fix(ourlogs): Improve PII Scrubbing for attributes #5061
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Attributes weren't having object rules applied since objects expect a value as a direct descendant, but attributes have a hidden value to hold the enum for TraceItem variants of attrs. This uses a custom ProcessValue impl to pull the sub .value out.
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
…-pii-scrubbing-attributes
…between default and advanced rules
…-pii-scrubbing-attributes
…e mini_sentry config
HazAT
approved these changes
Aug 18, 2025
Dav1dde
approved these changes
Aug 19, 2025
Member
Dav1dde
left a comment
Dav1dde
left a comment
There was a problem hiding this comment.
Just for Codeowners, no review.
…), 'attributes' itself as an object should never be redacted as there are basic fields a log needs to work inside.
…les etc. can target the attribute object.
…ason to change it in this PR just to test it.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Attributes weren't having object rules applied since objects expect a value as a direct descendant.
The main problem is that the
PatternType::KeyValuein our default scrubbers rules (eg. password KV regex, strip-fields a.k.a. sensitive fields) expects to walk an Object and encounter theValue(eg.secret132) as a direct descendant;Attributesgets walked but it's values areAttribute, which doesn't match the KV rule expected structure,Attributecontains a flattened substructureAttributeValueundervalue. For default scrubber rules we still want to target that inner.value.So we have two behaviours we need to support for any schema using
attributes:For advanced rules when walking
Attributeswe want to be able to avoid ambiguity, we don't want the attribute to be selectable at$log.attributes.'my attribute name'and instead only explicitly selectable at$log.attributes.'my attribute name'.valuefor value..typefor type, etc.Possible ways to fix this:
RedactPairandPasswordto also apply parent rules, then also always pass state.key() and parent_state.key() toapply_rulesfunctions soParentKeyValuecan test against parent_state.key(). This still has problems with sensitive fields as users may define 'scary_attribute' as a sensitive field and expect an attribute to be filtered out, instead of having to doscary_attribute.value.$log.attributes.X.value. We can always still do option 1 in the future on top of this approach to clean up the branching.