Use audited fork that allows reading encrypted attrs #1357
Merged
Commits on May 29, 2024
-
Use audited fork that allows reading encrypted attrs
Audited automatically replaces entries in the `audited_changes` field on audits with `[FILTERED]` for attributes that are encrypted. This is designed to prevent leaking of sensitive information in `audited_changes` which is an unencrypted field. The downside to this is that the `audited_changes` field now provides less information about what the audit actually changed. To solve this, collectiveidea/audited#694 adds additional configuration attributes: - `Audited.filter_encrypted_attributes = false` disables the automatic replacement with `[FILTERED]` - `Audited.encrypt_audited_changes = true` encrypts the actual entire `audited_changes` field, ensuring that sensitive information isn't leaked See: - collectiveidea/audited#690 - collectiveidea/audited#694
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.