OpenSparrow v2.9 is out. The headline feature is a full data anonymization module for GDPR compliance, alongside new automation actions, dashboard/calendar filtering, and a codebase modernized for PHP 8.4.
Data Anonymization (GDPR/EDPB)
New admin module — System → Anonymization. Define per-column rules (table, column, replacement value) to scrub PII on a schedule.
- Four tabs — Rules (CRUD + run history), Schedule (manual/daily/weekly/monthly + Run Now), Suggestions (scans your schema's column names against a PII keyword dictionary and proposes rules), Dictionary (edit keywords, purge old logs)
-
Dry-run preview — see exactly how many rows each rule would affect via
COUNT(*)with the rule's WHERE clause, before touching any data - EDPB compliance reports — every run writes a structured JSON report (linkability/inference/single-out risk assessment per rule) to a dedicated report table, viewable and downloadable from Run History
- A companion CLI cron worker enforces the configured frequency window internally, so a simple daily OS scheduler entry covers all modes
Automations: email actions
The rule engine gains an email action — queue a message to be sent when a rule fires, with templated recipients/subject/body ({{ record.field }}, {{ old_record.field }}, {{ current_user.id }}, {{ today }}). Delivery runs async through the notifications cron with retry/attempt tracking and header-injection protection.
Also added: numeric/date comparison operators (>, <, >=, <=) and change-detection operators (changed, changed_from, changed_to) for writing more precise trigger conditions, plus a quick enable/disable toggle and a "Duplicate rule" button.
Dashboard & calendar filters
- Dashboard — a global period filter (All time / Today / 7d / 30d / This month) reloads every widget; count/sum cards now show deltas vs. the previous period, and widgets can be exported to CSV directly from the dashboard
- Calendar — a filter bar lets you toggle event sources on/off per configured table color
PHP 8.4 refactor
The whole backend was modernized for PHP 8.4: enums for user roles, readonly classes and constructor property promotion, #[\Override] attributes on interface implementations, json_validate(), first-class callable syntax, and hardened type hints across the DB/repository layer. CI now targets PHP 8.4/8.5.
Page bootstrapping was also consolidated — the repeated session/CSRF/CSP-header boilerplate that used to be copy-pasted at the top of every page now lives in a single os_page_bootstrap() / os_boot_app() helper.
Following this series?
OpenSparrow v2.8 – Kanban board, MySQL Gateway, and major security hardening
Websites
opensparrow.org
github.com/wrobeltomasz/OpenSparrow
demo.opensparrow.org
Top comments (0)