Add Sensitive Customer Data to Repo (!4) · Merge requests · Developer Advocacy at GitLab / tutorials / Security and Governance / DevSecOps / Secret Scanning / PII Data Ruleset

You need to sign in or sign up before continuing.

Adds sensitive customer data to the repository which should be detected by our PII ruleset.

This change adds a new section called "customers" to the customer-data.yml file. It includes personal information for three users (test_user, justin_case, and chris_p_bacon), storing their phone numbers, emails, and passport numbers. This adds sensitive personal information to a configuration file, which should raise vulnerabilities due to our implementation of the pii-data rulesets.

test_user items should be ignored since they are on the allow-list. vulnerability severity is critical unless overwritten in the ruleset.

Add Sensitive Customer Data to Repo

Merge request reports