strip local variables in tracebacks
Project description
sensitive_variables - strip local variables in tracebacks
sensitive_variables
is a decorator you can apply to your functions to
prevent certain local variables from being read by debugging tools, such as the
Django crash reporter or Sentry.
Unlike Django's sensitive_variables
it is independent of the web framework
you use and also does not rely on debugging tools to know about the decorator
for things to work.
from sentry_sdk import init
from sensitive_variables import sensitive_variables
init()
@sensitive_variables('password')
def login_user(username, password):
print("Logging in " + username + " with " + password)
# TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'
login_user(None, "secret123")
results in:
How does it work?
When the decorated function throws an exception, sensitive_variables
walks through the traceback, removes sensitive data from frame.f_locals
and reraises the exception.
This is usually not problematic because a function that just threw an exception is unlikely to still use its local variables.
Why would I use this over Django's decorator?
Django has a decorator also called sensitive_variables
, which this package is inspired by. It adds an attribute to the function that contains the variable names.
Debugging tools have to know about this attribute and respect it. For anything outside of the Django world, this is unlikely to be the case.
This decorator will always work because it actually modifies your locals.
Why would I use this over Sentry's datascrubbing options?
-
This decorator does not couple your configuration for what is sensitive data to a specific crash reporting tool.
-
Datascrubbing is easily unit-testable (see
tests/
folder).
License
Licensed under the MIT, see LICENSE
.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for sensitive-variables-0.1.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | ad98b0749dbdbe368569e672b1b0440e87335acbfcc3636e95a47b8648e938e7 |
|
MD5 | 8732833c063b99e5e467bb46ca863673 |
|
BLAKE2b-256 | f08efda223c6d5bef295d60797da185cddbfb5b9258f0e678d66a3ddf1fd2af4 |
Hashes for sensitive_variables-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6065b1c00c499a19706e78d8b2b7c387ff1e39e71fcc589eebbe500b99984afd |
|
MD5 | 65a1ce221a4488c1931cefea7ee2661d |
|
BLAKE2b-256 | bf7dae6e94055f158df8a6322dc0acdeeb89bbf06829422119088fa9da1f529d |