From 14e22ba218bd2867339cb071e56986a81653cc03 Mon Sep 17 00:00:00 2001
From: nab138 <nab@nabdev.me>
Date: Sun, 15 Feb 2026 12:11:51 -0500
Subject: [PATCH] Censor apple id email in logs

---
 Cargo.lock                          |  2 +-
 isideload/Cargo.toml                |  2 +-
 isideload/src/auth/apple_account.rs | 23 ++++++++++++++++++++++-
 3 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 5254b5d..d7c6318 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1831,7 +1831,7 @@ checksum = "a6cb138bb79a146c1bd460005623e142ef0181e3d0219cb493e02f7d08a35695"
 
 [[package]]
 name = "isideload"
-version = "0.2.4"
+version = "0.2.5"
 dependencies = [
  "aes 0.9.0-rc.4",
  "aes-gcm",
diff --git a/isideload/Cargo.toml b/isideload/Cargo.toml
index 027b32b..2325bc1 100644
--- a/isideload/Cargo.toml
+++ b/isideload/Cargo.toml
@@ -3,7 +3,7 @@ name = "isideload"
 description = "Sideload iOS/iPadOS applications"
 license = "MIT"
 authors = ["Nicholas Sharp <nab@nabdev.me>"]
-version = "0.2.4"
+version = "0.2.5"
 edition = "2024"
 repository = "https://github.com/nab138/isideload"
 documentation = "https://docs.rs/isideload"
diff --git a/isideload/src/auth/apple_account.rs b/isideload/src/auth/apple_account.rs
index 853d481..291ce04 100644
--- a/isideload/src/auth/apple_account.rs
+++ b/isideload/src/auth/apple_account.rs
@@ -95,7 +95,7 @@ impl AppleAccount {
         password: &str,
         two_factor_callback: impl Fn() -> Option<String>,
     ) -> Result<(), Report> {
-        info!("Logging in to Apple ID: {}", self.email);
+        info!("Logging in to Apple ID: {}", censor_email(&self.email));
         if self.debug {
             warn!("Debug mode enabled: this is a security risk!");
         }
@@ -681,3 +681,24 @@ pub struct AppToken {
     pub duration: u64,
     pub expiry: u64,
 }
+
+fn censor_email(email: &str) -> String {
+    if std::env::var("DEBUG_SENSITIVE").is_ok() {
+        return email.to_string();
+    }
+    if let Some(at_pos) = email.find('@') {
+        let (local, domain) = email.split_at(at_pos);
+        if local.len() <= 2 {
+            format!("{}***{}", &local[0..1], &domain)
+        } else {
+            format!(
+                "{}***{}{}",
+                &local[0..1],
+                &local[local.len() - 1..],
+                &domain
+            )
+        }
+    } else {
+        "***".to_string()
+    }
+}