seCureLI is a tool that enables you to experience the delight of building products by helping you get ideas from your head into working software as frictionlessly as possible, in a reliable, secure, scalable, and observable way.
Apache License 2.0
29
stars
3
forks
source link
feat: Ignored file extensions can now be configured in the PII scanner #559
I'm on a Go project, and need the ability to add additional file extensions, as the default set doesn't include them. Within the project, go.mod and go.sum were including entries that appeared to be phone numbers. There was no way to configure PII Scanner to ignore these files, as any practical contents of these files would not be PII.
Rather than simply add them to the growing set of excluded extensions, I thought I would make the set configurable.
As the set contains language-agnostic files, I also elected NOT to include the go-specific files in that set.
A good follow-up work would be to also lay out, and selectively activate, additional extensions to ignore based on the languages configured in the repo.
Changes
pii_scanner is added to the .secureli-config.yaml file structure
within that, ignored_extensions is a list of extensions that can be added to the default set
PII scanner will now ignore all files in its default set of excluded files, as well as anything provided in the PII-scanner's specific config.
Testing
I tested with a repo containing only some go-based package files (specifically go.mod and go.sum), which were appearing to the PII scanner to contain phone numbers.
secureli-558
I'm on a Go project, and need the ability to add additional file extensions, as the default set doesn't include them. Within the project, go.mod and go.sum were including entries that appeared to be phone numbers. There was no way to configure PII Scanner to ignore these files, as any practical contents of these files would not be PII.
Rather than simply add them to the growing set of excluded extensions, I thought I would make the set configurable.
As the set contains language-agnostic files, I also elected NOT to include the go-specific files in that set.
A good follow-up work would be to also lay out, and selectively activate, additional extensions to ignore based on the languages configured in the repo.
Changes
pii_scanner
is added to the .secureli-config.yaml file structureignored_extensions
is a list of extensions that can be added to the default setTesting
I tested with a repo containing only some go-based package files (specifically go.mod and go.sum), which were appearing to the PII scanner to contain phone numbers.
Clean Code Checklist