const REDACT_KEYS = [
  "token",
  "authorization",
  "api_key",
  "apikey",
  "password",
  "secret",
  "cookie",
  "set-cookie",
];

function shouldRedactKey(key) {
  const k = String(key || "").toLowerCase();
  return REDACT_KEYS.some((x) => k.includes(x));
}

export function redactDeep(value, depth = 0) {
  if (depth > 6) return "[REDACTED_DEPTH_LIMIT]";

  if (value === null || value === undefined) return value;

  const t = typeof value;
  if (t === "string") {
    // keep it safe + small
    if (value.length > 2000) return value.slice(0, 2000) + "…";
    return value;
  }
  if (t === "number" || t === "boolean") return value;

  if (Array.isArray(value)) {
    return value.slice(0, 50).map((v) => redactDeep(v, depth + 1));
  }

  if (t === "object") {
    const out = {};
    const entries = Object.entries(value).slice(0, 200);
    for (const [k, v] of entries) {
      out[k] = shouldRedactKey(k) ? "[REDACTED]" : redactDeep(v, depth + 1);
    }
    return out;
  }

  return String(value);
}

export function safeText(s) {
  const str = String(s ?? "");
  if (!str.trim()) return "";
  return str.length > 1000 ? str.slice(0, 1000) + "…" : str;
}