {
+    const bundle = {
+      authData: {
+        numerical_token: 314159265
+      }
+    };
+    const logger = createlogger({ bundle }, options);
+
+    const data = {
+      response_json: {
+        hello: 314159265
+      },
+      response_content: `{
+        "hello": 314159265
+      }`
+    };
+
+    return logger('test', data).then(response => {
+      response.status.should.eql(200);
+      response.content.json.should.eql({
+        token: options.token,
+        message: 'test',
+        data: {
+          response_json: {
+            hello: ':censored:9:9cb84e8ccc:'
+          },
+          response_content: `{
+        "hello": :censored:9:9cb84e8ccc:
+      }`,
+          log_type: 'console'
+        }
+      });
+    });
+  });
+
   it('should not replace safe log keys', () => {
     const bundle = {
       authData: {