fix: increase redactValue threshold from 8 to 20 chars

[devin-ai-integration]

Description

The redactValue function in the SDK logger was using a threshold of 8 characters to decide whether to show a truncated preview (first 4 + last 4 chars) or fully redact the value. This meant a 9-character sensitive string like an API key would display as 1234...6789, exposing nearly the entire value.

This change increases the threshold to 20 characters so that strings of 20 chars or fewer are fully replaced with [REDACTED], and only strings longer than 20 chars show the first4...last4 preview.

Test plan

• Added boundary tests in packages/common/base/src/logger/utils.test.ts verifying:
  • A 20-char sensitive value is fully redacted
  • A 21+ char sensitive value shows first4...last4
• Ran pnpm lint — no issues
• CI passing (lint + build & test)

Package updates

• @crossmint/common-sdk-base: patch — changeset added via .changeset/increase-redact-threshold.md

Link to Devin session: https://crossmint.devinenterprise.com/sessions/31b246f034b643978fdc43ee10048653
Requested by: @gabriel-moura-dev

[devin-ai-integration]

Original prompt from Gabriel

Create a PR for changing the value.lenght > 8 from 8 to 20 inside SDK

/**

• Truncates a string value for redacted output, showing first and last 4 chars.
• For short strings (<=8 chars), returns '[REDACTED]'.
  */
  function redactValue(value: unknown): string {
  if (typeof value === "string" && value.length > 8) {
  return ${value.slice(0, 4)}...${value.slice(-4)};
  }
  return "[REDACTED]";
  }

This doesn’t make sense, a 9 letter word will be 1234*6789, almost not redacted

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR that start with 'DevinAI' or '@devin'.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[changeset-bot]

🦋 Changeset detected

Latest commit: 464dd21

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 18 packages

Name	Type
@crossmint/common-sdk-base	Patch
@crossmint/client-sdk-auth	Patch
@crossmint/client-sdk-base	Patch
@crossmint/client-sdk-react-base	Patch
@crossmint/client-sdk-react-native-ui	Patch
@crossmint/client-sdk-react-ui	Patch
@crossmint/client-sdk-verifiable-credentials	Patch
@crossmint/client-sdk-smart-wallet	Patch
@crossmint/client-sdk-walletconnect	Patch
@crossmint/common-sdk-auth	Patch
@crossmint/server-sdk	Patch
@crossmint/wallets-sdk	Patch
@crossmint/client-sdk-nextjs-starter	Patch
@crossmint/wallets-playground-expo	Patch
@crossmint/auth-ssr-nextjs-demo	Patch
@crossmint/wallets-quickstart-devkit	Patch
@crossmint/wallets-playground-react	Patch
crossmint-auth-node	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[greptile-apps]

Prompt To Fix All With AI

Fix the following 1 code review issue. Work through them one at a time, proposing concise fixes.

---

### Issue 1 of 1
packages/common/base/src/logger/utils.ts:40-43
**Consider adding a boundary test for the new threshold**

There are no unit tests covering the `redactValue` threshold change. A test asserting that a 20-character string returns `[REDACTED]` and a 21-character string returns the `first4...last4` form would lock in the intended behavior and catch regressions at the boundary.

_{Reviews (1): Last reviewed commit: "chore: add changeset for redact threshol..." | Re-trigger Greptile}

[greptile-apps]

_{Reviews (2): Last reviewed commit: "test: add boundary tests for redactValue..." | Re-trigger Greptile}

[greptile-apps]

_{Reviews (3): Last reviewed commit: "test: remove redundant non-string test c..." | Re-trigger Greptile}

[greptile-apps]

_{Reviews (4): Last reviewed commit: "test: restore non-string sensitive value..." | Re-trigger Greptile}

[greptile-apps]

_{Reviews (5): Last reviewed commit: "test: add boundary tests for redactValue..." | Re-trigger Greptile}

[vmc-crossmint]

Did you do this properly using the bump version command?