1.5 KiB
1.5 KiB
Evidence Privacy Controls (Redaction Service)
Module
Scanner
Status
IMPLEMENTED
Description
Role-based evidence redaction with three levels: Full (no redaction for security_admin/evidence:full), Standard (redacts source code from reachability paths and call stack arguments/locals, keeps hashes and line ranges), and Minimal (strips reachability paths entirely, removes call stacks, reduces provenance to build ID/digest/verified flag, preserves VEX and EPSS public data). Supports field-level selective redaction (SourceCode, CallArguments flags). Determines redaction level from ClaimsPrincipal.
Implementation Details
- Redaction Service:
src/Scanner/__Libraries/StellaOps.Scanner.Evidence/Privacy/EvidenceRedactionService.cs- Core redaction service with role-based level determination from ClaimsPrincipalsrc/Scanner/__Libraries/StellaOps.Scanner.Evidence/Privacy/EvidenceRedactionLevel.cs- Redaction level enum (Full, Standard, Minimal)
E2E Test Plan
- Authenticate as
security_adminand verify Full redaction level returns all evidence fields - Authenticate as a standard user and verify Standard redaction level redacts source code and call stack arguments
- Authenticate with minimal permissions and verify Minimal redaction level strips reachability paths and call stacks
- Verify VEX and EPSS public data is preserved at all redaction levels
- Verify field-level selective redaction (SourceCode, CallArguments flags) works correctly
- Verify hash values and line ranges are preserved at Standard level