Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Ignored file extensions can now be configured in the PII scanner #559

Merged
merged 5 commits into from
Jun 4, 2024
Merged

feat: Ignored file extensions can now be configured in the PII scanner #559

merged 5 commits into from
Jun 4, 2024

Conversation

tristanl-slalom
Copy link
Contributor

secureli-558

I'm on a Go project, and need the ability to add additional file extensions, as the default set doesn't include them. Within the project, go.mod and go.sum were including entries that appeared to be phone numbers. There was no way to configure PII Scanner to ignore these files, as any practical contents of these files would not be PII.

Rather than simply add them to the growing set of excluded extensions, I thought I would make the set configurable.

As the set contains language-agnostic files, I also elected NOT to include the go-specific files in that set.

A good follow-up work would be to also lay out, and selectively activate, additional extensions to ignore based on the languages configured in the repo.

Changes

  • pii_scanner is added to the .secureli-config.yaml file structure
  • within that, ignored_extensions is a list of extensions that can be added to the default set
  • PII scanner will now ignore all files in its default set of excluded files, as well as anything provided in the PII-scanner's specific config.

Testing

I tested with a repo containing only some go-based package files (specifically go.mod and go.sum), which were appearing to the PII scanner to contain phone numbers.

Clean Code Checklist

  • Meets acceptance criteria for issue (n/a)
  • New logic is covered with automated tests
  • Appropriate exception handling added
  • Thoughtful logging included
  • Documentation is updated
  • Follow-up work is documented in TODOs
  • TODOs have a ticket associated with them
  • No commented-out code included

@tristanl-slalom tristanl-slalom mentioned this pull request Jun 4, 2024
Closed
8 tasks
@joe-stafford joe-stafford self-requested a review June 4, 2024 15:53
joe-stafford
joe-stafford approved these changes Jun 4, 2024
View reviewed changes
Copy link
Contributor

@joe-stafford joe-stafford left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@joe-stafford joe-stafford self-requested a review June 4, 2024 15:54
@tristanl-slalom tristanl-slalom merged commit 482cd57 into main Jun 4, 2024
5 checks passed
@tristanl-slalom tristanl-slalom deleted the feature/secureli-558-configurable-pii-scanner branch June 4, 2024 17:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@itoltz itoltz itoltz approved these changes

@JordoHeffernan JordoHeffernan Awaiting requested review from JordoHeffernan

@isaac-heist-slalom isaac-heist-slalom Awaiting requested review from isaac-heist-slalom

@kathleen-hogan-slalom kathleen-hogan-slalom Awaiting requested review from kathleen-hogan-slalom

@joe-stafford joe-stafford Awaiting requested review from joe-stafford

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tristanl-slalom @joe-stafford @itoltz