feat: added span redaction#2295
Open
poshinchen wants to merge 7 commits into
Open
Conversation
Adds a `gen_ai_unredacted_attributes=<list>` token to OTEL_SEMCONV_STABILITY_OPT_IN that lets operators allow-list which sensitive GenAI span attributes (user messages, model output, tool input/output, system instructions) are emitted unredacted; everything else collapses to "<Redacted>". Supports exact names and trailing-`*` glob prefixes. Behavior is off by default to preserve backward compatibility (issue strands-agents#1292).
…y events In `_add_event_messages`, assistant messages were redacted under the `gen_ai.input.messages` policy key, so an allowlist targeting `gen_ai.output.*` could not unredact assistant content emitted via the legacy per-message events. Route the lookup by message role and document the canonical-name convention used in `_redact`.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Tool results are fed back into the model as input, so their redaction should be governed by the gen_ai.input.messages policy key, matching how tool results are policied in start_tool_call_span. The emitted event attribute key (tool.result, gen_ai.output.messages) is unchanged. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…n cycle span Emit tool_result_message under gen_ai.input.messages (not gen_ai.output.messages) in end_event_loop_cycle_span so the emitted attribute name matches the redaction policy key, making allowlist behavior predictable for OTEL consumers. Also adds a co-located comment in _add_system_prompt_event and a regression test that locks in the attribute-key / policy-key alignment for tool result events. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…nd harden tests Rename the misleading local variable in end_event_loop_cycle_span from output_messages to tool_result_messages to reflect that tool results are fed back to the model as input under gen_ai.input.messages. Add the system-prompt sensitivity comment to the legacy else branch of _add_system_prompt_event for symmetry with the latest-conventions branch. Strengthen the negative assertion in test_tool_result_cycle_span_uses_input_messages_key to use a comprehension over all attribute keys, and add test_legacy_tool_result_redacts_under_input_messages_policy to cover the legacy gen_ai.choice path. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…ed token at the call site The parser was widened to return tuple[set[str], dict[str, str]] so that gen_ai_unredacted_attributes could be looked up as a key/value mapping. The only call site that uses the dict view is the redaction setup itself, and the bare-key enrichment of the flag set was unused dead weight that also made "gen_ai_unredacted_attributes" in opt_in_values surprisingly true even when no bare token was present. Restore the original set[str] return and find the unredacted token with a single next() over the existing set. Behavior of _redact and the public class API are unchanged; the 94-test telemetry suite still passes. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
poshinchen
requested a deployment
to
manual-approval
GitHub Actions
Waiting
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Related Issues
Documentation PR
Type of Change
Bug fix
New feature
Breaking change
Documentation update
Other (please describe):
Testing
How have you tested the change? Verify that the changes do not break functionality or introduce warnings in consuming repositories: agents-docs, agents-tools, agents-cli
hatch run prepareChecklist
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.