Skip to content

fix: filtering out endpoints with PII data #570

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Nov 20, 2025
Merged

fix: filtering out endpoints with PII data #570

merged 7 commits into from
Nov 20, 2025

Conversation

@vdua
Copy link
Collaborator

@vdua vdua commented Nov 20, 2025

Please ensure your pull request adheres to the following guidelines:

  • make sure to link the related issues in this description
  • when merging / squashing, make sure the fixed issue references are visible in the commits, for easy compilation of release notes

Related Issues

Thanks for contributing!

@vdua vdua marked this pull request as draft November 20, 2025 09:00
@github-actions
Copy link

github-actions bot commented Nov 20, 2025

This PR will trigger a patch release when merged.

@codecov
Copy link

codecov bot commented Nov 20, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

vdua
vdua commented Nov 20, 2025
View reviewed changes
src/privacy.mjs

uuid: withInputValidation((str, replaceWith) => str.replace(/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})|([0-9a-fA-F]{32})/g, replaceWith)),

email: withInputValidation((str, replaceWith) => str.replace(/[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g, replaceWith)),
Copy link
Collaborator Author

@vdua vdua Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

noticed the email regex is quite slow 700k urls in 6 seconds while
the uuid above took only 1 seconds.

src/utils.mjs
return str.replace(/eyJ[a-zA-Z0-9]+\.eyJ[a-zA-Z0-9]+\.[a-zA-Z0-9]+/g, '<jwt>');
}
return str;
}
Copy link
Collaborator Author

@vdua vdua Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was being duplicated in filters. So removed it.

src/utils.mjs Outdated
[/\/api\/mdm.+/i, '/api/mdm'],
[/\/api\/employer.+/i, '/api/employer'],
[/\/api\/perfios.+/i, '/api/perfios'],
[/\/kyccallback.+/i, '/kyccallback'],
Copy link
Collaborator Author

@vdua vdua Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The last two have the format perfios<someword>_uuid and kyccallback_uuid. I am in favor of removing them since uuid filter should remove them. @trieloff WDYT ?

Copy link
Contributor

@trieloff trieloff Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agree

@vdua vdua requested a review from trieloff November 20, 2025 15:06
@vdua vdua marked this pull request as ready for review November 20, 2025 15:06
@vdua vdua marked this pull request as draft November 20, 2025 15:13
@vdua vdua marked this pull request as ready for review November 20, 2025 15:21
vdua
vdua commented Nov 20, 2025
View reviewed changes
src/utils.mjs
[/\/api\/mdm.+/i, '/api/mdm'],
[/\/api\/employer.+/i, '/api/employer'],
[/\/api\/perfios.+/i, '/api/perfios'],
[/\/kyccallback.+/i, '/kyccallback'],
Copy link
Collaborator Author

@vdua vdua Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the first 4 can contain any PII data (free text)
the last 2 can only contain uuid

trieloff
trieloff approved these changes Nov 20, 2025
View reviewed changes
Copy link
Contributor

@trieloff trieloff left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd also remove all emails by default.

@vdua vdua merged commit a267b45 into main Nov 20, 2025
5 checks passed
@vdua vdua deleted the privacy branch November 20, 2025 23:29
github-actions bot pushed a commit that referenced this pull request Nov 20, 2025
@semantic-release-bot
chore(release): 2.44.3 [skip ci]
64f1347 
## [2.44.3](v2.44.2...v2.44.3) (2025-11-20)

### Bug Fixes

* filtering out endpoints with PII data ([#570](#570)) ([a267b45](a267b45))
@adobe-bot
Copy link
Contributor

adobe-bot commented Nov 20, 2025

🎉 This PR is included in version 2.44.3 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@trieloff trieloff trieloff approved these changes

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@vdua @adobe-bot @trieloff