Deterge

⚠️ WARNING: Not production ready code, instead a Code Kata intended to hone my programming skills through practice and repetition.

ci workflow status sast workflow status language: go

Tool for sanitising data files of sensitive information through substitution with fake information.

Getting Started

Prepare

Begin by installing Go if you have not done so already.

You can test your install by calling the following command:

go version

Your version must be greater than or equal to the version defined in ./go.mod file.

Install, Verify, and Build

Install, verify, and build ./deterge binary.

nvm use && make

Help

Learn about the available commands in the help menu.

./deterge --help

See Commands section for more information.

Verification

Linting

make lint

These rules can then be automatically applied:

make format

Unit Testing

make test

Design

Repository Structure

Placeholder

Commands

Placeholder

Concepts

Internationalization

💡️ Perhaps using a package like nicksnyder/go-i18n. The currently selected language could be discovered from the environment, e.g. LANG=en_AU.UTF-8 for command line and Accept-Language header, e.g. Accept-Language: en-AU,en;q=0.9 for the web ui.

Security Mitigations

Initially based on the OWASP Top 10 – 2021.

A01:2021-Broken Access Control

Github Security detects secrets incorrectly committed into the repository.

A02:2021-Cryptographic Failures

Placeholder

A03:2021-Injection

Placeholder

A04:2021-Insecure Design

Placeholder

A05:2021-Security Misconfiguration

Placeholder

A06:2021-Vulnerable and Outdated Components

Snyk and Github Security scan Gradle and NPM dependencies for know vulnerabilities and create pull requests to resolve the vulnerabilities when available.

A07:2021-Identification and Authentication Failures

Placeholder

A08:2021-Software and Data Integrity Failures

Placeholder

A09:2021-Security Logging and Monitoring Failures

Placeholder

A10:2021-Server-Side Request Forgery

Placeholder

References

Placeholder

License

The MIT License is used by this project.

GitHub

View Github