[high] gdpr-patterns: PII data potentially logged #35

New Issue

Open

opened 2026-03-18 16:01:24 +00:00 by sharang · 0 comments

sharang commented 2026-03-18 16:01:24 +00:00

Owner

Copy Link

high Finding

Scanner: gdpr-patterns
Severity: high
Rule: gdpr-pii-logging

Description

Logging statements that may contain personally identifiable information (email, SSN, phone, IP address).

Location

File: compliance-agent/src/pipeline/patterns.rs (line 290)

Code

        assert!(pattern.pattern.is_match("print(phone_number)"));

---

Fingerprint: 08ebc250273589d4c4eeaf773486650b4f6a4ef1a54fa9cbf1444f4b2e31e018
Generated by compliance-scanner

Labels: severity:high, scanner:gdpr-patterns, compliance-scanner

## high Finding **Scanner:** gdpr-patterns **Severity:** high **Rule:** gdpr-pii-logging ### Description Logging statements that may contain personally identifiable information (email, SSN, phone, IP address). ### Location **File:** `compliance-agent/src/pipeline/patterns.rs` (line 290) ### Code ``` assert!(pattern.pattern.is_match("print(phone_number)")); ``` --- *Fingerprint:* `08ebc250273589d4c4eeaf773486650b4f6a4ef1a54fa9cbf1444f4b2e31e018` *Generated by compliance-scanner* **Labels:** severity:high, scanner:gdpr-patterns, compliance-scanner

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

fix/multiple-issues

feat/cve-alerts

feat/e2e-tests

feat/help-chat-widget

fix/cascade-delete-repo

feat/refine-llm-prompts

fix/gitea-pr-review-error-handling

test/dummy-bad-code

fix/remove-code-review-from-findings

feat/pentest-onboarding

v0.2.0

Labels

Clear labels

bug

critical

enhancement

high

infrastructure

performance

security

v0.3.0

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

sharang

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: sharang/compliance-scanner-agent#35