sanitize

package
v1.6.5-rc.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 24, 2024 License: AGPL-3.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const RedactedStr = "REDACTED"

Variables

View Source 
var Instance = NewSanitizer(SanitizerOptions{
	ExcludeFields: []string{
		"password",
		"secretaccesskey",
		"sessiontoken",
		"smtp_password",
		"api_key",
		"app_key",
		"api_token",
		"alert_api_key",
		"incident_api_key",

		"token",
		"cloud_token",
		"aws_access_key_id",
		"aws_secret_access_key",
		"aws_session_token",
		"clientsecret",
		"access_token",
		"access_key",
		"accesskey",
		"secret_key",
		"secretkey",
		"client_id",
		"client_secret",
		"tenant_id",
		"sourcerecord",
		"cert",
		"privatekey",
		"secretvalue",
		"slack_token",
		"abuseipdb_api_key",
		"sendgrid_api_key",
		"vtcli_apikey",
		"zendesk_token",
		"trello_api_key",
		"trello_token",
		"okta_token",
		"uptimerobot_api_key",
		"urlscan_api_key",
		"clickup_token",
		"pagerduty_token",
		"discord_token",
		"ip2locationio_api_key",
		"ipstack_access_key",
		"teams_access_token",
		"pipes_token",
		"github_token",
		"gitlab_token",
		"vault_token",
		"jira_api_token",
		"opsgenie_alert_api_key",
		"opsgenie_incident_api_key",
		"openai_api_key",
		"azure_client_id",
		"azure_client_secret",
		"azure_tenent_id",
		"bitbucket_password",
		"dd_client_api_key",
		"dd_client_app_key",
		"freshdesk_api_key",
		"turbot_access_key",
		"turbot_secret_key",
		"servicenow_password",
		"jumpcloud_api_key",
		"form_url",
	},
	ExcludePatterns: []string{
		`SG\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9_-]{43}`,
		`AccountKey=[a-zA-Z0-9+/=]{88}`,
		`(?m)(ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9_]{36}`,
	},
	ImportCodeMatchers: true,
})
View Source 
var NullSanitizer = NewSanitizer(SanitizerOptions{})

Functions

func RedactDbConnectionPassword added in v1.6.2 

func RedactDbConnectionPassword(connectionString string) string

The database connection string is also redacted by the Basic Auth redaction, it will actually redact more than the plain db redaction

func SanitizeStruct 

func SanitizeStruct[T any](s *Sanitizer, v T) (T, error)

Types

type RenderOptions 

type RenderOptions struct {
	ColorEnabled   bool
	ColorGenerator *color.DynamicColorGenerator
	Verbose        bool
	JsonFormatter  *prettyjson.Formatter
	Indent         int
	// todo not the correct place for this??
	IsList bool
}

func (RenderOptions) Clone 

func (o RenderOptions) Clone() RenderOptions

type SanitizedStringer 

type SanitizedStringer interface {
	String(sanitizer *Sanitizer, opts RenderOptions) string
}

type Sanitizer 

type Sanitizer struct {
	// contains filtered or unexported fields
}

func NewSanitizer 

func NewSanitizer(opts SanitizerOptions) *Sanitizer

func (*Sanitizer) FieldExcluded 

func (s *Sanitizer) FieldExcluded(v string) bool

func (*Sanitizer) Sanitize 

func (s *Sanitizer) Sanitize(v any) any

Sanitize takes any value and returns a sanitized version of the value. If the value is a string, then it is sanitized. Otherwise the value is marshaled to JSON and then sanitized. Attempt to marshal back to original type but if this fails, return the json

func (*Sanitizer) SanitizeFile 

func (s *Sanitizer) SanitizeFile(file string) error

func (*Sanitizer) SanitizeKeyValue 

func (s *Sanitizer) SanitizeKeyValue(k string, v any) any

func (*Sanitizer) SanitizeString 

func (s *Sanitizer) SanitizeString(v string) string

type SanitizerOptions 

type SanitizerOptions struct {
	// ExcludeFields is a list of fields to exclude from sanitization
	ExcludeFields []string
	// ExcludePatterns is a list of regexes - any capture groups are redacted
	ExcludePatterns []string

	ImportCodeMatchers bool
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.