feat: allow to specify obfuscation salt string#726
Conversation
PR Compliance Guide 🔍Below is a summary of compliance checks for this PR:
Compliance status legend🟢 - Fully Compliant🟡 - Partial Compliant 🔴 - Not Compliant ⚪ - Requires Further Human Verification 🏷️ - Compliance label |
||||||||||||||||||
PR Code Suggestions ✨Explore these optional code suggestions:
|
|||||||||||||||
|
Which problem is this change trying to solve? Right now the salt is generated internally using Giving control to users over the source of randomness may result in weak salt. |
|
Because if the container is restarted for any reason, a new salt is generated, making all previous obfuscated IDs unresolvable. |
|
This is a good point, perhaps an existing salt can simply survive container restarts? In entrypoint.sh: Which is why Even better, an existing salt can survive as long as the database of results survives? |
|
The rest of the settings are configured as environment variables, so I implemented this change the same way. |
Co-authored-by: qodo-merge-for-open-source[bot] <189517486+qodo-merge-for-open-source[bot]@users.noreply.github.com>
|
This change is misguided as explained above. Disappointed it has been merged. |
PR Type
Enhancement
Description
Allow users to specify custom obfuscation salt for test ID obfuscation
Add environment variable
OBFUSCATION_SALTto configure salt stringGenerate PHP configuration file with custom salt when specified
Document new environment variable with format requirements
Diagram Walkthrough
File Walkthrough
entrypoint.sh
Add custom obfuscation salt configuration generationdocker/entrypoint.sh
OBFUSCATION_SALTenvironment variableidObfuscation_salt.phpwith customsalt when provided
doc_docker.md
Document OBFUSCATION_SALT environment variabledoc_docker.md
OBFUSCATION_SALTenvironment variable0x1234abcd)