Sensitive trait #229
Sensitive trait #229
Conversation
| if (needsCustomDebug) { | ||
| val withoutDebug = containerMeta.derives.copy(derives = containerMeta.derives.derives - RuntimeType.Debug) |
There was a problem hiding this comment.
since you already have the code to build the custom Debug impl anyways, you might consider just making that the only path. if i read this correctly, if you were to just always execute the code as if needsCustomDebug = true then you'd arrive at the same impls, even in cases where there are no sensitive fields.
There was a problem hiding this comment.
yeah that's correct. I'm considering that—the only reason not to would be the code volume generated. I'm not sure how derive(Debug) compares with generating it.
But I just looked into it and it seems like it should be at worst the same. I think that's a good simplification.
| password: Some("don't leak me".to_owned()), | ||
| secret_key: Some("don't leak me".to_owned()) | ||
| }; | ||
| assert_eq!(format!("{:?}", creds), "Credentials { username: Some(\"not_redacted\"), password: \"*** Sensitive Data Redacted ***\", secret_key: \"*** Sensitive Data Redacted ***\" }"); |
There was a problem hiding this comment.
np: how do you feel about these test assertions relying on the whitespace decisions of the debug formatter?
There was a problem hiding this comment.
I don't love it, but if it changes, I do sort of want to know about it.
This actually causes a reduction in llvm-lines & apparently can improve compile performance. It also simplifies the code.
Issue #, if available: Fixes #116
Description of changes: This PR adds support for the Smithy sensitive trait which hides fields from being displayed in logs. In Rust, this results in a custom
Debugimplementation when theSensitivetrait is present.This is a pretty important feature to preserve, so I took the opportunity to also add the ability to add integration tests for individual services & added an integration test of the sensitive trait when applied to a Kinesis service.
Generated code diff: main-generated...sensitive-trait-generated
The derive order changed so the diff is a little noisy but here's a link to a custom implementation
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.