Skip to content

Support ZIP Archive: Contents and Redaction Details🔗

This document provides a comprehensive overview of the information included in the Apheris Hub Support ZIP archive and the technical details of the redaction and sanitization process. It is intended for technical users, administrators, and security reviewers who require transparency into the support data collection process.

Scope of Data Collection🔗

The Support ZIP archive collects diagnostic and configuration data from the Apheris Hub application itself to provide context about your deployment environment. This information can help support teams better understand your setup when troubleshooting issues, though additional information or logs may be needed for comprehensive diagnosis. No container images, filesystems, or application data are included.

Archive Contents🔗

The Support ZIP archive is a compressed file containing structured diagnostic and configuration data in JSON format for support and debugging purposes. The included information consists of:

  • Generation timestamp: When the support data was collected
  • System information: OS, architecture, Go version, CPU count, GPU/driver status
  • Configuration settings: Input/output directories, API URL, authentication settings, timeouts, websocket settings, and other operational parameters
  • Installed model versions: Current status, endpoints, and available weights for each installed model

Note

No user data, model payloads, or container filesystems are included. The archive is strictly limited to configuration metadata required for operational troubleshooting.

Redaction and Sanitization🔗

All data included in the Support ZIP is subject to a redaction pipeline to protect sensitive information. The process includes:

  • Sensitive Pattern Matching: Configuration values are checked against sensitive patterns, including:

    • password, passwd, pwd
    • secret, key, token, auth
    • private, credential, cred
    • cert, certificate, ssl
    • database_url, db_url, connection_string
    • oauth, jwt, bearer
    • admin, root

    If a configuration key matches any of these patterns, its value is replaced with [REDACTED]. Pattern matching is case-insensitive.

  • API Key Redaction: The MSA API key and other sensitive authentication tokens are automatically redacted in the configuration output.

General Principles🔗

  • No User Data: No user-uploaded data, model payloads, or customer datasets are ever included.
  • No Private Keys: Private keys, certificates, and similar secrets are always excluded or redacted.
  • Transparency: All redactions are indicated by [REDACTED] in the output files.

Note

If you have any doubts or concerns, you can always examine the contents of the Support ZIP archive before sending it to support. The archive is a standard ZIP file and can be opened with any archive tool to review its contents and redactions.

For technical questions about the Support ZIP archive, redaction pipeline, or to request a security review, contact support@apheris.com.