Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Offer option to redact sensitive information before sharing logs

See original GitHub issue

Problem

There are certain log messages that can contain sensitive information, and we want to protect users from accidentally leaking these details before sharing their logs.

Example:

If we fail to execute a keystroke, the keystroke (or sequence of keystrokes) may contain sensitive data that the user doesn’t want to share in their logs if they post for debugging help.
On TinyPilot Pro, users might want usernames to appear in the TinyPilot logs (e.g. user123 logged in, user123 signed out), but they’d leak sensitive information if they shared those logs.

Proposal

We add a special annotation for log calls that can log sensitive information like logger.info("[SENSITIVE] User %s logged in from %s", username, ip_address).

And then in the debug logs UI, we make a more distinct “Sharing” section and add a checkbox (off by default) labeled “Include sensitive data.” When the checkbox is unchecked, we do a regex at the JS level to strip out any log lines that include the string [SENSITIVE].

Issue Analytics

State:
Created 2 years ago
Comments:11 (7 by maintainers)

Top GitHub Comments

1reaction

jotaen4tinypilotcommented, Dec 2, 2021

Actually, let me re-open until https://github.com/tiny-pilot/tinypilot/pull/813 is through.

1reaction

mtlynchcommented, Nov 30, 2021

I like option (2) as well. The complexity isn’t too bad. It felt worse when we were fighting with our linters, but now that we’ve found smooth integrations with the linters, I think (2) works. If it causes problems, it’s pretty easy to back out and replace with (1) if we need to.

Top Results From Across the Web

Use sensitive data redaction - Amazon Connect

It redacts sensitive data, such as name, address, and credit card information using Natural Language Understanding. To enable redaction, choose the option on ......

Sensitive Information | How To Properly Apply Redactions And ...

The trick is to share everything you're supposed to and nothing you're not. Redaction—obscuring or hiding text—is the means by which legal ...

Redacting sensitive data from text | Data Loss Prevention ...

Cloud Data Loss Prevention can redact or obfuscate sensitive data from a string of text. You can feed textual information to the API...

9 Best Redaction Software and Tools - Comparitech

Objective Redact is our top pick for redaction software because it covers all of the options anyone would need to perform sensitive document ......

How to redact sensitive information from logs using Pino ...

Pino Noir lets us use wildcards (eg: address.* ), as well as chained keys (eg: details.user ) to redact important information from the...