The New Data Protection Features of .NET 8 (GDPR)

Рет қаралды 51,451

Күн бұрын

Пікірлер: 70

@vincentverweij1053 Жыл бұрын

Happy that you covered the StarRedactor as well. Simply removing the data looked a bit odd, as if the user did not provide anything. So, having something like that StarRedactor at least shows that some input was given. Great video, thanks for it!

@antonmartyniuk Жыл бұрын

We definetely need some benchmarks here to see the performance comparing to non redacted logging and comparison to Serilog as well

@Simnico99 Жыл бұрын

As someone who use Serilog heavily. I find it very nice to see that the built in logger is starting to become more and more and alternative as it as more and more features and it is very nice that they use span everywhere and make it efficient as logging can really slow down an application espicially if you have alot of logs.

@nocgod Жыл бұрын

I'd love to see some benchmarks for msft logging + redaction vs. serilog direct interface with redactor and serilog through microsoft logging interface including redactor.

@alexandernava9275 Жыл бұрын

With the new code injection/generating, can we now extract the logging logic out of the classes, and specify where it should be added from outside the classes?

@alexandernava9275 Жыл бұрын

I think you did a video around this, and single responsability. Where there is a library that will, from what I remember, intercept the method call and log before calling/after calling it.

@robl39 Жыл бұрын

At first glance the Redactor api seems odd to me. Why does the Redact method return a length and what is the purpose of the GetRedactedLength method? Why isn’t there just the one Redact method?

@metaltyphoon Жыл бұрын

Possibly to create a buffer on the stack before the modification happens, so it will be faster and use less memory.

@rafalmzyk3679 Жыл бұрын

The reason for that is to allow redactor caller to provide buffer of specific size and make redactor implementation allocation free. GetRedactedLength should be called to obtain required size buffer for given redactor ( it depends on the hashing algorithm ). Then int is returned from redact method, so that caller know how mamy chars were really written.

@MatinDevs Жыл бұрын

"This random number" in 10:42 is the biggest lie you've ever said in your life

@AlexanderBelikov Жыл бұрын

Biggest challenge I see is adding attributes on models. It's convenient but now models have bits required for logging. I wish there was an easy way to set it up aside leaving models clean.

@michaelrall8142 Жыл бұрын

agreed, some fluent stuff like ef core would be nice

@cgeorgescu72 Жыл бұрын

@@michaelrall8142 Logger.LogInformation("Customer created").WithoutSensitiveInfo().LeaveEmailVisible().ButNotTheUsername().OrMaybeTheUsernameButCertainlyNotThePassword().Please()

@rafalmzyk3679 Жыл бұрын

You can annotate the model directly in the generated logging method parameter, then your object remains clean. At the other point of view, we decided to have data directly annotated, since the sensitivness is attached to data itself. If you add one more flow, and forget about which parts of your data was sensitive you may leak it. A lot of tradeoffs we made in the design were towards safety/not leaking data/performance.

@Astral100 9 ай бұрын

That was great video, thanks!

@lordicemaniac Жыл бұрын

if you use nlog and add @ before parameter in logging message (customer created {@customer}), it will get deconstructed even if its class, not sure if this works in other loggers

@aweklin Жыл бұрын

Great video Nick, thanks a million,

@soulsearchingsun83 Жыл бұрын

What about using @ to deconstruct objects?

@nickchapsas Жыл бұрын

Pretty sure this is a serilog feature that the built in provider doesn’t support by default

@soulsearchingsun83 Жыл бұрын

@@nickchapsasMakes sense, thanks!

@atomicazure Жыл бұрын

I'm happy you made this video.

@Cristian-ek7xy Жыл бұрын

What can we do if we are stuck in .net 6? I would love to have that expand object feature in .net 6

@Termit2009 11 ай бұрын

Thank you for the video! But this doesn't make an application automatically GDPR compliant. It is just masking data, but the real thing is not to process personal data if they are not needed and store them in separate protected store

@zirkzirk1512 10 ай бұрын

Good video! My social security number is leaked every quarter! Hopefully the IT world learns a thing or two.

@noelfrancisco5778 10 ай бұрын

Is it possible to combine LoggerMessage with Serilog? thanks.

@stevehumby386 10 ай бұрын

Hi Nick. I purchased the Modular Monoliths Geting Started and Deep Dive courses separately but didn't realise there came as a bundle. Any chance you could re-embuse the difference off my next course please? Ta

@nickchapsas 10 ай бұрын

Email me at contact@dometrain.com

@paulmdevenney Жыл бұрын

Genuine question. Is there still a need for a tool like serilog now? Every additional package adds complexity to the solution, and it would be nice if the "OOB" tools did the job.

@DemoBytom Жыл бұрын

Probably still is, for it's sinks and integration with 3rd party services. But I would not use serilog directly, but through Microsoft's ILogger abstraction.

@paulmdevenney Жыл бұрын

@@DemoBytomAye - I always use the MS ILogger . I wonder now though, when my main target is Azure Insights, whether its time to stop hooking up Serilog.

@modernkennnern Жыл бұрын

Using Serilog and OTel together is currently very awkward, so a new project I'm on I've currently decided to not use Serilog.

@javiergarciadelanoceda7708 Жыл бұрын

Really nice! We implemented a solution that was heavy reflection based. Could we just plug this with system.Text.Json serializer?

@Alibek11221 10 ай бұрын

Hi! It would be fantastic if you would give us a repo with your .editorconfig file or some other code style sniffer config using your prefered choices

@tHesTx-ytb Жыл бұрын

Can this be used for saving to database? Is there a way of return full data saved like this in db?

@stephen6605 8 ай бұрын

You can use encrypted columns so it will be encrypted on the db level. If I understood you correct

@romanhrytskiv6280 Жыл бұрын

That is useful!

@rasmuskarlsson5741 Жыл бұрын

I have a hard time understanding why you would ever log anything more than the unique identifier for the object. Anyone can fill me in with a usercase?

@rafalmzyk3679 Жыл бұрын

ID can be understood as sensitive data, since in case of data breach it allows to correlate userId with its data.

@fotofoxes2255 10 ай бұрын

Distributed transactions were invented many years ago just to solve this problem. This crap basically making the worst thing possible: it creates another queue out of a database table, and makes it pump messages to the next queue.

@starbuck3980 10 ай бұрын

Dont understand the video, and what is the problem with the data compliance, dont understand why need to add * to the passwords besides when an user logins, that already happens by default using asp net core identity.

@Widzion Жыл бұрын

awesome!

@moofymoo Жыл бұрын

frack thgat GDPR sideways around telegraph line pole. GDPR is not about protecting your data, it's about allowing only big tech to collect and sell customer data.

@dotnetdevni Жыл бұрын

its sad one of dotnets most prominent voices not even using visual studio

@jendrikoltmanns1017 Жыл бұрын

Thanks for the video : ) Unfortunately this feature seems to me overly complicated and breaking cohesion. What about overriding toString() method and returning Json Format without the "critical" properties? For the encryption we can have two presentation of a domain object: DecryptedCustomer and EncryptedCustomer. DecryptedCustomer will have the custom toString() method and will be converted to EncryptedCustomer by domain service.

@sacalbal Жыл бұрын

This is what I called overcomplicated. In the end in the video, after initial setup, all you have to do is add attributes to specific fields. It remains readable.

@surendrapratap24 Жыл бұрын

Please create video on .NET 8 with JWT using refresh Token

@tedchirvasiu Жыл бұрын

hellovrybody

@Arni2_gaming Жыл бұрын

69 as “random number”…. Naughty 😊

@Vietnamkid1993 Жыл бұрын

If only it was supported in .NET 6 too

@mouradaissani8957 Жыл бұрын

very nice

@karenpayne222 5 ай бұрын

Built and run, nothing masked

@utubekade Жыл бұрын

not sure why, but getting drunk vibes form nick there

@nickchapsas Жыл бұрын

I was sick with a cold when I recorded 🥲

@kiiOni Жыл бұрын

I would love to see a hint in the title what the video covers in the .NET world. I‘m mostly doing UI with WPF and am a bit disappointed when I see web related code after a few seconds in.

@volan4ik. Жыл бұрын

You represent minority of .NET developers that use new .NET (Core), so I guess it's okay to omit the details. Most desktop projects are still on .NET Framework

@mariocamspam72 Жыл бұрын

@volan4ik. Indeed, sad reality. Winforms + egyptian pyramid-era framework version still are prevalent

@nickchapsas Жыл бұрын

Any .NET app can use the ILogger interface so it’s very much applicable to every type of app including WPF

@kiiOni Жыл бұрын

True. See, I didn‘t even saw it‘s about ILogger, because I saw web related stuff in the first place and moved on. So just a little suggestion on how you could improve for choosing a title, from my side. Putting .NET for general, ASP/Web or UI/WPF/WinForms at the end of the title.

@modernkennnern Жыл бұрын

@@kiiOnihe more or less always uses AspNetCore to illustrate something as it's the easiest thing to test, with postman etc.., and it's what most dotnet developers are using dotnet for (... I believe)