v4.14.7 - Bugfix: overzealous data masking rule for US social security numbers #752
jongpie
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Core Unlocked Package Changes
🐞 Fixed #542 (almost exactly 1 year after it was opened😅) to use a more targeted regular expression for identifying US social security numbers (SSN) to mask. Previously, the rule was not restrictive enough in the regular expression used in
SensitiveDataRegEx__c, which resulted in the rule masking some values that it should have ignored.For example, logging a message containing a (fake) credit card number like
Here is a value 5000-1111-2222-0005 and it looks like a Mastercard number, so apply the Mastercard masking rule...Here is a value XXX-XX-1111-2222-0005 and it looks like a Mastercard number, so apply the Mastercard masking ruleHere is a value ****-****-****-0005 and it looks like a Mastercard number, so apply the Mastercard masking rule🤏 And a little bit of scope creep included:
ComponentLoggerto cache the field map forLogEntryEvent__eonce per transactionv4.14.6ComponentLoggerwould re-call the describe method forLogEntryEvent__eevery time there was a component log entry that was setting 1 or more custom fieldsPipeline Changes
scripts/build/validate-custom-metadata-records.apexto validate that the regex values inLogEntryDataMaskRule__mdtwork as expectedInstallation Info
Core Unlocked Package - no namespace
Full Changelog: v4.14.6...v4.14.7
sf package install --wait 20 --security-type AdminsOnly --package 04t5Y0000015oRrQAIsfdx force:package:install --wait 20 --securitytype AdminsOnly --package 04t5Y0000015oRrQAIThis discussion was created from the release Bugfix: overzealous data masking rule for US social security numbers.
Beta Was this translation helpful? Give feedback.
All reactions