Skip to content

Commit

Permalink
doc(rules): improve doc
Browse files Browse the repository at this point in the history
  • Loading branch information
@cfabianski
cfabianski committed Feb 8, 2023
1 parent d0d5769 commit 293709a
Show file tree
Hide file tree
Showing 6 changed files with 8 additions and 10 deletions.
2 changes: 1 addition & 1 deletion pkg/commands/process/settings/rules/ruby/rails/logger.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ severity:
skip_data_types:
- "Unique Identifier"
metadata:
description: "Do not send sensitive data to loggers."
description: "Do not send sensitive data to Rails loggers."
remediation_message: |
## Description
Leaking sensitive data to loggers is a common cause of data leaks and can lead to data breaches. This rule looks for instances of sensitive data sent to rails loggers.
Expand Down
2 changes: 1 addition & 1 deletion ...s/logger/.snapshots/TestRubyRailsLoggerSummary-summary_ruby_rails_logger_datatype_leak.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
- policy_name: ""
policy_dsrid: DSR-5
policy_display_id: ruby_rails_logger
policy_description: Do not send sensitive data to loggers.
policy_description: Do not send sensitive data to Rails loggers.
line_number: 1
filename: pkg/commands/process/settings/rules/ruby/rails/logger/testdata/datatype_leak.rb
category_groups:
Expand Down
3 changes: 1 addition & 2 deletions pkg/commands/process/settings/rules/ruby/third_parties/bugsnag.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,7 @@ metadata:
When logging errors or events, ensure all sensitive data is removed.
## Resources
- [Bugsnag Docs](https://)
- [Log obfuscation](https://)
- [Bugsnag Docs](https://docs.bugsnag.com/platforms/ruby/rails/)
dsr_id: DSR-1
associated_recipe: Bugsnag
id: ruby_third_parties_bugsnag
3 changes: 1 addition & 2 deletions pkg/commands/process/settings/rules/ruby/third_parties/honeybadger.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,7 @@ metadata:
When logging errors or events, ensure all sensitive data is removed.
## Resources
- [Honeybadger Docs](https://)
- [Log obfuscation](https://)
- [Honeybadger Docs](https://docs.honeybadger.io/lib/ruby/integration-guides/rails-exception-tracking/)
dsr_id: DSR-1
associated_recipe: Honeybadger
id: ruby_third_parties_honeybadger
4 changes: 2 additions & 2 deletions pkg/report/output/summary/.snapshots/TestSummary
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
PolicyName: (string) "",
PolicyDSRID: (string) (len=5) "DSR-5",
PolicyDisplayId: (string) (len=17) "ruby_rails_logger",
PolicyDescription: (string) (len=38) "Do not send sensitive data to loggers.",
PolicyDescription: (string) (len=44) "Do not send sensitive data to Rails loggers.",
LineNumber: (int) 1,
Filename: (string) (len=20) "pkg/datatype_leak.rb",
CategoryGroups: ([]string) (len=2) {
Expand All @@ -20,7 +20,7 @@
PolicyName: (string) "",
PolicyDSRID: (string) (len=5) "DSR-5",
PolicyDisplayId: (string) (len=17) "ruby_rails_logger",
PolicyDescription: (string) (len=38) "Do not send sensitive data to loggers.",
PolicyDescription: (string) (len=44) "Do not send sensitive data to Rails loggers.",
LineNumber: (int) 2,
Filename: (string) (len=20) "pkg/datatype_leak.rb",
CategoryGroups: ([]string) (len=2) {
Expand Down
4 changes: 2 additions & 2 deletions pkg/report/output/summary/.snapshots/TestSummaryWithSeverity
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
PolicyName: (string) "",
PolicyDSRID: (string) (len=5) "DSR-5",
PolicyDisplayId: (string) (len=17) "ruby_rails_logger",
PolicyDescription: (string) (len=38) "Do not send sensitive data to loggers.",
PolicyDescription: (string) (len=44) "Do not send sensitive data to Rails loggers.",
LineNumber: (int) 1,
Filename: (string) (len=20) "pkg/datatype_leak.rb",
CategoryGroups: ([]string) (len=2) {
Expand All @@ -20,7 +20,7 @@
PolicyName: (string) "",
PolicyDSRID: (string) (len=5) "DSR-5",
PolicyDisplayId: (string) (len=17) "ruby_rails_logger",
PolicyDescription: (string) (len=38) "Do not send sensitive data to loggers.",
PolicyDescription: (string) (len=44) "Do not send sensitive data to Rails loggers.",
LineNumber: (int) 2,
Filename: (string) (len=20) "pkg/datatype_leak.rb",
CategoryGroups: ([]string) (len=2) {
Expand Down

0 comments on commit 293709a

Please sign in to comment.