ElijahSwiftIBM
commented
7 months ago Dealt with many of the comments here, but there is still more to do.
SecretsRedactionErrorneeds unit testing now that it exists- More debug logging unit tests for the other admin functions
I will deal with these next week, but the rest is ready for review.
:bulb: Issue Reference
Issue: #68
:computer: What does this address?
Additional Secrets Redaction was marked experimental due to 2 key weaknesses. 1) not redacting secret material in messages in the security response object and 2) the method of secret redaction opened the possibility of incomplete redaction of "additional" secrets.
:pager: Implementation Details
Additional Secrets redaction now uses more streamlined regex pattern matching to exhaustively redact secrets in the command images. Additional features were added to redact messages by their RACF tag to ensure that no "false positives" would give away redacted fields.
:clipboard: Is there a test case?
Additional test cases were added/existing test cases were changed to test the new behavior of redacting more complex and varied fields as well as messages.