Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support redacting sensitive options #133

Merged
merged 6 commits into from
Aug 24, 2024
Merged

Support redacting sensitive options #133

merged 6 commits into from
Aug 24, 2024

Conversation

anthonator
Copy link
Contributor

Wanted to get some initial work in front of you all to make sure my approach is acceptable.

My main concern with this implementation is trying to centralize the redact logic as much as I can. Since this is a security minded feature I want to make sure that future contributors don't need to implement redaction themselves so I'm making it part of the implementation pattern for types.

Let me know if you feel like I'm on the right track or not. Open to suggestions as well.

anthonator
anthonator commented Aug 14, 2024
View reviewed changes
lib/nimble_options.ex Outdated Show resolved Hide resolved
anthonator
anthonator commented Aug 14, 2024
View reviewed changes
lib/nimble_options.ex Outdated Show resolved Hide resolved
@anthonator anthonator mentioned this pull request Aug 14, 2024
Closed
whatyouhide
whatyouhide reviewed Aug 15, 2024
View reviewed changes
Copy link
Collaborator

@whatyouhide whatyouhide left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The approach is good I think. I think #131 would rehaul this because in order to implement that we need to move away from free-form messages and towards more structured messages... but that's a bigger piece of work and we will think about it when it's time. With the current implementation, this approach is good I think.

lib/nimble_options.ex Show resolved Hide resolved
@anthonator
Copy link
Contributor Author

@whatyouhide thank you for reviewing. I'll keep moving forward with this approach.

@whatyouhide
Copy link
Collaborator

@anthonator let me know what this is ready for review 🙃

@anthonator
Copy link
Contributor Author

@whatyouhide I have all code in place that redacts messages for types. Please feel free to review that. I'm working on implementing the Inspect protocol for NimbleOptions.ValidationError now. I'll make this ready for review once that's done.

@anthonator anthonator marked this pull request as ready for review August 17, 2024 18:40
@anthonator
Copy link
Contributor Author

@whatyouhide this is ready for review.

whatyouhide
whatyouhide reviewed Aug 20, 2024
View reviewed changes
lib/nimble_options/validation_error.ex
@@ -40,4 +41,31 @@ defmodule NimbleOptions.ValidationError do

message <> suffix
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't it be really important to also redact when turning the exception into a message? That's what happens when you raise said exception so I think this is what we want, not Inspect (as you generally won't inspect the exception).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The redaction happens when the struct is built so the message should be good at this point. Unless there's something I'm missing.

I think redacting on Inspect is important. I would be surprised if I was using this feature and some secrets leaked due to inspecting ValidationError. If we're going to redact it should be everywhere.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a test showing message is redacted when using NimbleOptions.validate!/2.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@whatyouhide is there anything more here that needs done?

lib/nimble_options.ex Show resolved Hide resolved
@anthonator anthonator mentioned this pull request Aug 21, 2024
Open
@whatyouhide whatyouhide merged commit 3c029ef into dashbitco:main Aug 24, 2024
2 checks passed
@whatyouhide
Copy link
Collaborator

Thanks @anthonator 💟

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@whatyouhide whatyouhide whatyouhide left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@anthonator @whatyouhide