Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disallow sensitive trait on members #1226

Merged
merged 1 commit into from
Jun 13, 2022
Merged

Disallow sensitive trait on members #1226

merged 1 commit into from
Jun 13, 2022

Conversation

srchase
Copy link
Contributor

@srchase srchase commented May 13, 2022

This PR ports the change from #1137 to the main branch.

Allowing @sensitive trait on members can lead to insecure usage
patterns, like forgetting to put @sensitive on ALL members that target
the same shape, which can lead to sensitive data not getting handled
properly, e.g., not getting redacted from logs, etc.

Instead marking the target shape as sensitive prevents modeling
mistakes by ensuring every reference to data types that are inherently
sensitive are always considered sensitive.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@gosar @srchase
Disallow sensitive trait on members
38d54ca 
Allowing @sensitive trait on members can lead to insecure usage
patterns, like forgetting to put @sensitive on ALL members that target
the same shape, which can lead to sensitive data not getting handled
properly, e.g., not getting redacted from logs, etc.

Instead marking the target shape as sensitive prevents modeling
mistakes by ensuring every reference to data types that are inherently
sensitive are always considered sensitive.
@srchase srchase force-pushed the disallow-sensitive-trait-on-members branch from 88fe681 to 38d54ca Compare June 10, 2022 17:10
@srchase srchase marked this pull request as ready for review June 10, 2022 17:16
@srchase srchase requested a review from a team as a code owner June 10, 2022 17:16
@gosar gosar merged commit 876cd9b into smithy-lang:main Jun 13, 2022
gosar added a commit to gosar/smithy-typescript that referenced this pull request Aug 17, 2022
@gosar
Update tests with sensitive members
33ff330 
Based on smithy-lang/smithy#1226 from Smithy 1.22.0
@srchase srchase deleted the disallow-sensitive-trait-on-members branch July 12, 2023 17:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gosar gosar gosar approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@srchase @gosar