Basics
This check is disabled by default.
Learn how to enable it via .credo.exs.
This check has a base priority of high and works with any version of Elixir.
Explanation
Attributes containing sensitive data should be marked with sensitive?: true.
This prevents them from being leaked in logs, error messages, and inspections.
attribute :password_hash, :string, sensitive?: trueThe sensitive_names param accepts atoms (exact name match) and regexes
(matched against the attribute name), e.g. [:ssn, ~r/_token$/].
Limitations
This check scans the source AST, so it only sees attributes written
literally in the attributes block. It cannot see attributes
contributed by Spark transformers or extensions - for example
AshAuthentication's :hashed_password - and so will not flag them
even when they are unmarked. It also only inspects the attribute
entity: belongs_to foreign keys cannot be marked sensitive?
directly (declare the column as an explicit attribute if you need
that), and timestamps are not sensitive data, so neither is flagged.
Check-Specific Parameters
Use the following parameters to configure this check:
:sensitive_names
Attribute names considered sensitive. Atom entries match exactly; Regex entries (e.g. ~r/_token$/) match against the attribute name.
This parameter defaults to [:password, :hashed_password, :password_hash, :password_digest, :token, :access_token, :secret, :client_secret, :totp_secret, :api_key, :private_key, :ssn].
General Parameters
Like with all checks, general params can be applied.
Parameters can be configured via the .credo.exs config file.