activesupport-json_logging 1.0.0

data/lib/json_logging/formatter_with_tags.rb

@@ -0,0 +1,57 @@
+module JsonLogging
+  # Formatter proxy that delegates current_tags to the logger
+  # This is needed for ActiveJob which expects logger.formatter.current_tags
+  # Also implements call to ensure JSON formatting when formatter is used directly
+  class FormatterWithTags
+    def initialize(logger)
+      @logger = logger
+    end
+
+    def current_tags
+      @logger.send(:current_tags)
+    end
+
+    def call(severity, timestamp, progname, msg)
+      tags = current_tags
+      timestamp_str = Helpers.normalize_timestamp(timestamp)
+      payload = PayloadBuilder.build_base_payload(msg, severity: severity, timestamp: timestamp_str)
+      payload = PayloadBuilder.merge_context(payload, additional_context: JsonLogging.additional_context.compact, tags: tags)
+
+      "#{payload.compact.to_json}\n"
+    rescue => e
+      build_fallback_output(severity, timestamp, msg, e)
+    end
+
+    # Support tagged blocks for formatter
+    def tagged(*tags)
+      if block_given?
+        previous = @logger.send(:current_tags).dup
+        @logger.send(:push_tags, tags)
+        begin
+          yield @logger
+        ensure
+          @logger.send(:set_tags, previous)
+        end
+      else
+        @logger.send(:push_tags, tags)
+        self
+      end
+    end
+
+    private
+
+    def build_fallback_output(severity, timestamp, msg, error)
+      timestamp_str = Helpers.normalize_timestamp(timestamp)
+      fallback_payload = {
+        timestamp: timestamp_str,
+        severity: severity,
+        message: Helpers.safe_string(msg),
+        formatter_error: {
+          class: Sanitizer.sanitize_string(error.class.name),
+          message: Sanitizer.sanitize_string(Helpers.safe_string(error.message))
+        }
+      }
+      "#{fallback_payload.compact.to_json}\n"
+    end
+  end
+end

data/lib/json_logging/helpers.rb

@@ -0,0 +1,17 @@
+module JsonLogging
+  module Helpers
+    module_function
+
+    # Normalize timestamp to ISO8601 with microseconds
+    def normalize_timestamp(timestamp)
+      (timestamp || Time.now).utc.iso8601(6)
+    end
+
+    # Safely convert object to string, never raises
+    def safe_string(obj)
+      obj.to_s
+    rescue
+      "<unprintable>"
+    end
+  end
+end

data/lib/json_logging/json_logger.rb

@@ -0,0 +1,31 @@
+require "active_support"
+require "active_support/logger"
+
+module JsonLogging
+  class JsonLogger < ActiveSupport::Logger
+    # Include the extension module to get all JSON logging functionality
+    include JsonLoggerExtension
+
+    def initialize(*args, **kwargs)
+      # Initialize with minimal args to avoid ActiveSupport::Logger threading issues
+      # Rails 7+ supports kwargs, Rails 6 uses positional args only
+      logdev = args.first || $stdout
+      shift_age = args[1] || 0
+      shift_size = args[2]
+
+      # Handle both positional and keyword arguments for Rails 6-8 compatibility
+      if kwargs.empty? && shift_size
+        super(logdev, shift_age, shift_size)
+      elsif kwargs.empty?
+        super(logdev, shift_age)
+      else
+        # Rails 7+ may pass kwargs - delegate to parent
+        super
+      end
+
+      @formatter_with_tags = FormatterWithTags.new(self)
+      # Ensure parent class (Logger) also uses our formatter in case it uses it directly
+      instance_variable_set(:@formatter, @formatter_with_tags)
+    end
+  end
+end

data/lib/json_logging/json_logger_extension.rb

@@ -0,0 +1,177 @@
+module JsonLogging
+  # Module that extends any Logger with JSON formatting capabilities
+  # This is used by JsonLogging.new to wrap standard loggers
+  module JsonLoggerExtension
+    SEVERITY_NAMES = {
+      ::Logger::DEBUG => "DEBUG",
+      ::Logger::INFO => "INFO",
+      ::Logger::WARN => "WARN",
+      ::Logger::ERROR => "ERROR",
+      ::Logger::FATAL => "FATAL",
+      ::Logger::UNKNOWN => "UNKNOWN"
+    }.freeze
+
+    def formatter
+      @formatter_with_tags ||= begin
+        formatter_with_tags = FormatterWithTags.new(self)
+        instance_variable_set(:@formatter, formatter_with_tags)
+        formatter_with_tags
+      end
+    end
+
+    def formatter=(formatter)
+      # Always use FormatterWithTags to ensure JSON formatting
+      formatter_with_tags = @formatter_with_tags || FormatterWithTags.new(self)
+      instance_variable_set(:@formatter, formatter_with_tags)
+      @formatter_with_tags = formatter_with_tags
+    end
+
+    def add(severity, message = nil, progname = nil)
+      return true if severity < level
+
+      msg = if message.nil?
+        if block_given?
+          yield
+        else
+          progname
+        end
+      else
+        message
+      end
+
+      payload = build_payload(severity, progname, msg)
+
+      stringified = stringify_keys(payload)
+      @logdev&.write("#{stringified.to_json}\n")
+      true
+    rescue => e
+      # Never fail logging - write a fallback entry
+      # Initialize msg if it wasn't set due to error
+      msg ||= "<uninitialized>"
+
+      fallback = {
+        timestamp: Helpers.normalize_timestamp(Time.now),
+        severity: severity_name(severity),
+        message: Sanitizer.sanitize_string(Helpers.safe_string(msg)),
+        logger_error: {
+          class: Sanitizer.sanitize_string(e.class.name),
+          message: Sanitizer.sanitize_string(Helpers.safe_string(e.message))
+        }
+      }
+      @logdev&.write("#{fallback.compact.to_json}\n")
+      true
+    end
+
+    # Override format_message to ensure it uses JSON formatting even if called directly
+    def format_message(severity, datetime, progname, msg)
+      formatter.call(severity, datetime, progname, msg)
+    end
+
+    # Native tag support compatible with Rails.logger.tagged
+    def tagged(*tags)
+      if block_given?
+        formatter.tagged(*tags) { yield self }
+      else
+        # Return a new wrapped logger with tags applied (similar to TaggedLogging)
+        logger = JsonLogging.new(self)
+        # Extend formatter with LocalTagStorage to preserve current tags when creating nested loggers
+        logger.formatter.extend(LocalTagStorage)
+        logger.formatter.push_tags(*formatter.current_tags, *tags)
+        logger
+      end
+    end
+
+    # Flush tags (used by Rails when request completes)
+    def flush
+      clear_tags!
+      super if defined?(super)
+    end
+
+    private
+
+    def tags_key
+      @tags_key ||= :"json_logging_tags_#{object_id}"
+    end
+
+    def current_tags
+      # Use IsolatedExecutionState (Rails 7.1+) for better thread/Fiber safety
+      # Falls back to Thread.current for Rails 6-7.0
+      if defined?(ActiveSupport::IsolatedExecutionState)
+        ActiveSupport::IsolatedExecutionState[tags_key] ||= []
+      else
+        Thread.current[tags_key] ||= []
+      end
+    end
+
+    def set_tags(new_tags)
+      # Use IsolatedExecutionState (Rails 7.1+) for better thread/Fiber safety
+      # Falls back to Thread.current for Rails 6-7.0
+      if defined?(ActiveSupport::IsolatedExecutionState)
+        ActiveSupport::IsolatedExecutionState[tags_key] = new_tags
+      else
+        Thread.current[tags_key] = new_tags
+      end
+    end
+
+    def push_tags(tags)
+      flat = tags.flatten.compact.map(&:to_s).reject(&:empty?)
+      return if flat.empty?
+      set_tags(current_tags + flat)
+    end
+
+    def clear_tags!
+      set_tags([])
+    end
+
+    def build_payload(severity, _progname, msg)
+      payload = PayloadBuilder.build_base_payload(
+        msg,
+        severity: severity_name(severity),
+        timestamp: Helpers.normalize_timestamp(Time.now)
+      )
+      payload = PayloadBuilder.merge_context(
+        payload,
+        additional_context: JsonLogging.additional_context.compact,
+        tags: current_tags
+      )
+
+      payload.compact
+    end
+
+    def severity_name(severity)
+      SEVERITY_NAMES[severity] || severity.to_s
+    end
+
+    def stringify_keys(hash)
+      case hash
+      when Hash
+        hash.each_with_object({}) do |(k, v), result|
+          result[k.to_s] = stringify_keys(v)
+        end
+      when Array
+        hash.map { |v| stringify_keys(v) }
+      else
+        hash
+      end
+    end
+  end
+
+  # Module for preserving current tags when creating nested tagged loggers
+  # Similar to ActiveSupport::TaggedLogging::LocalTagStorage
+  # When extended on a formatter, stores tags locally instead of using thread-local storage
+  module LocalTagStorage
+    def self.extended(base)
+      base.instance_variable_set(:@local_tags, [])
+    end
+
+    def push_tags(*tags)
+      flat = tags.flatten.compact.map(&:to_s).reject(&:empty?)
+      return if flat.empty?
+      @local_tags = (@local_tags || []) + flat
+    end
+
+    def current_tags
+      @local_tags || []
+    end
+  end
+end

data/lib/json_logging/message_parser.rb

@@ -0,0 +1,32 @@
+module JsonLogging
+  module MessageParser
+    module_function
+
+    def parse_message(msg)
+      if msg.is_a?(Hash) || (msg.respond_to?(:to_hash) && !msg.is_a?(String))
+        # Sanitize hash messages
+        Sanitizer.sanitize_hash(msg.to_hash)
+      elsif msg.is_a?(String) && json_string?(msg)
+        begin
+          parsed = JSON.parse(msg)
+          # Sanitize parsed JSON structure
+          Sanitizer.sanitize_value(parsed)
+        rescue JSON::ParserError
+          # If JSON parsing fails, sanitize the raw string
+          Sanitizer.sanitize_string(msg)
+        end
+      elsif msg.is_a?(Exception)
+        # Handle exceptions specially with sanitization
+        Sanitizer.sanitize_exception(msg)
+      else
+        # Sanitize other types
+        Sanitizer.sanitize_value(msg)
+      end
+    end
+
+    def json_string?(str)
+      (str.start_with?("{") && str.end_with?("}")) ||
+        (str.start_with?("[") && str.end_with?("]"))
+    end
+  end
+end

data/lib/json_logging/payload_builder.rb

@@ -0,0 +1,46 @@
+module JsonLogging
+  module PayloadBuilder
+    module_function
+
+    def build_base_payload(msg, severity: nil, timestamp: nil)
+      parsed = MessageParser.parse_message(msg)
+      payload = {}
+
+      if parsed.is_a?(Hash)
+        payload.merge!(parsed)
+      else
+        payload[:message] = parsed
+      end
+
+      payload[:severity] = severity if severity
+      payload[:timestamp] = timestamp if timestamp
+
+      payload
+    end
+
+    def merge_context(payload, additional_context:, tags: [])
+      existing_context = payload[:context].is_a?(Hash) ? payload[:context] : {}
+
+      # Sanitize additional context before merging (filters sensitive keys, limits size, sanitizes strings only)
+      # Only sanitize if it's a hash - preserve other types
+      sanitized_context = if additional_context.is_a?(Hash) && !additional_context.empty?
+        Sanitizer.sanitize_hash(additional_context)
+      else
+        additional_context || {}
+      end
+
+      deduped_additional = sanitized_context.reject { |k, _| payload.key?(k) }
+      merged_context = existing_context.merge(deduped_additional)
+
+      unless tags.empty?
+        existing_tags = Array(merged_context[:tags])
+        # Sanitize tag strings (remove control chars, truncate)
+        sanitized_tags = tags.map { |tag| Sanitizer.sanitize_string(tag.to_s) }
+        merged_context[:tags] = (existing_tags + sanitized_tags).uniq
+      end
+
+      payload[:context] = merged_context unless merged_context.empty?
+      payload
+    end
+  end
+end

data/lib/json_logging/sanitizer.rb

@@ -0,0 +1,158 @@
+module JsonLogging
+  module Sanitizer
+    # Control characters that should be escaped or removed from log messages
+    CONTROL_CHARS = /[\x00-\x1F\x7F]/
+
+    # Maximum string length before truncation
+    MAX_STRING_LENGTH = 10_000
+
+    # Maximum context hash size (number of keys)
+    MAX_CONTEXT_SIZE = 50
+
+    # Maximum depth for nested structures
+    MAX_DEPTH = 10
+
+    # Maximum backtrace lines to include
+    MAX_BACKTRACE_LINES = 20
+
+    # Common sensitive key patterns (case insensitive) - fallback when Rails ParameterFilter not available
+    SENSITIVE_KEY_PATTERNS = /\b(password|passwd|pwd|secret|token|api_key|apikey|access_token|auth_token|private_key|credential)\b/i
+
+    module_function
+
+    # Get Rails ParameterFilter if available, nil otherwise
+    def rails_parameter_filter
+      return nil unless defined?(Rails) && Rails.respond_to?(:application)
+      return nil unless Rails.application.respond_to?(:config)
+
+      filter_params = Rails.application.config.filter_parameters
+      return nil if filter_params.empty?
+
+      ActiveSupport::ParameterFilter.new(filter_params)
+    rescue
+      nil
+    end
+
+    # Sanitize a string by removing/escaping control characters and truncating
+    def sanitize_string(str)
+      return str unless str.is_a?(String)
+
+      # Remove or replace control characters
+      sanitized = str.gsub(CONTROL_CHARS, "")
+
+      # Truncate if too long
+      if sanitized.length > MAX_STRING_LENGTH
+        sanitized = sanitized[0, MAX_STRING_LENGTH] + "...[truncated]"
+      end
+
+      sanitized
+    rescue
+      "<sanitization_error>"
+    end
+
+    # Sanitize a hash, removing sensitive keys and limiting size/depth
+    # Uses Rails ParameterFilter when available, falls back to pattern matching
+    def sanitize_hash(hash, depth: 0)
+      return hash unless hash.is_a?(Hash)
+
+      # Prevent excessive nesting
+      return {"error" => "max_depth_exceeded"} if depth > MAX_DEPTH
+
+      # Limit hash size first
+      limited_hash = if hash.size > MAX_CONTEXT_SIZE
+        truncated = hash.first(MAX_CONTEXT_SIZE).to_h
+        truncated["_truncated"] = true
+        truncated
+      else
+        hash
+      end
+
+      # Use Rails ParameterFilter if available (handles encrypted attributes automatically)
+      filter = rails_parameter_filter
+      if filter
+        # ParameterFilter will filter based on Rails.config.filter_parameters
+        # This includes encrypted attributes automatically
+        # Create a deep copy since filter modifies in place (Rails 6+)
+        filtered = limited_hash.respond_to?(:deep_dup) ? limited_hash.deep_dup : limited_hash.dup
+        filtered = filter.filter(filtered)
+
+        # Then sanitize values (strings, control chars, etc.) preserving filtered structure
+        filtered.each_with_object({}) do |(key, value), result|
+          result[key] = sanitize_value(value, depth: depth + 1)
+        end
+
+      else
+        # Fallback: use pattern matching for sensitive keys
+        limited_hash.each_with_object({}) do |(key, value), result|
+          key_str = key.to_s
+
+          # Skip sensitive keys
+          if SENSITIVE_KEY_PATTERNS.match?(key_str)
+            result[key_str.gsub(/(?<!^)(?=[A-Z])/, "_").downcase + "_filtered"] = "[FILTERED]"
+            next
+          end
+
+          result[key] = sanitize_value(value, depth: depth + 1)
+        end
+      end
+    rescue
+      {"sanitization_error" => true}
+    end
+
+    # Sanitize a value (handles strings, hashes, arrays, etc.)
+    # Preserves numeric, boolean, and nil types
+    def sanitize_value(value, depth: 0)
+      case value
+      when String
+        sanitize_string(value)
+      when Hash
+        sanitize_hash(value, depth: depth)
+      when Array
+        # Limit array size
+        sanitized = value.first(MAX_CONTEXT_SIZE).map { |v| sanitize_value(v, depth: depth + 1) }
+        sanitized << "[truncated]" if value.size > MAX_CONTEXT_SIZE
+        sanitized
+      when Exception
+        sanitize_exception(value)
+      when Numeric, TrueClass, FalseClass, NilClass
+        # Preserve numeric, boolean, and nil types
+        value
+      else
+        # For other types, convert to string and sanitize
+        sanitize_string(value.to_s)
+      end
+    rescue
+      "<unprintable>"
+    end
+
+    # Sanitize exception, including backtrace
+    def sanitize_exception(ex)
+      {
+        "error" => {
+          "class" => ex.class.name,
+          "message" => sanitize_string(ex.message.to_s),
+          "backtrace" => sanitize_backtrace(ex.backtrace)
+        }
+      }
+    rescue
+      {"error" => {"class" => "Exception", "message" => "<sanitization_failed>"}}
+    end
+
+    # Sanitize backtrace - truncate and remove sensitive paths
+    def sanitize_backtrace(backtrace)
+      return [] unless backtrace.is_a?(Array)
+
+      # Take first MAX_BACKTRACE_LINES, sanitize each
+      backtrace.first(MAX_BACKTRACE_LINES).map do |line|
+        sanitize_string(line.to_s)
+      end
+    rescue
+      []
+    end
+
+    # Check if a key looks sensitive
+    def sensitive_key?(key)
+      SENSITIVE_KEY_PATTERNS.match?(key.to_s)
+    end
+  end
+end

data/lib/json_logging/version.rb

@@ -0,0 +1,3 @@
+module JsonLogging
+  VERSION = "1.0.0"
+end

data/lib/json_logging.rb

@@ -0,0 +1,124 @@
+require "logger"
+require "json"
+require "time"
+
+require_relative "json_logging/version"
+require_relative "json_logging/helpers"
+require_relative "json_logging/sanitizer"
+require_relative "json_logging/message_parser"
+require_relative "json_logging/payload_builder"
+require_relative "json_logging/formatter"
+require_relative "json_logging/formatter_with_tags"
+require_relative "json_logging/json_logger_extension"
+require_relative "json_logging/json_logger"
+
+module JsonLogging
+  THREAD_CONTEXT_KEY = :__json_logging_context
+
+  def self.with_context(extra_context)
+    original = Thread.current[THREAD_CONTEXT_KEY]
+    Thread.current[THREAD_CONTEXT_KEY] = (original || {}).merge(safe_hash(extra_context))
+    yield
+  ensure
+    Thread.current[THREAD_CONTEXT_KEY] = original
+  end
+
+  # Returns the current thread-local context when called without arguments,
+  # or sets a transformer when called with a block or assigned a proc.
+  #
+  # @example Getting context
+  #   JsonLogging.additional_context  # => {user_id: 123, ...}
+  #
+  # @example Setting transformer with block
+  #   JsonLogging.additional_context do |context|
+  #     context.merge(environment: Rails.env, hostname: Socket.gethostname)
+  #   end
+  #
+  # @example Setting transformer with assignment
+  #   JsonLogging.additional_context = ->(context) { context.merge(env: Rails.env) }
+  def self.additional_context(*args, &block)
+    if args.any? || block_given?
+      return public_send(:additional_context=, args.first || block)
+    end
+
+    begin
+      base_context = (Thread.current[THREAD_CONTEXT_KEY] || {}).dup
+    rescue
+      base_context = {}
+    end
+
+    transformer = @additional_context_transformer
+    if transformer.is_a?(Proc)
+      begin
+        transformer.call(base_context)
+      rescue
+        base_context
+      end
+    else
+      base_context
+    end
+  end
+
+  def self.additional_context=(proc_or_block)
+    @additional_context_transformer = proc_or_block
+  end
+
+  def self.safe_hash(obj)
+    obj.is_a?(Hash) ? obj : {}
+  rescue
+    {}
+  end
+
+  # Returns an `ActiveSupport::Logger` that has already been wrapped with JSON logging concern.
+  #
+  # @param *args Arguments passed to ActiveSupport::Logger.new
+  # @param **kwargs Keyword arguments passed to ActiveSupport::Logger.new
+  # @return [Logger] A logger wrapped with JSON formatting and tagged logging support
+  #
+  # @example
+  #   logger = JsonLogging.logger($stdout)
+  #   logger.info("Stuff")  # Logs JSON formatted entry
+  def self.logger(*args, **kwargs)
+    new(ActiveSupport::Logger.new(*args, **kwargs))
+  end
+
+  # Wraps any standard Logger object to provide JSON formatting capabilities.
+  # Similar to ActiveSupport::TaggedLogging.new
+  #
+  # @param logger [Logger] Any standard Logger object (Logger, ActiveSupport::Logger, etc.)
+  # @return [Logger] A logger extended with JSON formatting and tagged logging support
+  #
+  # @example
+  #   logger = JsonLogging.new(Logger.new(STDOUT))
+  #   logger.info("Stuff")  # Logs JSON formatted entry
+  #
+  # @example With tagged logging
+  #   logger = JsonLogging.new(Logger.new(STDOUT))
+  #   logger.tagged("BCX") { logger.info("Stuff") }  # Logs with tags
+  #   logger.tagged("BCX").info("Stuff")  # Logs with tags (non-block form)
+  def self.new(logger)
+    logger = logger.clone
+    if logger.formatter
+      logger.formatter = logger.formatter.clone
+
+      # Workaround for https://bugs.ruby-lang.org/issues/20250
+      # Can be removed when Ruby 3.4 is the least supported version.
+      logger.formatter.object_id if logger.formatter.is_a?(Proc)
+    else
+      # Ensure we set a default formatter so we aren't extending nil!
+      # Use ActiveSupport::Logger::SimpleFormatter if available, otherwise default Logger::Formatter
+      logger.formatter = if defined?(ActiveSupport::Logger::SimpleFormatter)
+        ActiveSupport::Logger::SimpleFormatter.new
+      else
+        ::Logger::Formatter.new
+      end
+    end
+
+    logger.extend(JsonLoggerExtension)
+    formatter_with_tags = FormatterWithTags.new(logger)
+    logger.instance_variable_set(:@formatter_with_tags, formatter_with_tags)
+    logger.formatter = formatter_with_tags
+
+    logger
+  end
+end