From 7ae25f8510e7b8ff4676d79476f44a969f3d672e Mon Sep 17 00:00:00 2001 From: Joseph Doherty Date: Mon, 1 Jun 2026 12:13:05 -0400 Subject: [PATCH] Re-stamp Telemetry-002/003 resolutions: nested redaction implemented in 05cc62a Telemetry-002 was first resolved by documenting the scalar-only limitation; it is now implemented (recursive nested redaction). Updated the two resolution notes to record 05cc62a and the replaced limitation test, preserving the audit trail. README unchanged (still 0 pending / 35 total). --- code-reviews/Telemetry/findings.md | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/code-reviews/Telemetry/findings.md b/code-reviews/Telemetry/findings.md index 88dfbe3..7d7311e 100644 --- a/code-reviews/Telemetry/findings.md +++ b/code-reviews/Telemetry/findings.md @@ -131,10 +131,15 @@ payloads are scrubbed when they are not. **Resolution** -Resolved in `544a6dd`, 2026-06-01 — documented the seam's reach (scalar top-level properties -only; structured values exposed as their raw Serilog wrapper, redactable whole-property only) on -the `ILogRedactor` XML doc, the shared contract, and the README; pinned by a destructured-object -test. Nested-field redaction was deliberately not implemented (too invasive for v0.1.0). +Resolved in `544a6dd`, 2026-06-01 (documented the scalar-only limitation), then **superseded by +`05cc62a`, 2026-06-01 — nested redaction implemented.** `RedactionEnricher` now projects each +structured value into a mutable nested view the redactor descends into recursively +(`StructureValue` → `IDictionary`, `SequenceValue` → `IList`, +`DictionaryValue` → `IDictionary`), so a field nested inside a `{@Object}` can be +masked or removed. The Project/Rebuild round-trip preserves `StructureValue.TypeTag` and original +dictionary keys, and a structural `ValueEquals` skips write-back for properties the redactor left +untouched (no reallocation; scalar fast path retained). The earlier documented-limitation wording on +the `ILogRedactor` XML doc, shared contract, and README was replaced to document the recursive reach. ### Telemetry-003 — No tests for redactor removal or structured-value redaction @@ -163,9 +168,12 @@ takes). These should fail today and pin the fixes. **Resolution** -Resolved in `544a6dd`, 2026-06-01 — added `Removing_redactor_scrubs_the_property_from_the_event` -(red→green for Telemetry-001) and `Redactor_cannot_reach_a_field_inside_a_destructured_object` -(pins the documented Telemetry-002 limitation), plus a Resource-attribute parity test. +Resolved in `544a6dd`, 2026-06-01, then extended in `05cc62a` — added +`Removing_redactor_scrubs_the_property_from_the_event` (red→green for Telemetry-001), a +Resource-attribute parity test, and (for the Telemetry-002 implementation) a nested-reach suite: +mask and remove a field inside a destructured `{@Object}`, mask a sequence element, mask a +dictionary value, mask a field two levels deep, and an untouched-structure-survives check. The +earlier `Redactor_cannot_reach_a_field_inside_a_destructured_object` limitation test was replaced. ### Telemetry-004 — `service.instance.id` Resource attribute is undocumented in spec and contract