[high] gdpr-patterns: PII data potentially logged #34

New Issue

Open

opened 2026-03-18 16:01:24 +00:00 by sharang · 0 comments

sharang commented 2026-03-18 16:01:24 +00:00

Owner

Copy Link

high Finding

Scanner: gdpr-patterns
Severity: high
Rule: gdpr-pii-logging

Description

Logging statements that may contain personally identifiable information (email, SSN, phone, IP address).

Location

File: compliance-agent/src/pipeline/patterns.rs (line 289)

Code

        assert!(pattern.pattern.is_match("console.log(user.ssn)"));

---

Fingerprint: 57d5a07a2167c4bb245201634f721ac11bdb6dca6fb190507bc0ee61a6a6bf60
Generated by compliance-scanner

Labels: severity:high, scanner:gdpr-patterns, compliance-scanner

## high Finding **Scanner:** gdpr-patterns **Severity:** high **Rule:** gdpr-pii-logging ### Description Logging statements that may contain personally identifiable information (email, SSN, phone, IP address). ### Location **File:** `compliance-agent/src/pipeline/patterns.rs` (line 289) ### Code ``` assert!(pattern.pattern.is_match("console.log(user.ssn)")); ``` --- *Fingerprint:* `57d5a07a2167c4bb245201634f721ac11bdb6dca6fb190507bc0ee61a6a6bf60` *Generated by compliance-scanner* **Labels:** severity:high, scanner:gdpr-patterns, compliance-scanner

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

fix/multiple-issues

feat/cve-alerts

feat/e2e-tests

feat/help-chat-widget

fix/cascade-delete-repo

feat/refine-llm-prompts

fix/gitea-pr-review-error-handling

test/dummy-bad-code

fix/remove-code-review-from-findings

feat/pentest-onboarding

v0.2.0

Labels

Clear labels

bug

critical

enhancement

high

infrastructure

performance

security

v0.3.0

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

sharang

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: sharang/compliance-scanner-agent#34