[TT-11125] Add trace_id to traffic logs #899

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed

lghiur wants to merge 1 commit into master from TT-11125-traffic-logs-trace-id

Closed

[TT-11125] Add trace_id to traffic logs #899

[TT-11125] Add trace_id to traffic logs

probelabs / Visor: security succeeded Oct 2, 2025 in 4m 47s

✅ Check Passed

security check completed successfully with no issues found.

Details

📊 Summary

Total Issues: 1

🐛 Issues by Category

🔐 Security (1)

ℹ️ analytics/analytics.go:78 - The TraceID field is added to the AnalyticsRecord struct and populated from an external source (Redis). While existing data sinks like GORM prevent SQL injection, the raw TraceID is not validated for format or content. As a defense-in-depth measure, it's best practice to validate all external input upon receipt.

Generated by Visor - AI-powered code review

Annotations

Check notice on line 78 in analytics/analytics.go

probelabs / Visor: security

security Issue

The `TraceID` field is added to the `AnalyticsRecord` struct and populated from an external source (Redis). While existing data sinks like GORM prevent SQL injection, the raw `TraceID` is not validated for format or content. As a defense-in-depth measure, it's best practice to validate all external input upon receipt.

Raw output


            Consider adding validation to ensure the `TraceID` conforms to the expected OpenTelemetry format (e.g., a 32-character hexadecimal string) when the `AnalyticsRecord` is created. This would prevent malformed data from propagating through the system and provide an early defense against potential injection attacks in other consumers of this data that may not be as secure as GORM.

View more details on probelabs