-
Notifications
You must be signed in to change notification settings - Fork 324
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement Log Masking #1732
Implement Log Masking #1732
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please document this whole thing in the docs. It needs to be somewhere that users can find.
Additionally, once this is merged please get a variety of people to test it and send the logs. We want to check that we've not missed masking anything important.
I also think that any component that is running with log masking disabled should warn in the console.
ex, | ||
"Failure during [{}] operation: {}", | ||
CreateFile, | ||
ex.getMessage |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could the exception message contain sensitive data? The same question for the other exception messages we log.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, IO errors can potentially leak paths inside the user project. I'll mask them as well
engine/runtime/src/main/scala/org/enso/interpreter/instrument/job/EnsureCompiledJob.scala
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved, conditional on moving the logging docs into logging.md
.
Pull Request Description
close #1720
Changelog:
ToMaskedString
interface that indicates that the object has a custom string representation masking some PII.--no-log-masking
CLI flag that disables log maskingImportant Notes
What is masked:
What is not masked:
Checklist
Please include the following checklist in your PR: