Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add linter to catch use of %v and %+v #1585

Closed
theunrepentantgeek opened this issue Jun 21, 2021 · 1 comment · Fixed by #1639
Closed

Add linter to catch use of %v and %+v #1585

theunrepentantgeek opened this issue Jun 21, 2021 · 1 comment · Fixed by #1639
Milestone
codegen-alpha-0

Comments

@theunrepentantgeek
Copy link
Member

Describe the improvement

Those format specifiers can cause leakage of PII in logs, which is a Bad Thing(tm).

We've eliminated all the uses of %v and %+v but should now turn on the linter to make sure we stay clean.
@theunrepentantgeek theunrepentantgeek added this to the codegen-alpha-0 milestone Jun 21, 2021
@theunrepentantgeek
Copy link
Member Author

I asked around:

Anyone know the name of the linter that catches %v and %+v format specifiers in code?
We want to turn this on in the azure-service-operator repo but my Google abilities are failing me and I haven't been able to work out which linter to use. #thanksinadvance

and got this response:

IIRC, we wrote a special script to detect the %v / %+v usage instead of using a linter ...

So I'll write a check for the build script.

@theunrepentantgeek theunrepentantgeek mentioned this issue Jul 9, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
codegen-alpha-0
Development

Successfully merging a pull request may close this issue.

Enforce alternatives to %v and %+v Azure/azure-service-operator
1 participant
@theunrepentantgeek