fix: remove annotated models from safelist and annotate openedx models on PII#38712
Conversation
Akanshu-2u
changed the title
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds/standardizes PII annotation markers on several Django models and refreshes the repository annotation safelist to reflect current coverage.
Changes:
- Add
.. no_pii:markers to multiple models’ docstrings. - Add explicit
.. pii,.. pii_types, and.. pii_retirementmetadata to models storing Apple identifiers and employee email addresses. - Update
.annotation_safe_list.ymlby removing older entries and adding a larger set of non-local/generated models.
Reviewed changes
Copilot reviewed 5 out of 6 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| openedx/core/djangoapps/notifications/models.py | Adds .. no_pii: annotation to NotificationPreference model docstring. |
| openedx/core/djangoapps/embargo/models.py | Adds .. no_pii: annotation to GlobalRestrictedCountry model docstring. |
| openedx/core/djangoapps/discussions/models.py | Fixes .. no_pii: directive formatting to include a space. |
| common/djangoapps/third_party_auth/models.py | Annotates Apple migration identifiers as PII with type/retirement metadata. |
| common/djangoapps/student/models/user.py | Adds .. no_pii: to history model and adds PII metadata docstring to AllowedAuthUser. |
| .annotation_safe_list.yml | Removes older safelist blocks and adds/updates safelist coverage for many models. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Via django-wiki https://github.com/openedx/django-wiki | ||
| wiki.Article: | ||
|
|
||
| # Additional non-local or generated models requiring safelist coverage | ||
| agreements.HistoricalUserAgreement: | ||
| ".. no_pii:": "No PII" |
| Model to store users' Apple Unique Identifier during migration | ||
| process of Apple team from edx Inc. to edx LLC. | ||
|
|
||
| .. pii: Contains Apple user identifiers (old_apple_id, transfer_id, new_apple_id). |
|
|
||
| class AllowedAuthUser(TimeStampedModel): | ||
| """ | ||
| Tracks which employee email addresses are allowed to log in with password on a given site. |
| # Additional non-local or generated models requiring safelist coverage | ||
| agreements.HistoricalUserAgreement: | ||
| ".. no_pii:": "No PII" | ||
| assessment.HistoricalSharedFileUpload: | ||
| ".. no_pii:": "No PII" | ||
| casbin_adapter.CasbinRule: | ||
| ".. no_pii:": "No PII" | ||
| channel_integration.ApiResponseRecord: | ||
| ".. no_pii:": "No PII" |
| """ | ||
| Model to store users' Apple Unique Identifier during migration | ||
| process of Apple team from edx Inc. to edx LLC. | ||
|
|
||
| .. pii: Contains Apple user identifiers (old_apple_id, transfer_id, new_apple_id). | ||
| .. pii_types: external_service | ||
| .. pii_retirement: local_api |
| """ | ||
| Tracks which employee email addresses are allowed to log in with password on a given site. | ||
|
|
||
| .. pii: Contains employee email address. |
| Model to store users' Apple Unique Identifier during migration | ||
| process of Apple team from edx Inc. to edx LLC. | ||
|
|
||
| .. pii: Contains Apple user identifiers (old_apple_id, transfer_id, new_apple_id). |
There was a problem hiding this comment.
check if this change is required?
There was a problem hiding this comment.
AppleMigrationUserIdInfo stores Apple user identifiers (old_apple_id, transfer_id, new_apple_id) which are external identity tokens uniquely tied to real users. Our policy requires all local models storing PII to be annotated inline. The external_service type and local_api retirement are consistent with how we annotate similar identity-linkage models.
bmtcril
left a comment
bmtcril
left a comment
There was a problem hiding this comment.
This seems ok at a glance, but it doesn't look like the annotation check is working correctly so there may be syntax problems not being caught. The check is reporting 0 models found for cms and lms:
code_annotations django_find_annotations \
--config_file .pii_annotations.yml \
--app_name cms \
--coverage \
--lint
Configured for report path: pii_report
Configured for source path: ./
/opt/hostedtoolcache/Python/3.12.13/x64/lib/python3.12/site-packages/fs/__init__.py:4: UserWarning: pkg_resources is deprecated as an API. See https://setuptools.pypa.io/en/latest/pkg_resources.html. The pkg_resources package is slated for removal as early as 2025-11-30. Refrain from using this package or pin to Setuptools<81.
__import__("pkg_resources").declare_namespace(__name__) # type: ignore
Key BLOCK_STRUCTURES_SETTINGS 'STORAGE_CLASS' not found in storage settings {'COURSE_PUBLISH_TASK_DELAY': 30, 'TASK_DEFAULT_RETRY_DELAY': 30, 'TASK_MAX_RETRIES': 5}.Using default storage path.
Found safelist at .annotation_safe_list.yml. Reading.
Performing linting checks...
Linting passed without errors.
Model coverage report
----------------------------------------
Found 0 total models.
0 were eligible for annotation, 0 were annotated.
Coverage is 100.0%
Yes, this issue was previously identified and tracked in #38646 to fix the I followed up on the original issue with a comment (#38646 (comment)) requesting clarification, but I have not yet received a response. At the moment, the only reason this PR is marked as "Do not merge" is that we are waiting for the pii_check fix to be implemented. Once that fix is in place, we will be able to verify this PR through the CI checks and proceed accordingly. Note: For local testing purposes, I applied a temporary fix to the pii_check syntax issue and ran the checks against these changes. After confirming that everything passed successfully, I proceeded to raise this PR. |
Akanshu-2u
changed the title
bmtcril
left a comment
bmtcril
left a comment
There was a problem hiding this comment.
👍 Thanks for taking this on!
Akanshu-2u
force-pushed
the
aaich/BOMS-572
branch
from
af8fe58 to
325320f
Compare
|
The CI got stuck so did a forced push. |
Description:
This PR fixes pii_check for edx-platform by adding missing model annotations and correcting the safelist so the annotation tool passes cleanly.
Changes:
Validation:
Private JIRA Link:
BOMS-572