Additional Secrets Redaction was marked experimental due to 2 key weaknesses. 1) not redacting secret material in messages in the security response object and 2) the method of secret redaction opened the possibility of incomplete redaction of "additional" secrets.
:pager: Implementation Details
Additional Secrets redaction now uses more streamlined regex pattern matching to exhaustively redact secrets in the command images. Additional features were added to redact messages by their RACF tag to ensure that no "false positives" would give away redacted fields.
:clipboard: Is there a test case?
Additional test cases were added/existing test cases were changed to test the new behavior of redacting more complex and varied fields as well as messages.
:bulb: Issue Reference
Issue: #68
:computer: What does this address?
Additional Secrets Redaction was marked experimental due to 2 key weaknesses. 1) not redacting secret material in messages in the security response object and 2) the method of secret redaction opened the possibility of incomplete redaction of "additional" secrets.
:pager: Implementation Details
Additional Secrets redaction now uses more streamlined regex pattern matching to exhaustively redact secrets in the command images. Additional features were added to redact messages by their RACF tag to ensure that no "false positives" would give away redacted fields.
:clipboard: Is there a test case?
Additional test cases were added/existing test cases were changed to test the new behavior of redacting more complex and varied fields as well as messages.