Skip to content

Commit

Permalink
Merge pull request #462 from Privado-Inc/dev
Browse files Browse the repository at this point in the history 
Release PR
  • Loading branch information
@khemrajrathore
khemrajrathore authored May 24, 2024
2 parents 4c5958b + be9d556 commit 7edb59a
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 5 deletions.
6 changes: 6 additions & 0 deletions config/systemConfig/default.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,3 +13,9 @@ systemConfig:

- key: maxCharLimit
value: "1000"

- key: dataflowElementInPathLimit
value: "-1"

- key: dataflowSourceSinkPairPathLimit
value: "-1"
8 changes: 4 additions & 4 deletions rules/sinks/leakages/logs/java.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,25 +3,25 @@ sinks:
- id: Leakages.Log.Error
name: Log Error
patterns:
- "(?i)(?:org.slf4j.Logger|org.apache.logging.log4j|org.tinylog.Logger|ch.qos.logback|java.util.logging|timber.log.Timber|android.util.Log).*(?:wtf|error|severe|fatal|[.]e[:]).*"
- "(?i)(?:org.slf4j.Logger|org.apache.(logging.log4j|commons.logging.Log)|org.tinylog.Logger|ch.qos.logback|java.util.logging|timber.log.Timber|android.util.Log).*(?:wtf|error|severe|fatal|[.]e[:]).*"
tags:

- id: Leakages.Log.Warn
name: Log Warn
patterns:
- "(?i)(?:org.slf4j.Logger|org.apache.logging.log4j|org.tinylog.Logger|ch.qos.logback|java.util.logging|timber.log.Timber|android.util.Log).*(warn|warning|[.]w[:]).*"
- "(?i)(?:org.slf4j.Logger|org.apache.(logging.log4j|commons.logging.Log)|org.tinylog.Logger|ch.qos.logback|java.util.logging|timber.log.Timber|android.util.Log).*(warn|warning|[.]w[:]).*"
tags:

- id: Leakages.Log.Debug
name: Log Debug
patterns:
- "(?i)(?:org.slf4j.Logger|org.apache.logging.log4j|org.tinylog.Logger|ch.qos.logback|java.util.logging|timber.log.Timber|android.util.Log).*(debug|trace|[.](log|d|v|t)[:]).*"
- "(?i)(?:org.slf4j.Logger|org.apache.(logging.log4j|commons.logging.Log)|org.tinylog.Logger|ch.qos.logback|java.util.logging|timber.log.Timber|android.util.Log).*(debug|trace|[.](log|d|v|t)[:]).*"
tags:

- id: Leakages.Log.Info
name: Log Info
patterns:
- "(?i)(?:org.slf4j.Logger|org.apache.logging.log4j|org.tinylog.Logger|java.util.logging|ch.qos.logback|timber.log.Timber|android.util.Log).*(info|[.]i[:]).*"
- "(?i)(?:org.slf4j.Logger|org.apache.(logging.log4j|commons.logging.Log)|org.tinylog.Logger|java.util.logging|ch.qos.logback|timber.log.Timber|android.util.Log).*(info|[.]i[:]).*"
tags:

- id: Leakages.Log.Console
Expand Down
2 changes: 1 addition & 1 deletion rules/sources/purchase_data.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ sources:
isSensitive: False
sensitivity: medium
patterns:
- "(?i).*((order|shipping|billing|invoice|total)(subscription|charge|charged)?[^\\s/(;)#|,=!>]{0,5}(number|code|num|no|id|amount))"
- "(?i).*((order|shipping|billing|invoice|total[-_]?(subscription|charge|charged))[^\\s/(;)#|,=!>]{0,5}(number|code|num|no|id|amount))"
tags:
law: GDPR

Expand Down

0 comments on commit 7edb59a

Please sign in to comment.