Sanitizer#filter_key? returns a warning for Numeric hash keys

[dawson-conway]

As currently defined, filter_key? calls =~ on its parameter. When sanitizing a hash, keys can technically be anything. =~ as defined on Object is deprecated. So the filter_key? parameter should either be converted to a string (could change behavior) or the filters should be skipped if the key doesn't have =~ defined itself, or in a superclass that is not Object

[stympy]

Do you have code or config that can trigger the warning?

[dawson-conway]

From our config:

request:
  filter_keys:
    - password
    - password_confirmation
    - card_number
    - card_number_unmasked
    - magnetic_track
    - magnetic_track_unmasked
    - security_code
    - security_code_unmasked
    - routing_number
    - routing_number_unmasked
    - account_number
    - account_number_unmasked
    - account_number_confirmation
    - account_number_confirmation_unmasked

I'm not sure what is exactly being passed in to trigger this (the stacktrace isn't showing up on honeybadger, maybe because it's triggered from within). The specific message is

DeprecationWarning: /var/www/current/vendor/bundle/ruby/2.7.0/gems/honeybadger-5.2.1/lib/honeybadger/util/sanitizer.rb:170: warning: deprecated Object#=~ is called on Integer; it always returns nil

[dawson-conway]

I know that our application sometimes constructs arrays with integer keys (i.e. {1 => 'value', 2 => 'another'}) which seems like it would trigger this.

[stympy]

Thanks for the info! I'll take a look. :)

[stympy]

v5.8.0 has this fix