ECHO-675 ECHO-721 Anonymize transcripts fixes

[ussaama]

Summary by CodeRabbit

Release Notes

• New Features
  • Enhanced markdown rendering with improved display of redacted sensitive information
  • Added PII redaction capabilities for transcripts, messages, and generated artifacts
  • Improved markdown editor for safer handling of sensitive content
  • Multi-language support for PII redaction in generated responses

[linear]

ECHO-675 Verified outcomes may bypass anonymization via raw audio

ECHO-721 Update the markdown editors to support redacted text natively

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 23278837-77fd-430d-b011-e181f86addc9

📥 Commits

Reviewing files that changed from the base of the PR and between ddbfa7d and 84b96f6.

📒 Files selected for processing (20)

• echo/frontend/src/components/common/Markdown.tsx
• echo/frontend/src/components/common/RedactedText.tsx
• echo/frontend/src/components/form/MarkdownWYSIWYG/MarkdownWYSIWYG.tsx
• echo/frontend/src/components/participant/UserChunkMessage.tsx
• echo/frontend/src/locales/de-DE.po
• echo/frontend/src/locales/en-US.po
• echo/frontend/src/locales/es-ES.po
• echo/frontend/src/locales/fr-FR.po
• echo/frontend/src/locales/it-IT.po
• echo/frontend/src/locales/nl-NL.po
• echo/server/dembrane/api/verify.py
• echo/server/dembrane/reply_utils.py
• echo/server/prompt_templates/generate_artifact.en.jinja
• echo/server/prompt_templates/get_reply_system.de.jinja
• echo/server/prompt_templates/get_reply_system.en.jinja
• echo/server/prompt_templates/get_reply_system.es.jinja
• echo/server/prompt_templates/get_reply_system.fr.jinja
• echo/server/prompt_templates/get_reply_system.it.jinja
• echo/server/prompt_templates/get_reply_system.nl.jinja
• echo/server/prompt_templates/revise_artifact.en.jinja

Disabled knowledge base sources:

• Linear integration is disabled

You can enable these sources in your CodeRabbit configuration.

---

Walkthrough

This PR implements end-to-end PII redaction infrastructure for transcripts and markdown content. Frontend components now handle escaped redaction tokens for safe markdown rendering. Backend adds anonymization flag propagation through reply generation. Prompt templates conditionally enforce mandatory PII detection and replacement across multiple languages.

Changes

Cohort / File(s)	Summary
Frontend redaction utilities echo/frontend/src/components/common/RedactedText.tsx	Exports new constants and utility functions for redaction token handling: REDACTED_PATTERN, REDACTED_CODE_PREFIX, escapeRedactedTokens, unescapeRedactedTokens, formatLabel, RedactedBadge component, and parseRedactedText. Expands public API surface for redaction processing.
Frontend markdown rendering echo/frontend/src/components/common/Markdown.tsx, echo/frontend/src/components/form/MarkdownWYSIWYG/MarkdownWYSIWYG.tsx	Integrates redaction token escaping with controlled markdown handling. Markdown.tsx memoizes content processing and customizes ReactMarkdown code block rendering for redacted tokens. MarkdownWYSIWYG wraps input/output with escape/unescape utilities.
Frontend transcript simplification echo/frontend/src/components/participant/UserChunkMessage.tsx	Removes RedactedText wrapper logic from transcript rendering, simplifying to direct Markdown rendering regardless of redaction markers.
Translation metadata echo/frontend/src/locales/*	Updates source file reference line numbers in de-DE.po, en-US.po, es-ES.po, fr-FR.po, it-IT.po, nl-NL.po. No semantic translation changes.
Backend anonymization flag echo/server/dembrane/api/verify.py, echo/server/dembrane/reply_utils.py	Adds is_anonymized boolean parameter to _build_user_message_content and propagates anonymize_transcripts flag from project data to prompt pii_redaction context.
Prompt template PII redaction echo/server/prompt_templates/generate_artifact.en.jinja, echo/server/prompt_templates/get_reply_system.*.jinja, echo/server/prompt_templates/revise_artifact.en.jinja	Conditionally injects mandatory PII redaction blocks (gated by pii_redaction flag) across all language variants and artifact templates. Specifies detection methods, allowed token mappings, and formatting rules for consistent redaction behavior.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Possibly related PRs

• ECHO-673 Fixes #445: Overlapping modifications to RedactedText component and frontend transcript rendering logic in UserChunkMessage.tsx and related redaction imports.
• ECHO-571 pre release changes and fixes #371: Concurrent changes to server prompt templates and reply_utils.py for anonymization flag handling.
• ECHO-668 helper changes for anonymous transcripts mode (#436) #437: Complementary implementation of transcript anonymization/PII redaction wiring across frontend token handling and backend prompt integration.

Suggested labels

improvement

---

LGTM. Solid token escaping strategy and clean separation between frontend sanitization and backend redaction logic. The prompt template approach with conditional blocks is 🔥 for multi-language support. Template updates follow a consistent pattern and the frontend composability is chef's kiss. Ship it.

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch anonymize-transcripts-fixes-debt

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

You can validate your CodeRabbit configuration file in your editor.

If your editor has YAML language server, you can enable auto-completion and validation by adding # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json at the top of your CodeRabbit configuration file.