Skip to content

Commit bb3a84b

Browse files
fix(data-retention): close block-output redaction gaps on streaming + resume
1 parent 36f2a3d commit bb3a84b

2 files changed

Lines changed: 29 additions & 1 deletion

File tree

apps/sim/executor/execution/block-executor.ts

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -186,7 +186,11 @@ export class BlockExecutor {
186186
if (isStreamingExecution) {
187187
const streamingExec = output as StreamingExecution
188188

189-
if (ctx.onStream) {
189+
// Streaming forwards raw chunks to the client before output redaction can
190+
// run, which would leak PII. When block-output redaction is enabled we
191+
// buffer instead of streaming — the masked final output still reaches the
192+
// client through the block-complete callback below.
193+
if (ctx.onStream && !ctx.piiBlockOutputRedaction?.enabled) {
190194
await this.handleStreamingExecution(
191195
ctx,
192196
node,

apps/sim/lib/workflows/executor/execution-core.ts

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -675,6 +675,30 @@ export async function executeWorkflowCore(
675675
})
676676
}
677677

678+
if (piiRedaction.blockOutputs.enabled) {
679+
// Resume / run-from-block restore prior block outputs into state. If those
680+
// predate the blockOutputs stage being enabled, re-mask them so downstream
681+
// blocks can't read unredacted PII from restored snapshot state. Masking is
682+
// idempotent, so outputs already masked in the original run are unaffected.
683+
const blockOutputOpts = {
684+
entityTypes: piiRedaction.blockOutputs.entityTypes,
685+
language: piiRedaction.blockOutputs.language,
686+
onFailure: 'throw' as const,
687+
}
688+
if (snapshot.state?.blockStates) {
689+
snapshot.state.blockStates = await redactObjectStrings(
690+
snapshot.state.blockStates,
691+
blockOutputOpts
692+
)
693+
}
694+
if (runFromBlock?.sourceSnapshot?.blockStates) {
695+
runFromBlock.sourceSnapshot.blockStates = await redactObjectStrings(
696+
runFromBlock.sourceSnapshot.blockStates,
697+
blockOutputOpts
698+
)
699+
}
700+
}
701+
678702
const contextExtensions: ContextExtensions = {
679703
stream: !!onStream,
680704
selectedOutputs,

0 commit comments

Comments
 (0)