Closed Bug 1973017 Opened 4 months ago Closed 3 months ago

Glean lint should automatically flag event dictionary keys labeled "url" or other potentially-indicative-of-PII key names

Categories

(Data Platform and Tools :: Glean: SDK, enhancement, P1)

Product:
Data Platform and Tools
Component:
Glean: SDK
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: Gijs, Assigned: janerik)

Details

Attachments

(1 file)

[mozilla/glean_parser] Bug 1973017 - New lint: HIGHER_DATA_SENSITIVITY_REQUIRED for when an event extra key could potentially contain sensitive data (#799)
48 bytes, text/x-github-pull-request
Details | Review

We already have some checks that enforce that certain types of metrics have a particular declared data sensitivity (though I looked and couldn't easily find the code that does that?), but we should expand this to event keys to avoid mis-collecting data at the patch creation stage, instead of later in the process during human review.

(In reply to :Gijs (he/him) from comment #0)

We already have some checks that enforce that certain types of metrics have a particular declared data sensitivity (though I looked and couldn't easily find the code that does that?),

It's enforced by the schema, and apparently it's only for text, not for url like I expected. Huh.

Assignee: nobody → jrediger
Status: NEW → ASSIGNED
Type: defect → enhancement
Priority: -- → P1
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: