-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(integrations): Add scrubbing sensitive data integration #2422
feat(integrations): Add scrubbing sensitive data integration #2422
Conversation
packages/integrations/src/scrub.ts
Outdated
} | ||
|
||
/** JSDoc */ | ||
export class Scrub implements Integration { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd use a noun for the integration name.
export class Scrub implements Integration { | |
export class Scrubber implements Integration { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for the feedback! I will change later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just pushed the changes to use noun. All the yarn build
, lint
and test
are worked on my laptop. Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, other integrations use verbs (RewriteFrames
, Debug
, Dedupe
, CaptureConsole
- rather than FrameRewriter
, Deduper
, etc), so Scrub
actually fits better in that pattern, though you might consider something like ScrubData
or SanitizeData
, since other integrations include the object of the verb in the name.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for clearify naming convention. ScrubData
is much more good name I think, therefore I renamed the name at latest commit.
Looks good, however, be aware that normalization is already performed when sending an event. This integration will cause it to be done twice, which may have some small negative performance impact. |
@kamilogorek Thank you for your response.
OMG! I missed it out. I will check the code and make a change.
Yes, I've already reviewed these documents (thanks for providing detailed documentation). Our project processes a lot of personal identifiable information therefore we would like to try to avoid sending these information to the Sentry server whenever possible. |
I found the code to normalize events here:
And it's called after all integrations were processed. Is this plan appropriate? If there is another good approach, please advice me. |
- first rename file name
- then change names from scrub to scrubber
- core calls `normalize` before send an event therefore calling `normalize` may cause performance impact - use memoization avoiding circular references
- first rename files
- rename from Scrubber to ScrubData
c7cd2f0
to
23b0726
Compare
Latest commit 4ea777c got rid of |
LGMT! @lobsterkatie your call :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good - merging!
(FYI - BrowserStack tests can't run on external PRs, but when I ran Travis on an internal branch containing this code, they passed just fine.) |
Thank you for your cooperation! I'm looking forward the next release. ❤️ |
Hey @ma2gedev First of all, thanks for the work that you put into this PR/Integration. We are currently working on a new product feature called Relay, which will effectively be a proxy running between the SDK and our servers, doing normalization, data scrubbing, and many other things. We will run it in front of our servers, but the plan is to also eventually make it available for folks to run client-side, which will allow us to have a consistent data scrubbing system across all SDKs. Because of this, and because the exact details of Relay's data scrubbing implementation haven't yet been finalized, I'm wary of introducing an integration which might do things differently and set precedents for how we approach data scrubbing in the future. If we add your integration now, we'll have to document it, people may come to rely on it, and all of a sudden releasing Relay becomes a breaking change we need to manage when it otherwise wouldn't have to be. Where to go from here:
Sorry that I didn't write this earlier. I hope you understand that this is mostly just bad timing, as well as some miscommunication on our end, for which I apologize. In the end, though, we need to think about the whole product and make sure we're providing the best experience for all customers. Cheers, |
Hi @HazAT Thank you for explaining the background why PR was rejected. I'm not sure the new product detail but the feature that providing across all SDKs is interesting. I'm looking forward to new product feature. |
Add feature scrubbing sensitive data like
sanitizeKeys
option in Raven.js . And extract the feature as external integration.Relates #2391
How to use
Pass
sanitizeKeys
throughScrub
option parameter. Then mask event values if event data has keys that match thesanitizeKeys
.The code like the following:
check before submitting
Before submitting a pull request, please take a look at our
Contributing guidelines and verify:
yarn lint
) & (yarn test
).Resources
sanitizeKeys
option in Raven.js