Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CI #64

Closed
wants to merge 3 commits into from
Closed

CI #64

wants to merge 3 commits into from

Conversation

hemant10yadav
Copy link
Contributor

No description provided.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 3, 2025
View reviewed changes
utils/twilio.py
logger.exception("Error occurred during Twilio call for phone number %s: %s", phone_number, str(e))
logger.exception(
"Error occurred during Twilio call for phone number %s: %s",
phone_number,

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information High

This expression logs
sensitive data (private)
Loading
as clear text.
This expression logs
sensitive data (private)
Loading
as clear text.

Copilot Autofix AI 2 months ago

To fix the problem, we should avoid logging the phone number directly. Instead, we can log a masked version of the phone number or omit it entirely from the log message. This way, we still get useful logging information without exposing sensitive data.

The best way to fix this without changing existing functionality is to mask the phone number before logging it. We can replace the middle digits of the phone number with asterisks or another character to ensure that the sensitive part of the data is not exposed.

We need to modify the logging statement on lines 16-18 to mask the phone number. Additionally, we need to add a helper function to perform the masking.

Suggested changeset 1
utils/twilio.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/utils/twilio.py b/utils/twilio.py
--- a/utils/twilio.py
+++ b/utils/twilio.py
@@ -8,2 +8,5 @@
 
+def mask_phone_number(phone_number):
+    return phone_number[:2] + "****" + phone_number[-2:]
+
 def lookup_telecom_provider(phone_number):
@@ -14,5 +17,6 @@
     except Exception as e:
+        masked_phone_number = mask_phone_number(phone_number)
         logger.exception(
             "Error occurred during Twilio call for phone number %s: %s",
-            phone_number,
+            masked_phone_number,
             str(e),
EOF
@@ -8,2 +8,5 @@

def mask_phone_number(phone_number):
return phone_number[:2] + "****" + phone_number[-2:]

def lookup_telecom_provider(phone_number):
@@ -14,5 +17,6 @@
except Exception as e:
masked_phone_number = mask_phone_number(phone_number)
logger.exception(
"Error occurred during Twilio call for phone number %s: %s",
phone_number,
masked_phone_number,
str(e),
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@hemant10yadav hemant10yadav deleted the hy/impl_pytest branch January 6, 2025 07:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@hemant10yadav