Repo cleanup and updates

packages/logger/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@link-stack/logger",
-  "version": "3.2.0b3",
+  "version": "3.3.0-beta.1",
   "description": "Shared logging utility for Link Stack monorepo",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
@@ -23,8 +23,8 @@
     "pino-pretty": "^13.1.1"
   },
   "devDependencies": {
-    "@link-stack/eslint-config": "*",
-    "@link-stack/typescript-config": "*",
+    "@link-stack/eslint-config": "workspace:*",
+    "@link-stack/typescript-config": "workspace:*",
     "@types/node": "^24.7.0",
     "eslint": "^9.37.0",
     "tsup": "^8.5.0",
@@ -33,4 +33,4 @@
   "publishConfig": {
     "access": "public"
   }
-}
+}

packages/logger/src/config.ts

@@ -17,6 +17,7 @@ export const getPinoConfig = (): LoggerOptions => {
     timestamp: () => `,"timestamp":"${new Date(Date.now()).toISOString()}"`,
     redact: {
       paths: [
+        // Top-level sensitive fields
         'password',
         'token',
         'secret',
@@ -24,11 +25,35 @@ export const getPinoConfig = (): LoggerOptions => {
         'apiKey',
         'authorization',
         'cookie',
+        'HandshakeKey',
+        'receivedSecret',
+        'access_token',
+        'refresh_token',
+        'zammadCsrfToken',
+        'clientSecret',
+        // Nested sensitive fields (one level)
         '*.password',
         '*.token',
         '*.secret',
         '*.api_key',
         '*.apiKey',
+        '*.authorization',
+        '*.cookie',
+        '*.access_token',
+        '*.refresh_token',
+        '*.zammadCsrfToken',
+        '*.HandshakeKey',
+        '*.receivedSecret',
+        '*.clientSecret',
+        // Common nested patterns
+        'payload.HandshakeKey',
+        'headers.authorization',
+        'headers.cookie',
+        'headers.Authorization',
+        'headers.Cookie',
+        'credentials.password',
+        'credentials.secret',
+        'credentials.token',
       ],
       censor: '[REDACTED]',
     },