chore: redact the username when scrubbing logs (#327)

Author: PeterSchafer

pkg/logging/scrubbingLogWriter.go

@@ -19,6 +19,7 @@ package logging
 import (
 	"fmt"
 	"io"
+	"os/user"
 	"regexp"
 	"strings"
 	"sync"
@@ -188,6 +189,13 @@ func addMandatoryMasking(dict ScrubbingDict) ScrubbingDict {
 		groupToRedact: 2,
 		regex:         regexp.MustCompile(s),
 	}
+
+	u, err := user.Current()
+	if err == nil {
+		s = fmt.Sprintf(`\b%s\b`, regexp.QuoteMeta(u.Username))
+		addTermToDict(s, 0, dict)
+	}
+
 	return dict
 }
 

pkg/logging/scrubbingLogWriter_test.go

@@ -19,6 +19,7 @@ package logging
 import (
 	"bytes"
 	"fmt"
+	"os/user"
 	"regexp"
 	"testing"
 
@@ -194,6 +195,8 @@ func TestScrubFunction(t *testing.T) {
 
 func TestAddDefaults(t *testing.T) {
 	dict := addMandatoryMasking(ScrubbingDict{})
+	u, uErr := user.Current()
+	assert.NoError(t, uErr)
 
 	tests := []struct {
 		name     string
@@ -255,6 +258,11 @@ func TestAddDefaults(t *testing.T) {
 			input:    "SNYK_TOKEN=01234567-0123-0123-0123-012345678901",
 			expected: "SNYK_TOKEN=***",
 		},
+		{
+			name:     "username",
+			input:    fmt.Sprintf("User %s.%s is repeatedly mentioned, but not partially.", u.Username, u.Username),
+			expected: fmt.Sprintf("User %s.%s is repeatedly mentioned, but not partially.", redactMask, redactMask),
+		},
 	}
 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {