View Source Guiding Principles

Ensuring sensitive data is always handled with the proper care and precautions tends to be harder than it appears at first glance.

The approach taken by this library is that reducing risks is made easier by having a small set of simple rules to follow: it makes it easier to write safe code, and also facilitates reviewing code for implementations which may be unsafe.

Keep It Simple

At its heart, SensitiveData boils down to 2 guiding principles:

use SensitiveData.Wrapper.from/2 to get sensitive data into a wrapper: sensitive data shouldn't exist outside of SensitiveData.Wrapper wrappers
use SensitiveData.Wrapper.map/3 and SensitiveData.Wrapper.exec/3 to interact with wrapped sensitive data, so it's protected from inadvertent leaks from stack traces, crash dumps, and similar

Defaults Favor Safety

This library seeks to encourage safer generally-suitable coding practices by making developers opt-in to features that could leak sensitive data through inadvertence.

Don't Burden the Supply Chain

This library has no production dependencies and thus won't add to the containing code base's software supply chain beyond itself. This makes auditing easier, as there is no third-party code to review.

Closing Thoughts

Using this library in a project does by no means signify that sensitive data won't leak, nor does it mean developers no longer need to think critically about data handling: there may be additional mitigations you should consider. That said, this library does aim to make the cognitive load associated with handling sensitive data easier to bear by both the people writing code and those reviewing it.

← Previous Page Cheatsheet

Next Page → Data Leak Prevention