Secret Redaction

Secret Redaction attempts to automatically redact secrets and sensitive information in your terminal output, including passwords, IP addresses, API keys, and PII.

How to access it

Disabled by default, to enable Secret Redaction open Settings > Privacy > Secret Redaction or type in "Secret Redaction" to toggle it in the Command Palette.

How it works

Secret Redaction attempts to detect sensitive data using a list of default regex patterns and then masks it with lock icons. Clicking on a secret will display a tooltip that lets you reveal the secret or copy the secret's contents. When trying to copy terminal output containing secrets, it will be copied as asterisks (e.g. echo password becomes echo ********) unless revealed or copied from the tooltip.

You can add additional custom regex for secrets you want to include in Settings > Privacy > Secret Redaction > Custom Secret Redaction.

Secret Regex List

Here is a list of the default regular expressions that Warp uses to identify secrets.

Secret TypeRegex Pattern

IP V4 Address


IP V6 Address


Slack App Token


Phone Number


AWS Access ID


MAC Address


Google API Key


Google OAuth ID


Github Classic Personal Access Token


Github Fine Grained Personal Access Token


Github OAuth Access Token


Github User to Server Token


Github Server to Server Token


Heroku API Key


Stripe Key


Firebase Auth Domain


Last updated