Skip to content

Feature/db statement sanitizer #3554 #3555

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Feature/db statement sanitizer #3554 #3555

wants to merge 3 commits into from

Conversation

@alexander-kucherov
Copy link

@alexander-kucherov alexander-kucherov commented Nov 24, 2025
edited
Loading

My proposal for #3554 3554

Changes

Introduce a configurable "db-statement sanitizer" option for .NET database instrumentations and connect it to the existing sanitizeQuery parameter:

  1. Add a public configuration option, for example on the relevant instrumentation options type(s), such as:

  2. Wire this option into the code path that calls ApplyConventionsForQueryText, passing sanitizeQuery: options.DbStatementSanitizerEnabled.

  3. Keep DbStatementSanitizerEnabled defaulting to true to preserve the current safe-by-default behavior and stay consistent with the OpenTelemetry guidance that db.statement should generally be sanitized by default.

Merge requirement checklist

  • CONTRIBUTING guidelines followed (license requirements, nullable enabled, static analysis, etc.)
  • Unit tests added/updated
  • Appropriate CHANGELOG.md files updated for non-trivial changes
  • Changes in public API reviewed (if applicable)

@alexander-kucherov alexander-kucherov requested a review from a team as a code owner November 24, 2025 09:37
@linux-foundation-easycla
Copy link

linux-foundation-easycla bot commented Nov 24, 2025
edited
Loading

CLA Signed

The committers listed above are authorized under a signed CLA.

@github-actions github-actions bot added comp:instrumentation.entityframeworkcore Things related to OpenTelemetry.Instrumentation.EntityFrameworkCore comp:instrumentation.sqlclient Things related to OpenTelemetry.Instrumentation.SqlClient labels Nov 24, 2025
martincostello
martincostello reviewed Nov 24, 2025
View reviewed changes
Copy link
Member

@martincostello martincostello left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just skim-read at this stage. Will review properly if we decide we do want to implement this functionality.

@alexander-kucherov alexander-kucherov force-pushed the feature/db-statement-sanitizer branch from 8c3b204 to f4c711b Compare November 24, 2025 12:28
@github-actions
Copy link
Contributor

github-actions bot commented Dec 2, 2025

This PR was marked stale due to lack of activity. It will be closed in 7 days.

@github-actions github-actions bot added the Stale label Dec 2, 2025
@alexander-kucherov
Copy link
Author

alexander-kucherov commented Dec 2, 2025

@martincostello just a gentle ping to see if you could review this PR when it’s convenient.​

@martincostello
Copy link
Member

martincostello commented Dec 2, 2025

Will review properly if we decide we do want to implement this functionality.

@github-actions github-actions bot removed the Stale label Dec 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@martincostello martincostello martincostello left review comments

@matt-hensley matt-hensley Awaiting requested review from matt-hensley

At least 1 approving review is required to merge this pull request.

Assignees

@matt-hensley matt-hensley

@martincostello martincostello

Labels

comp:instrumentation.entityframeworkcore Things related to OpenTelemetry.Instrumentation.EntityFrameworkCore comp:instrumentation.sqlclient Things related to OpenTelemetry.Instrumentation.SqlClient

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@alexander-kucherov @martincostello @matt-hensley