git.stella-ops.org/docs/notifications/security/redaction-catalog.md

Redaction Catalog

This document catalogs the redaction rules applied to notification payloads.

Overview

The redaction catalog ensures that sensitive information is not exposed in notifications.

Redaction Rules

Personal Identifiable Information (PII)

• Email addresses are partially redacted
• IP addresses are anonymized
• User names are replaced with user IDs

Credentials

• API keys are fully redacted
• Passwords are never included
• Tokens are truncated to first/last 4 characters

Internal Data

• Internal URLs are replaced with public equivalents
• Database IDs are not exposed
• Stack traces are summarized

Configuration

Redaction rules can be customized per tenant and notification channel.