DEV Community

Tomasz
Tomasz

Posted on • Edited on

OpenSparrow v2.9 – GDPR Anonymization, Automation Emails, and a PHP 8.4 Refactor

 OpenSparrow v2.9 is out. The headline feature is a full data anonymization module for GDPR compliance, alongside new automation actions, dashboard/calendar filtering, and a codebase modernized for PHP 8.4.

Data Anonymization (GDPR/EDPB)

New admin module — System → Anonymization. Define per-column rules (table, column, replacement value) to scrub PII on a schedule.

  • Four tabs — Rules (CRUD + run history), Schedule (manual/daily/weekly/monthly + Run Now), Suggestions (scans your schema's column names against a PII keyword dictionary and proposes rules), Dictionary (edit keywords, purge old logs)
  • Dry-run preview — see exactly how many rows each rule would affect via COUNT(*) with the rule's WHERE clause, before touching any data
  • EDPB compliance reports — every run writes a structured JSON report (linkability/inference/single-out risk assessment per rule) to a dedicated report table, viewable and downloadable from Run History
  • A companion CLI cron worker enforces the configured frequency window internally, so a simple daily OS scheduler entry covers all modes

Automations: email actions

The rule engine gains an email action — queue a message to be sent when a rule fires, with templated recipients/subject/body ({{ record.field }}, {{ old_record.field }}, {{ current_user.id }}, {{ today }}). Delivery runs async through the notifications cron with retry/attempt tracking and header-injection protection.

Also added: numeric/date comparison operators (>, <, >=, <=) and change-detection operators (changed, changed_from, changed_to) for writing more precise trigger conditions, plus a quick enable/disable toggle and a "Duplicate rule" button.

Dashboard & calendar filters

  • Dashboard — a global period filter (All time / Today / 7d / 30d / This month) reloads every widget; count/sum cards now show deltas vs. the previous period, and widgets can be exported to CSV directly from the dashboard
  • Calendar — a filter bar lets you toggle event sources on/off per configured table color

PHP 8.4 refactor

The whole backend was modernized for PHP 8.4: enums for user roles, readonly classes and constructor property promotion, #[\Override] attributes on interface implementations, json_validate(), first-class callable syntax, and hardened type hints across the DB/repository layer. CI now targets PHP 8.4/8.5.

Page bootstrapping was also consolidated — the repeated session/CSRF/CSP-header boilerplate that used to be copy-pasted at the top of every page now lives in a single os_page_bootstrap() / os_boot_app() helper.

Following this series?

OpenSparrow v2.8 – Kanban board, MySQL Gateway, and major security hardening

Websites

opensparrow.org
github.com/wrobeltomasz/OpenSparrow
demo.opensparrow.org

Top comments (0)