Merge pull request #7 from venkateshpabbati/alert-autofix-21
Potential fix for code scanning alert no. 21: Clear-text logging of sensitive information
This commit is contained in:
VenkateshPabbati
GitHub
@@ -25,7 +25,7 @@ from sqlalchemy import create_engine, text # type: ignore
|
|||||||
|
|
||||||
def sanitize_sensitive_info(data: dict) -> dict:
|
def sanitize_sensitive_info(data: dict) -> dict:
|
||||||
sanitized_data = data.copy()
|
sanitized_data = data.copy()
|
||||||
sensitive_fields = ['password', 'user', 'host', 'database']
|
sensitive_fields = ['password', 'user', 'host', 'database', 'port', 'ssl_verify_cert', 'ssl_verify_identity']
|
||||||
for field in sensitive_fields:
|
for field in sensitive_fields:
|
||||||
if field in sanitized_data:
|
if field in sanitized_data:
|
||||||
sanitized_data[field] = '***'
|
sanitized_data[field] = '***'
|
||||||
|
|||||||
Reference in New Issue
Block a user