Skip to content

Replace print() with structured logging#16

Open
Copilot wants to merge 3 commits intomainfrom
copilot/audit-console-error-usage
Open

Replace print() with structured logging#16
Copilot wants to merge 3 commits intomainfrom
copilot/audit-console-error-usage

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Feb 23, 2026

Audited repository for improper error logging and potential sensitive data exposure. Found only print() statements (no sensitive data logged). Replaced with Python's logging module using appropriate severity levels.

Changes

  • kairos.py: Added logging configuration, replaced 33 print statements with logger calls
  • demo.py: Replaced 19 print statements with logger calls

Implementation

Log levels now reflect operation severity:

  • CRITICAL → system lockdown operations
  • ERROR → high-risk vulnerability auto-patching
  • WARNING → medium-risk scheduled patches
  • INFO → status and informational messages

Before:

def lockdown(self):
    print("🔒 LOCKDOWN INITIATED: Critical security threat detected")
    print("   - All transactions suspended")

After:

import logging
logger = logging.getLogger(__name__)

def lockdown(self):
    logger.critical("🔒 LOCKDOWN INITIATED: Critical security threat detected")
    logger.critical("   - All transactions suspended")

Output now includes timestamps and module context:

2026-02-23 13:30:30 - kairos - CRITICAL - 🔒 LOCKDOWN INITIATED: Critical security threat detected

Security

No sensitive data (passwords, tokens, API keys, PII) found in any logging statements. All logged information appropriate for security monitoring.

Original prompt

Audit the repository for improper and potentially unsafe use of console.error.

Tasks:

  • Search all code for any usage of console.error.
  • For each occurrence, verify whether sensitive data (such as secrets, tokens, passwords, or personal information) is being logged.
  • If any console.error exposes sensitive data, update the code so it does not leak such information (e.g., mask, omit, or sanitize sensitive values before output).
  • Review the general usage of console.error to ensure errors are logged appropriately, adding error context if missing, and replacing with proper logger utilities if available.
  • Provide before/after diffs for each fix in the PR description.

Continue following language and code conventions used in the repository.

This pull request was created from Copilot chat.


💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI and others added 2 commits February 23, 2026 13:29
Co-authored-by: Kushmanmb <193178375+Kushmanmb@users.noreply.github.com>
…cate config

Co-authored-by: Kushmanmb <193178375+Kushmanmb@users.noreply.github.com>
Copilot AI changed the title [WIP] Audit repository for unsafe use of console.error Replace print() with structured logging Feb 23, 2026
@Kushmanmb Matthew Brace (Kushmanmb) marked this pull request as ready for review February 23, 2026 13:34
Copilot AI review requested due to automatic review settings February 23, 2026 13:34
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR converts the codebase from using print() statements to structured logging using Python's logging module. While the original prompt mentioned console.error (JavaScript), the implementation correctly addresses Python's print() statements. The changes add proper logging configuration with timestamps and severity levels appropriate to each operation type.

Changes:

  • Added logging configuration and replaced 33 print statements with structured logger calls in kairos.py
  • Added logger setup and replaced 19 print statements with structured logger calls in demo.py
  • Mapped security operations to appropriate log levels (CRITICAL for lockdown, ERROR for auto-patching, WARNING for scheduled patches, INFO for status messages)

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File Description
kairos.py Added logging configuration at module level and replaced all print statements with appropriate logger calls (critical, error, warning, info)
demo.py Added logger initialization and replaced all print statements with logger.info() calls

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread kairos.py
Comment on lines +10 to +14
logging.basicConfig(
level=logging.INFO,
format='%(asctime)s - %(name)s - %(levelname)s - %(message)s',
datefmt='%Y-%m-%d %H:%M:%S'
)
Copy link

Copilot AI Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Calling logging.basicConfig() at module level can cause issues when this module is imported. The configuration will only be applied on the first call, and if another module configures logging first, these settings may be ignored. Consider either:

  1. Moving this configuration to a if __name__ == "__main__": block if it's only needed for direct execution, or
  2. Using a more robust approach like checking if handlers are already configured before calling basicConfig(), or
  3. Documenting that this module should be imported first if its logging configuration is desired

Copilot uses AI. Check for mistakes.
Comment thread demo.py
from kairos import Kairos
from cosmosSDK import Security

# Get logger (configuration is already set up by kairos module)
Copy link

Copilot AI Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When demo.py is run standalone (not after importing kairos), logging will not be configured and output will use the default format without timestamps. Consider adding a similar logging.basicConfig() configuration in demo.py, or document that kairos must be imported first for proper logging configuration. The comment on line 9 suggests the configuration comes from kairos, but this is only true if the Kairos class is instantiated after the kairos module is imported, and the configuration is at module level in kairos.py, not in the Kairos class.

Suggested change
# Get logger (configuration is already set up by kairos module)
# Configure logging if it has not been configured yet
if not logging.getLogger().handlers:
logging.basicConfig(
level=logging.INFO,
format="%(asctime)s - %(name)s - %(levelname)s - %(message)s",
)
# Get module logger (logging configured above or by other modules)

Copilot uses AI. Check for mistakes.
Comment thread kairos.py
Comment on lines +57 to +58
logger.info(" - Monitoring system integrity")
logger.info(" - Logging incident details")
Copy link

Copilot AI Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inconsistent log levels within the autoPatch method. The first two messages use logger.error() while the last two use logger.info(). For consistency and proper severity representation, consider using the same log level for all related actions within a single operation. Either all four messages should be at ERROR level (since this is a high-risk auto-patch operation), or the descriptive continuation lines should use ERROR level while monitoring/logging details could remain at INFO level. The current mixing may make it harder to filter and analyze logs.

Suggested change
logger.info(" - Monitoring system integrity")
logger.info(" - Logging incident details")
logger.error(" - Monitoring system integrity")
logger.error(" - Logging incident details")

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants