blouson 1.0.2 → 1.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 3f0289a12d72b9395df1eda3e175fb719eeca8f9
4
- data.tar.gz: b3eabf713614461869750438ffc28a4855baf55a
2
+ SHA256:
3
+ metadata.gz: 3c5a05fbdf574e2e9c8420e7d24ad36ba81786df09d1916073d409ba47f764ec
4
+ data.tar.gz: 4d14dbf88a1e8aa457bcc5b2dae76846bf02d1cb5da4fb32e9ef23909e600f5a
5
5
  SHA512:
6
- metadata.gz: fe01b3072ceb5bc18903850320cd53c937df2b3132e75637e36158fc6ddf854ff5ec2613440952667d19ddd3497de22d9c826969efca5013cecf6c80769b5642
7
- data.tar.gz: da9de96010abbc0bd01299206e38f6b45e774fe80071c797d84a1e72bc88701d0677247ccb4b07e58518bd2afb32b6b7e1786cc5ac486647f28f5e58e7e6fe01
6
+ metadata.gz: 552ac7c5c3f6faaafe54355ea30d016ab47b5ac419b4466a27b0976bfdd60c89e9b4becf2aebc74a7937e25b9076e440f66fac65f141881d3e606c1257759f2a
7
+ data.tar.gz: 242d596166fc9beb1ca7380c1b9ae066d044e687ed9e783449c51788a6578e9f200178a04b6a63554f3576adab494800774d2694bbc3d9ab23820aad9223dc6d
@@ -1,20 +1,24 @@
1
1
  sudo: false
2
2
  language: ruby
3
+ services:
4
+ - mysql
3
5
  gemfile:
4
- - gemfiles/rails_4.0.gemfile
5
- - gemfiles/rails_4.1.gemfile
6
6
  - gemfiles/rails_4.2.gemfile
7
7
  - gemfiles/rails_5.0.gemfile
8
8
  - gemfiles/rails_5.1.gemfile
9
+ - gemfiles/rails_5.2.gemfile
10
+ - gemfiles/rails_6.0.gemfile
9
11
  rvm:
10
- - 2.2.7
11
- - 2.3.4
12
- - 2.4.1
12
+ - 2.3.8
13
+ - 2.4.6
14
+ - 2.5.5
15
+ - 2.6.3
13
16
  matrix:
14
17
  exclude:
15
- # Rails 4.0 and 4.1 doesn't support Ruby 2.4 (because of integer unification)
16
- - rvm: 2.4.1
17
- gemfile: gemfiles/rails_4.0.gemfile
18
- - rvm: 2.4.1
19
- gemfile: gemfiles/rails_4.1.gemfile
20
- before_install: gem install --no-document bundler
18
+ - rvm: 2.3.8
19
+ gemfile: gemfiles/rails_6.0.gemfile
20
+ - rvm: 2.4.6
21
+ gemfile: gemfiles/rails_6.0.gemfile
22
+ before_install:
23
+ - "[[ $BUNDLE_GEMFILE =~ rails_4\\.2 ]] && gem uninstall -v '>= 2' -i $(rvm gemdir)@global -ax bundler || true"
24
+ - "[[ $BUNDLE_GEMFILE =~ rails_4\\.2 ]] && gem install bundler -v '< 2' || true"
data/Appraisals CHANGED
@@ -1,13 +1,3 @@
1
- appraise 'rails-4.0' do
2
- gem 'rails', '~> 4.0.0'
3
- gem 'mysql2', '~> 0.3.10'
4
- end
5
-
6
- appraise 'rails-4.1' do
7
- gem 'rails', '~> 4.1.0'
8
- gem 'mysql2', '~> 0.3.13'
9
- end
10
-
11
1
  appraise 'rails-4.2' do
12
2
  gem 'rails', '~> 4.2.0'
13
3
  end
@@ -20,4 +10,12 @@ appraise 'rails-5.1' do
20
10
  gem 'rails', '~> 5.1.0'
21
11
  end
22
12
 
13
+ appraise 'rails-5.2' do
14
+ gem 'rails', '~> 5.2.0'
15
+ end
16
+
17
+ appraise 'rails-6.0' do
18
+ gem 'rails', '~> 6.0.0'
19
+ end
20
+
23
21
  # vim: set ft=ruby:
@@ -1,3 +1,18 @@
1
+ # 1.1.3 (2020-12-11)
2
+ - Fix cookies not being filtered when used with Raven::Rack
3
+
4
+ # 1.1.2 (2019-10-24)
5
+ - Support Rails 6.0
6
+
7
+ # 1.1.1 (2019-09-27)
8
+ - Change to use ActiveSupport::LoggerSilence for thread safety #10
9
+
10
+ # 1.1.0 (2019-08-09)
11
+ - Add feature to filter sensitive mail logs.
12
+
13
+ # 1.0.3 (2018-12-18)
14
+ - Fix Blouson::SensitiveQueryFilter::StatementInvalidErrorFilter for exceptions created with no arguments (like ActiveRecord::NoDatabaseError)
15
+
1
16
  # 1.0.2 (2017-09-21)
2
17
  - Change Raven filter's secure_headers config to be case insensitive https://github.com/cookpad/blouson/pull/4
3
18
 
data/README.md CHANGED
@@ -8,6 +8,7 @@ Blouson is a filter tool for Rails to conceal sensitive data from various logs.
8
8
  - SQL query in Rails log
9
9
  - Exception messages in `ActiveRecord::StatementInvalid`
10
10
  - Sentry Raven parameters
11
+ - Mail parameters in Rails log
11
12
 
12
13
  ## Installation
13
14
 
@@ -75,11 +76,39 @@ secure_headers = %w(secret_token)
75
76
 
76
77
  Raven.configure do |config|
77
78
  ...
78
- config.processors = [Blouson::RavenParameterFilterProcessor.create(filter_pattern, secure_headers)]
79
+ config.processors << Blouson::RavenParameterFilterProcessor.create(filter_pattern, secure_headers)
79
80
  ...
80
81
  end
81
82
  ```
82
83
 
84
+ ### SensitiveMailLogFilter
85
+ ActionMailer outputs email address, all headers, and body text to the log when sending email.
86
+
87
+ ```
88
+ D, [2019-08-08T08:40:15.939251 #67674] DEBUG -- : UserMailer#hello: processed outbound mail in 43.0ms
89
+ I, [2019-08-08T08:40:15.946281 #67674] INFO -- : Sent mail to xxx@example.com (6.3ms)
90
+ D, [2019-08-08T08:40:15.946432 #67674] DEBUG -- : Date: Thu, 08 Aug 2019 08:40:15 +0900
91
+ From: from@example.com
92
+ To: xxx@example.com
93
+ Message-ID: <xxx>
94
+ Subject: Hello
95
+ Mime-Version: 1.0
96
+ Content-Type: text/plain; charset=UTF-8
97
+ Content-Transfer-Encoding: 7bit
98
+
99
+ Example mail.
100
+ ```
101
+
102
+ Blouson filters such logs.
103
+
104
+ Example:
105
+
106
+ ```
107
+ D, [2019-08-08T08:47:06.524182 #67886] DEBUG -- : UserMailer#hello: processed outbound mail in 23.2ms
108
+ I, [2019-08-08T08:47:06.530849 #67886] INFO -- : Sent mail to [FILTERED] (6.4ms)
109
+ D, [2019-08-08T08:47:06.530953 #67886] DEBUG -- : [Blouson::SensitiveMailLogFilter] Mail data is filtered for sensitive data
110
+ ```
111
+
83
112
  ## Contributing
84
113
 
85
114
  Bug reports and pull requests are welcome on GitHub at https://github.com/cookpad/blouson.
@@ -2,7 +2,6 @@
2
2
 
3
3
  source "https://rubygems.org"
4
4
 
5
- gem "rails", "~> 4.0.0"
6
- gem "mysql2", "~> 0.3.10"
5
+ gem "rails", "~> 5.2.0"
7
6
 
8
7
  gemspec path: "../"
@@ -2,7 +2,6 @@
2
2
 
3
3
  source "https://rubygems.org"
4
4
 
5
- gem "rails", "~> 4.1.0"
6
- gem "mysql2", "~> 0.3.13"
5
+ gem "rails", "~> 6.0.0"
7
6
 
8
7
  gemspec path: "../"
@@ -2,6 +2,7 @@ require "blouson/version"
2
2
 
3
3
  require 'blouson/sensitive_params_silener'
4
4
  require 'blouson/sensitive_query_filter'
5
+ require 'blouson/sensitive_mail_log_filter'
5
6
  require 'blouson/engine'
6
7
  require 'blouson/tolerant_regexp'
7
8
 
@@ -22,5 +22,13 @@ module Blouson
22
22
  end
23
23
  end
24
24
  end
25
+
26
+ initializer 'blouson.set_sensitive_mail_log_filter' do |app|
27
+ if Rails.env.production? || ENV['ENABLE_SENSITIVE_MAIL_LOG_FILTER'] == '1'
28
+ ActiveSupport.on_load(:action_mailer) do
29
+ ActionMailer::LogSubscriber.prepend Blouson::SensitiveMailLogFilter
30
+ end
31
+ end
32
+ end
25
33
  end
26
34
  end
@@ -14,7 +14,13 @@ module Blouson
14
14
  end
15
15
 
16
16
  def initialize(client = nil)
17
- @parameter_filter = ActionDispatch::Http::ParameterFilter.new(self.class.filters)
17
+ # ActionDispatch::Http::ParameterFilter is deprecated and will be removed from Rails 6.1.
18
+ parameter_filter_klass = if defined?(ActiveSupport::ParameterFilter)
19
+ ActiveSupport::ParameterFilter
20
+ else
21
+ ActionDispatch::Http::ParameterFilter
22
+ end
23
+ @parameter_filter = parameter_filter_klass.new(self.class.filters)
18
24
  end
19
25
 
20
26
  def process(value)
@@ -65,6 +71,10 @@ module Blouson
65
71
  end
66
72
 
67
73
  def process_cookie(value)
74
+ if (cookies = value.dig(:request, :cookies))
75
+ value[:request][:cookies] = @parameter_filter.filter(cookies)
76
+ end
77
+
68
78
  if value[:request] && value[:request][:headers] && value[:request][:headers]['Cookie']
69
79
  cookies = Hash[value[:request][:headers]['Cookie'].split('; ').map { |pair| pair.split('=', 2) }]
70
80
  filtered = @parameter_filter.filter(cookies)
@@ -0,0 +1,17 @@
1
+ module Blouson
2
+ module SensitiveMailLogFilter
3
+ def deliver(event)
4
+ e = ActiveSupport::Notifications::Event.new(
5
+ event.name,
6
+ event.time,
7
+ event.end,
8
+ event.transaction_id,
9
+ event.payload.merge(
10
+ to: Blouson::FILTERED,
11
+ mail: "[Blouson::SensitiveMailLogFilter] Mail data is filtered for sensitive data"
12
+ )
13
+ )
14
+ super(e)
15
+ end
16
+ end
17
+ end
@@ -15,9 +15,10 @@ module Blouson
15
15
  end
16
16
 
17
17
  module StatementInvalidErrorFilter
18
- def initialize(message, original_exception = nil)
19
- if SensitiveQueryFilter.contain_sensitive_query?(message)
20
- message = SensitiveQueryFilter.filter_sensitive_words(message)
18
+ def initialize(message = nil, original_exception = nil, sql: nil, binds: nil)
19
+ if SensitiveQueryFilter.contain_sensitive_query?(message) || (SensitiveQueryFilter.contain_sensitive_query?(sql))
20
+ message = SensitiveQueryFilter.filter_sensitive_words(message) if message
21
+ sql = SensitiveQueryFilter.filter_sensitive_words(sql) if sql
21
22
  if defined?(Mysql2::Error)
22
23
  if original_exception.is_a?(Mysql2::Error)
23
24
  original_exception.extend(Mysql2Filter)
@@ -30,6 +31,11 @@ module Blouson
30
31
  if original_exception
31
32
  # Rails < 5.0
32
33
  super(message, original_exception)
34
+ elsif sql
35
+ # Rails >= 6.0
36
+ #
37
+ # - https://github.com/rails/rails/pull/34468
38
+ super(message, sql: sql, binds: binds)
33
39
  else
34
40
  # Rails >= 5.0
35
41
  #
@@ -5,12 +5,9 @@ module Blouson
5
5
  return super(sql, name)
6
6
  end
7
7
 
8
- begin
9
- ActiveRecord::Base.logger.level = Logger::INFO
8
+ ActiveRecord::Base.logger.silence(Logger::INFO) do
10
9
  Rails.logger.info " [Blouson::SensitiveTableQueryLogSilencer] SQL Log is skipped for sensitive table"
11
10
  super(sql, name)
12
- ensure
13
- ActiveRecord::Base.logger.level = Logger::DEBUG
14
11
  end
15
12
  end
16
13
  end
@@ -1,3 +1,3 @@
1
1
  module Blouson
2
- VERSION = "1.0.2"
2
+ VERSION = "1.1.3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: blouson
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.2
4
+ version: 1.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Cookpad Inc.
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-09-21 00:00:00.000000000 Z
11
+ date: 2020-12-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -155,14 +155,15 @@ files:
155
155
  - bin/console
156
156
  - bin/setup
157
157
  - blouson.gemspec
158
- - gemfiles/rails_4.0.gemfile
159
- - gemfiles/rails_4.1.gemfile
160
158
  - gemfiles/rails_4.2.gemfile
161
159
  - gemfiles/rails_5.0.gemfile
162
160
  - gemfiles/rails_5.1.gemfile
161
+ - gemfiles/rails_5.2.gemfile
162
+ - gemfiles/rails_6.0.gemfile
163
163
  - lib/blouson.rb
164
164
  - lib/blouson/engine.rb
165
165
  - lib/blouson/raven_parameter_filter_processor.rb
166
+ - lib/blouson/sensitive_mail_log_filter.rb
166
167
  - lib/blouson/sensitive_params_silener.rb
167
168
  - lib/blouson/sensitive_query_filter.rb
168
169
  - lib/blouson/sensitive_table_query_log_silencer.rb
@@ -187,8 +188,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
187
188
  - !ruby/object:Gem::Version
188
189
  version: '0'
189
190
  requirements: []
190
- rubyforge_project:
191
- rubygems_version: 2.5.2
191
+ rubygems_version: 3.1.4
192
192
  signing_key:
193
193
  specification_version: 4
194
194
  summary: Filter tools to mask sensitive data in various logs