Add Sensitive Customer Data to Repo (!4) · Merge requests · Developer Advocacy at GitLab / tutorials / Security and Governance / DevSecOps / Secret Scanning / PII Data Ruleset

Adds sensitive customer data to the repository which should be detected by our PII ruleset.

This change adds a new section called "customers" to the customer-data.yml file. It includes personal information for three users (test_user, justin_case, and chris_p_bacon), storing their phone numbers, emails, and passport numbers. This adds sensitive personal information to a configuration file, which should raise vulnerabilities due to our implementation of the pii-data rulesets.

test_user items should be ignored since they are on the allow-list. vulnerability severity is critical unless overwritten in the ruleset.

Add Sensitive Customer Data to Repo

Merge request reports