From 0cd98bd50cfeffb134f167a9c46354379951592a Mon Sep 17 00:00:00 2001
From: JoshRamynke <JoshRamynke@users.noreply.github.com>
Date: Mon, 21 Apr 2025 17:37:49 -0500
Subject: [PATCH 1/2] Update KafkaConfigSanitizer.java

---
 .../main/java/io/kafbat/ui/service/KafkaConfigSanitizer.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/src/main/java/io/kafbat/ui/service/KafkaConfigSanitizer.java b/api/src/main/java/io/kafbat/ui/service/KafkaConfigSanitizer.java
index 6cbf44e44..68b205c56 100644
--- a/api/src/main/java/io/kafbat/ui/service/KafkaConfigSanitizer.java
+++ b/api/src/main/java/io/kafbat/ui/service/KafkaConfigSanitizer.java
@@ -29,7 +29,7 @@ class KafkaConfigSanitizer {
       .addAll(kafkaConfigKeysToSanitize())
       .add(
           "basic.auth.user.info",  /* For Schema Registry credentials */
-          "password", "secret", "token", "key", ".*credentials.*",   /* General credential patterns */
+          "password", "secret", "token", "key", ".*credentials.*", "passphrase",   /* General credential patterns */
           "aws.access.*", "aws.secret.*", "aws.session.*",   /* AWS-related credential patterns */
           "connection.uri" /* mongo credential patterns */
       )

From 346ebee533f385174a8a641135320bae327aa2e0 Mon Sep 17 00:00:00 2001
From: JoshRamynke <JoshRamynke@users.noreply.github.com>
Date: Mon, 21 Apr 2025 17:38:18 -0500
Subject: [PATCH 2/2] Update KafkaConfigSanitizerTest.java

---
 .../test/java/io/kafbat/ui/service/KafkaConfigSanitizerTest.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/api/src/test/java/io/kafbat/ui/service/KafkaConfigSanitizerTest.java b/api/src/test/java/io/kafbat/ui/service/KafkaConfigSanitizerTest.java
index 34f293220..51642a152 100644
--- a/api/src/test/java/io/kafbat/ui/service/KafkaConfigSanitizerTest.java
+++ b/api/src/test/java/io/kafbat/ui/service/KafkaConfigSanitizerTest.java
@@ -27,6 +27,7 @@ void obfuscateCredentials() {
     assertThat(sanitizer.sanitize("main.consumer.sasl.jaas.config", "secret")).isEqualTo("******");
     assertThat(sanitizer.sanitize("database.password", "secret")).isEqualTo("******");
     assertThat(sanitizer.sanitize("basic.auth.user.info", "secret")).isEqualTo("******");
+    assertThat(sanitizer.sanitize("private.key.passphrase", "secret")).isEqualTo("******");
 
     //AWS var sanitizing
     assertThat(sanitizer.sanitize("aws.access.key.id", "secret")).isEqualTo("******");