Skip to content

[resource_detectors] implementation of a scrub for sanitisation of sensitive data of process.command_argsΒ #3628

New issue
New issue
Open
Open
[resource_detectors] implementation of a scrub for sanitisation of sensitive data of process.command_args#3628
Assignees
nikhilbhatia08
Labels
triage/acceptedIndicates an issue or PR is ready to be actively worked on.
@nikhilbhatia08

Description

@nikhilbhatia08
nikhilbhatia08
opened on Sep 6, 2025

As per the semconv we need to sanitize sensitive information of process.command_args and process.command_line. So one strategy could be that we could give user the control of doing that by giving the user to provide a list of args that the user wants to be scrubbed or hidden.

For example the command_args are : ["--PASS=some_value", "--ARG2=some_val", "--SECRET_KEY=secret"]

Then the user can provide a list what needs to be scrubbed: {"PASS", "SECRET_KEY"}

Then the user would get a list of : ["--PASS=*", "--ARG2=some_val", "--SECRET_KEY="]

How is this idea?

Metadata

Metadata

Assignees

Labels

triage/acceptedIndicates an issue or PR is ready to be actively worked on.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions