What is being done to prevent bad words or hurtful strings?

[nicklenko]

Hi there, we're looking to use this in a customer facing previews and want to be sure that there are no bad text strings being generated. Is there a way to view the list of strings that are used to generate the fake info? Or are there other methods used to ensure no offensive strings are generated?

[Shinigami92]

We did stuff like this

• fix(locale): filter inappropriate words in the en locale #1745

[ST-DDT]

we're looking to use this in a customer facing previews and want to be sure that there are no bad text strings being generated.

First of all there is no guarantee that there won't be any bad words in the results.
Since we took over the project we have removed words, that are or can be considered offensive.

• fix(locale): filter inappropriate words in the en locale #1633 (v8.0.0-alpha.0)
• fix(locale): filter inappropriate words in the en locale #1745 (not released yet)

If you find more, please report them to us, so we can remove them.

Is there a way to view the list of strings that are used to generate the fake info?

Yes, you can review the locale data that will be returned in the methods:

https://github.com/faker-js/faker/tree/next/src/locales

Or are there other methods used to ensure no offensive strings are generated?

We ran offensive word filters on the existing locales and do this for new locale data as well, but the tools don't support all locales and don't find all words (especially if they contain typos). We also face the issue, that some words are considered offensive in some locales, but not it others.
We appreciate any help with reviewing the locales.

Note: The string module generates random texts from characters, so with lots of bad luck it might generate offensive content.

If you want to be 100% sure that nothing that could be considered offensive for anyone is returned, you have to apply manual filtering.

[matthewmayer]

Also be aware that if this is customer facing emails, phones, addresses etc might coincidentally be the same as real emails, phones, addresses.

[Johnkinging]

Are the emails not all @example.com? Just curious, that's all I've seen in practice.

[ST-DDT]

There is faker.internet.email that generates non example ones.
And faker.internet.exampleEmail that generates example ones.

[Johnkinging]

Ah, good to know, thanks!

[mcavaliere]

It appears that some of the words that aren't in the raw source are still appearing in the generated cjs/esm modules.

I found this output (from faker.internet.url which traces down to noun()

The word cock isn't in the noun word list here, but it's in my generated output in node_modules quite a few times:

[mcavaliere]

Does this just need another publish?

[Shinigami92]

are you already on v8.0.0-alpha.0?

[ST-DDT]

The second more thorough cleanup isn't released yet: #1864 (comment)

[mcavaliere]

I am now, thanks!

On Thu, Feb 23, 2023 at 5:49 PM ST-DDT ***@***.***> wrote: The second more thorough cleanup isn't released yet. — Reply to this email directly, view it on GitHub <#1864 (reply in thread)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AABD6JOVWUTQL73TCRDJ7ODWY7SP5ANCNFSM6AAAAAAVDMIU3Y> . You are receiving this because you commented.Message ID: ***@***.***>

-- *Peace.**Mike Cavaliere* Software Strategist / Author *cutintothejamstack.com <http://cutintothejamstack.com/>* <http://www.linkedin.com/in/mikecavaliere> linkedin.com/in/mikecavaliere <http://www.linkedin.com/in/mikecavaliere> @mcavaliere <http://twitter.com/mcavaliere>