miracum / fhir-pseudonymizer Goto Github PK
View Code? Open in Web Editor NEWA REST service to pseudonymize and anonymize FHIR® resources.
License: MIT License
A REST service to pseudonymize and anonymize FHIR® resources.
License: MIT License
Extending anonymization / pseudonymization to values which are part of Conditional References.
The most common example is probably identifier match urls, i.e. "reference": "Patient?identifier=http://fhir.test.de/sid/patient-id|123"
.
{
"resourceType": "Bundle",
"type": "transaction",
"entry": [
{
"resourceType": "Observation",
"subject": {
"reference": "Patient?identifier=http://fhir.test.de/sid/patient-id|123"
}
}]
}
"request": {
"method": "PUT",
"url": "Patient?identifier=http://fhir.test.de/sid/patient-id|123"
}
This can be achieved by adding an additional Regular expression in the ReferencyUtility class matching those Ids in conditional references.
Currently, only literal references are supported. I suggest treating conditional references as resource references, too (since they are both refering to a FHIR resource and are checked against supported resource types).
In addition, the feature which implicitly sets the domain name (if omitted in the settings) could also be extended.
The resource type can be parsed from both literal and conditional references.
I have tested these changes locally and will create a pull request to further discuss this proposal and review changes. I intend to only support identifier match urls for now, since those are - in my opinion - the most common use case.
System.Text.Json
-based FHIR parser and remove the option to unset itgPAS
was supported as a pseudonymization service, we've defaulted PseudonymizationService
to gPAS
. In the next version, this should be set to None
. Possibly log a warning/error if the anonymization.yaml uses a pseudonymize
method but no backend is defined at startup.gPAS__Version
setting, defaulting it to 2023 in the hopes that the published FHIR endpoint is now stable enough.Metrics.Enabled
and Metrics.Port
complex typeThe GPAS URL is not correctly interpreted if the tailing / is missing.
Expected behavior:
GPAS__URL: " ... /ttp-fhir/fhir/gpas/" has the same result as GPAS__URL: "/ttp-fhir/fhir/gpas"
Without the / the requests to GPAS leads to an 405 Operation not allowed
There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.
Error type: Cannot find preset's package (github>whitesource/merge-confidence:beta)
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
Duende.AccessTokenManagement
, FakeItEasy
, Grpc.Tools
, Hl7.Fhir.Base
, Hl7.Fhir.R4
, Microsoft.AspNetCore.Mvc.Testing
, Microsoft.Extensions.Http.Polly
, NBomber
, NBomber.Http
, OpenTelemetry
, OpenTelemetry.Exporter.OpenTelemetryProtocol
, OpenTelemetry.Extensions.Hosting
, OpenTelemetry.Instrumentation.AspNetCore
, OpenTelemetry.Instrumentation.Http
, Swashbuckle.AspNetCore
, Verify.Xunit
, YamlDotNet
, csharpier
, docker.io/bitnami/kubectl
, docker.io/jaegertracing/all-in-one
, docker.io/library/postgres
, dotnet-outdated-tool
, mcr.microsoft.com/dotnet/aspnet
, mcr.microsoft.com/dotnet/sdk
, quay.io/keycloak/keycloak
, xunit
, xunit.runner.visualstudio
)actions/checkout
, actions/download-artifact
, actions/upload-artifact
, docker/setup-buildx-action
, github/codeql-action
, helm/kind-action
, miracum/.github
, ossf/scorecard-action
)compose.dev.yaml
docker.io/jaegertracing/all-in-one 1.56@sha256:d2cd4c226624bdc116decd3106091b4df9882da8db42f8550293596cab79b8ea
docker.io/library/postgres 16.2@sha256:6b841c8f6a819884207402f1209a8116844365df15fca8cf556fc54a24c70800
ghcr.io/miracum/vfps v1.3.5@sha256:358427b400bd260000396aecb0d4a6f874d394ccb52c62897953493a2b8aac15
docker.io/mockserver/mockserver 5.15.0@sha256:0f9ef78c94894ac3e70135d156193b25e23872575d58e2228344964273b4af6b
quay.io/keycloak/keycloak 24.0.2@sha256:b8a3f00fc433f2999bc304b73df331e2005037e8f5673f644f9c0eacd5fbe048
compose/compose.yaml
Dockerfile
mcr.microsoft.com/dotnet/aspnet 8.0.3-jammy-chiseled@sha256:39f85ed7906df32eef6798d7d50ff54564248cfa9ef8581219f4351fcfa09a4c
mcr.microsoft.com/dotnet/sdk 8.0.203-jammy@sha256:c2c75cb385be90e8ade1dbe44cbb5a6195b7dbbe3386772da8b17fd0277a3d5f
docker.io/bitnami/kubectl 1.29.3@sha256:030eecfae01810d0b0930a809532159554e4e263fd38afcefb5ee45bd014b75e
.github/workflows/chaos.yaml
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
docker/setup-buildx-action v3.2.0@2b51285047da1547ffb1b2203d8be4c0af6b1f20
arduino/setup-task v2.0.0@b91d5d2c96a56797b48ac1e0e89220bf64044611
actions/upload-artifact v4.3.1@5d5d22a31266ced268874388b861e4b58bb5c2f3
ubuntu 22.04
.github/workflows/ci.yaml
miracum/.github v1.6.3@8a89b76b8bbac0f2cbaa730ccae1f82d67beedea
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
actions/download-artifact v4.1.4@c850b930e6ba138125429b7e5c93fc707a7f8427
actions/download-artifact v4.1.4@c850b930e6ba138125429b7e5c93fc707a7f8427
irongut/CodeCoverageSummary v1.3.0@51cc3a756ddcd398d447c044c02cb6aa83fdae95
marocchino/sticky-pull-request-comment v2.9.0@331f8f5b4215f0445d3c07b4967662a32a2d3e31
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
helm/kind-action v1.9.0@99576bfa6ddf9a8e612d83b513da5a75875caced
actions/download-artifact v4.1.4@c850b930e6ba138125429b7e5c93fc707a7f8427
marocchino/sticky-pull-request-comment v2.9.0@331f8f5b4215f0445d3c07b4967662a32a2d3e31
actions/upload-artifact v4.3.1@5d5d22a31266ced268874388b861e4b58bb5c2f3
actions/upload-artifact v4.3.1@5d5d22a31266ced268874388b861e4b58bb5c2f3
miracum/.github v1.6.3@8a89b76b8bbac0f2cbaa730ccae1f82d67beedea
miracum/.github v1.6.3@8a89b76b8bbac0f2cbaa730ccae1f82d67beedea
ubuntu 22.04
ubuntu 22.04
.github/workflows/lint-pr-title.yaml
amannn/action-semantic-pull-request v5@e9fabac35e210fea40ca5b14c0da95a099eff26f
ubuntu 22.04
.github/workflows/schedule.yaml
miracum/.github v1.6.3@8a89b76b8bbac0f2cbaa730ccae1f82d67beedea
.github/workflows/scorecards.yaml
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
ossf/scorecard-action v2.3.1@0864cf19026789058feabb7e87baa5f140aac736
actions/upload-artifact v4.3.1@5d5d22a31266ced268874388b861e4b58bb5c2f3
github/codeql-action v3.24.9@1b1aada464948af03b950897e5eb522f92603cc2
.config/dotnet-tools.json
csharpier 0.27.3
dotnet-outdated-tool 4.6.0
src/FhirPseudonymizer.StressTests/FhirPseudonymizer.StressTests.csproj
FluentAssertions 6.12.0
NBomber 5.5.0
xunit.runner.visualstudio 2.5.7
xunit 2.7.0
NBomber.Http 5.0.1
Microsoft.NET.Test.Sdk 17.9.0
Microsoft.AspNetCore.Mvc.Testing 8.0.3
src/FhirPseudonymizer.Tests/FhirPseudonymizer.Tests.csproj
coverlet.collector 6.0.2
xunit.runner.visualstudio 2.5.7
xunit 2.7.0
Verify.Xunit 23.7.1
Microsoft.NET.Test.Sdk 17.9.0
Microsoft.AspNetCore.Mvc.Testing 8.0.3
FluentAssertions 6.12.0
FakeItEasy 8.1.0
coverlet.msbuild 6.0.2
src/FhirPseudonymizer/FhirPseudonymizer.csproj
YamlDotNet 15.1.2
OpenTelemetry.Instrumentation.AspNetCore 1.8.0
OpenTelemetry.Instrumentation.Http 1.8.0
OpenTelemetry.Instrumentation.GrpcNetClient 1.6.0-beta.3
OpenTelemetry.Extensions.Hosting 1.8.0
OpenTelemetry.Exporter.OpenTelemetryProtocol 1.8.0
OpenTelemetry.Exporter.Jaeger 1.5.1
OpenTelemetry 1.8.0
Newtonsoft.Json 13.0.3
MathNet.Numerics 5.0.0
Ensure.That 10.1.0
Microsoft.Extensions.Http.Polly 8.0.3
Swashbuckle.AspNetCore 6.5.0
Semver 3.0.0-beta.1
prometheus-net.AspNetCore.HealthChecks 8.2.1
prometheus-net.AspNetCore.Grpc 8.2.1
prometheus-net 8.2.1
prometheus-net.AspNetCore 8.2.1
Hl7.Fhir.Base 5.7.0
Hl7.Fhir.R4 5.7.0
Grpc.Tools 2.62.0
Grpc.Net.ClientFactory 2.62.0
Grpc.Net.Client 2.62.0
Google.Protobuf 3.26.1
FhirParametersGenerator 0.5.0
AspNetCore.Authentication.ApiKey 8.0.1
Duende.AccessTokenManagement 2.1.1
There's a special case when using the cryptoHash
method on literal references nodes:
There is a special case when crypto hashing a literal reference element. The tool captures and transforms only the id part from a reference, for example, reference Patient/123 will be hashed to Patient/a3c024f01cccb3b63457d848b0d2f89c1f744a3d. In this way, you can easily resolve references across anonymized FHIR resources.
However, this only covers reference string nodes. I would propose extending this feature to reference uri nodes like Bundle.request.url
.
This would serve the same purpose (i.e. targeting resource ids). The gPAS pseudonymization processor which provides the same feature (for pseudonymization), already covers handling uri nodes. In my opinion, this feature is incomplete without handling those, as well.
@chgl What do you think?
https://simplifier.net/guide/ttp-fhir-gateway-ig/pseudonymizeAllowCreate
Afaik, the following changes were made in gPAS TTP GW:
and maybe more...
have tried to reserve memory: 4g, unfortunately it doesn't work. Has anyone such problem?
master
branch failed. 🚨I recommend you give this issue a high priority, so other packages depending on you can benefit from your bug fixes and new features again.
You can find below the list of errors reported by semantic-release. Each one of them has to be resolved in order to automatically publish your package. I’m sure you can fix this 💪.
Errors are usually caused by a misconfiguration or an authentication problem. With each error reported below you will find explanation and guidance to help you to resolve it.
Once all the errors are resolved, semantic-release will release your package the next time you push a commit to the master
branch. You can also manually restart the failed CI job that runs semantic-release.
If you are not sure how to resolve this, here are some links that can help you:
If those don’t help, or if this issue is reporting something you think isn’t right, you can always ask the humans behind semantic-release.
semantic-release cannot push the version tag to the branch master
on the remote Git repository with URL https://x-access-token:[secure]@github.com/miracum/fhir-pseudonymizer
.
This can be caused by:
Good luck with your project ✨
Your semantic-release bot 📦🚀
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.