(sedona) branch master updated: [GH-2152] fix: prevent information disclosure through exception messages in STAC client (#2153)

Thu, 24 Jul 2025 17:36:58 -0700 

This is an automated email from the ASF dual-hosted git repository.

jiayu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sedona.git


The following commit(s) were added to refs/heads/master by this push:
     new d0a63ebd72 [GH-2152] fix: prevent information disclosure through 
exception messages in STAC client (#2153)
d0a63ebd72 is described below

commit d0a63ebd72323220f3afdb732270edfd287f9c4f
Author: Feng Zhang <[email protected]>
AuthorDate: Thu Jul 24 17:36:00 2025 -0700

    [GH-2152] fix: prevent information disclosure through exception messages in 
STAC client (#2153)
---
 python/sedona/spark/stac/collection_client.py | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/python/sedona/spark/stac/collection_client.py 
b/python/sedona/spark/stac/collection_client.py
index bc020cfdf8..f4f168f1a6 100644
--- a/python/sedona/spark/stac/collection_client.py
+++ b/python/sedona/spark/stac/collection_client.py
@@ -257,9 +257,9 @@ class CollectionClient:
             # Return an iterator of the items
             return iter(items)
         except Exception as e:
-            # Log the error and raise a RuntimeError
-            logging.error(f"Error getting items: {e}")
-            raise RuntimeError("Failed to get items") from e
+            # Log error type without exposing sensitive details
+            logging.error(f"Error getting items: {type(e).__name__}")
+            raise RuntimeError("Failed to get items") from None
 
     def get_dataframe(
         self,
@@ -303,8 +303,8 @@ class CollectionClient:
 
             return df
         except Exception as e:
-            logging.error(f"Error getting filtered dataframe: {e}")
-            raise RuntimeError("Failed to get filtered dataframe") from e
+            logging.error(f"Error getting filtered dataframe: 
{type(e).__name__}")
+            raise RuntimeError("Failed to get filtered dataframe") from None
 
     def save_to_geoparquet(
         self,
@@ -344,8 +344,8 @@ class CollectionClient:
             df_geoparquet.write.format("geoparquet").save(output_path)
             logging.info(f"DataFrame successfully saved to {output_path}")
         except Exception as e:
-            logging.error(f"Error saving DataFrame to GeoParquet: {e}")
-            raise RuntimeError("Failed to save DataFrame to GeoParquet") from e
+            logging.error(f"Error saving DataFrame to GeoParquet: 
{type(e).__name__}")
+            raise RuntimeError("Failed to save DataFrame to GeoParquet") from 
None
 
     @staticmethod
     def _convert_assets_schema(df: DataFrame) -> DataFrame:

Reply via email to