Skip to main content
Source: Al0088SensitiveDataInAttributeAnalyzer.cs

Description

Span attributes should not contain sensitive data such as passwords, API keys, tokens, or connection strings. Telemetry data is typically stored with fewer access controls than secrets.

Bad Code

activity?.SetTag("auth.token", bearerToken);
activity?.SetTag("db.connection_string", connString);

Good Code

activity?.SetTag("auth.type", "bearer");
activity?.SetTag("db.system", "postgresql");

Properties

  • Category: OpenTelemetry
  • Severity: Warning
  • Enabled by default: True
  • Code fix available: False

Configuration

dotnet_diagnostic.AL0088.severity = warning