blouson 1.1.1 → 1.1.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +64 -0
- data/Appraisals +12 -4
- data/CHANGELOG.md +9 -0
- data/README.md +2 -2
- data/gemfiles/{rails_4.2.gemfile → rails_6.0.gemfile} +1 -1
- data/gemfiles/rails_6.1.gemfile +7 -0
- data/gemfiles/rails_7.0.gemfile +7 -0
- data/lib/blouson/raven_parameter_filter_processor.rb +11 -1
- data/lib/blouson/sensitive_query_filter.rb +9 -3
- data/lib/blouson/sensitive_table_query_log_silencer.rb +3 -3
- data/lib/blouson/version.rb +1 -1
- metadata +10 -8
- data/.travis.yml +0 -17
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a561df78a14ba07951254ce32982357a83a32eab60691ba688fe95a4049e1d77
|
|
4
|
+
data.tar.gz: 53d9f65de40ed900cf5e3fbb4ac2525c74eb563695a1320dd5ae3b0d53b50b73
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: aec465e833f9b260e8d2180ae9147accf15220d3431cf4975a50d73075c56975288d83c0b1245396a281ac492546b3aa36d2f43410ce016f9e770436e0d459aa
|
|
7
|
+
data.tar.gz: 2ff71f692ae850d89b3a702480bbb4c13ce226c77984bd1092835a0b1cf55e4335e2d03d7f68857056909d2589a84e895c389a31eccd041437a46aaef640f2b6
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
name: CI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
pull_request:
|
|
6
|
+
|
|
7
|
+
jobs:
|
|
8
|
+
test:
|
|
9
|
+
runs-on: ubuntu-latest
|
|
10
|
+
strategy:
|
|
11
|
+
fail-fast: false
|
|
12
|
+
matrix:
|
|
13
|
+
ruby:
|
|
14
|
+
- '2.6'
|
|
15
|
+
- '2.7'
|
|
16
|
+
- '3.0'
|
|
17
|
+
- '3.1'
|
|
18
|
+
gemfile:
|
|
19
|
+
- rails_5.0
|
|
20
|
+
- rails_5.1
|
|
21
|
+
- rails_5.2
|
|
22
|
+
- rails_6.0
|
|
23
|
+
- rails_6.1
|
|
24
|
+
- rails_7.0
|
|
25
|
+
exclude:
|
|
26
|
+
# Ruby >= 3.0 is supported since Rails 6.0
|
|
27
|
+
- ruby: '3.0'
|
|
28
|
+
gemfile: rails_5.0
|
|
29
|
+
- ruby: '3.0'
|
|
30
|
+
gemfile: rails_5.1
|
|
31
|
+
- ruby: '3.0'
|
|
32
|
+
gemfile: rails_5.2
|
|
33
|
+
- ruby: '3.1'
|
|
34
|
+
gemfile: rails_5.0
|
|
35
|
+
- ruby: '3.1'
|
|
36
|
+
gemfile: rails_5.1
|
|
37
|
+
- ruby: '3.1'
|
|
38
|
+
gemfile: rails_5.2
|
|
39
|
+
# Rails 7.0 supports Ruby >= 2.7 only
|
|
40
|
+
- ruby: '2.6'
|
|
41
|
+
gemfile: rails_7.0
|
|
42
|
+
name: Run test with Ruby ${{ matrix.ruby }} and Gemfile ${{ matrix.gemfile }}
|
|
43
|
+
services:
|
|
44
|
+
mysql:
|
|
45
|
+
image: mysql:5.7
|
|
46
|
+
env:
|
|
47
|
+
MYSQL_ALLOW_EMPTY_PASSWORD: '1'
|
|
48
|
+
MYSQL_DATABASE: blouson
|
|
49
|
+
ports:
|
|
50
|
+
- 3306:3306
|
|
51
|
+
options: >-
|
|
52
|
+
--health-cmd "mysqladmin ping"
|
|
53
|
+
--health-interval 10s
|
|
54
|
+
--health-timeout 5s
|
|
55
|
+
--health-retries 5
|
|
56
|
+
env:
|
|
57
|
+
BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile
|
|
58
|
+
steps:
|
|
59
|
+
- uses: actions/checkout@v3
|
|
60
|
+
- uses: ruby/setup-ruby@v1
|
|
61
|
+
with:
|
|
62
|
+
ruby-version: ${{ matrix.ruby }}
|
|
63
|
+
bundler-cache: true
|
|
64
|
+
- run: bundle exec rake spec
|
data/Appraisals
CHANGED
|
@@ -1,7 +1,3 @@
|
|
|
1
|
-
appraise 'rails-4.2' do
|
|
2
|
-
gem 'rails', '~> 4.2.0'
|
|
3
|
-
end
|
|
4
|
-
|
|
5
1
|
appraise 'rails-5.0' do
|
|
6
2
|
gem 'rails', '~> 5.0.0'
|
|
7
3
|
end
|
|
@@ -14,4 +10,16 @@ appraise 'rails-5.2' do
|
|
|
14
10
|
gem 'rails', '~> 5.2.0'
|
|
15
11
|
end
|
|
16
12
|
|
|
13
|
+
appraise 'rails-6.0' do
|
|
14
|
+
gem 'rails', '~> 6.0.0'
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
appraise 'rails-6.1' do
|
|
18
|
+
gem 'rails', '~> 6.1.0'
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
appraise 'rails-7.0' do
|
|
22
|
+
gem 'rails', '~> 7.0.0'
|
|
23
|
+
end
|
|
24
|
+
|
|
17
25
|
# vim: set ft=ruby:
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
# 1.1.4 (2022-05-02)
|
|
2
|
+
- Fix ArgumentError on activerecord 7.0
|
|
3
|
+
|
|
4
|
+
# 1.1.3 (2020-12-11)
|
|
5
|
+
- Fix cookies not being filtered when used with Raven::Rack
|
|
6
|
+
|
|
7
|
+
# 1.1.2 (2019-10-24)
|
|
8
|
+
- Support Rails 6.0
|
|
9
|
+
|
|
1
10
|
# 1.1.1 (2019-09-27)
|
|
2
11
|
- Change to use ActiveSupport::LoggerSilence for thread safety #10
|
|
3
12
|
|
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Blouson
|
|
2
2
|
[](https://badge.fury.io/rb/blouson)
|
|
3
|
-
[](https://github.com/cookpad/blouson/actions/workflows/ci.yml)
|
|
4
4
|
|
|
5
5
|
Blouson is a filter tool for Rails to conceal sensitive data from various logs.
|
|
6
6
|
|
|
@@ -76,7 +76,7 @@ secure_headers = %w(secret_token)
|
|
|
76
76
|
|
|
77
77
|
Raven.configure do |config|
|
|
78
78
|
...
|
|
79
|
-
config.processors
|
|
79
|
+
config.processors << Blouson::RavenParameterFilterProcessor.create(filter_pattern, secure_headers)
|
|
80
80
|
...
|
|
81
81
|
end
|
|
82
82
|
```
|
|
@@ -14,7 +14,13 @@ module Blouson
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def initialize(client = nil)
|
|
17
|
-
|
|
17
|
+
# ActionDispatch::Http::ParameterFilter is deprecated and will be removed from Rails 6.1.
|
|
18
|
+
parameter_filter_klass = if defined?(ActiveSupport::ParameterFilter)
|
|
19
|
+
ActiveSupport::ParameterFilter
|
|
20
|
+
else
|
|
21
|
+
ActionDispatch::Http::ParameterFilter
|
|
22
|
+
end
|
|
23
|
+
@parameter_filter = parameter_filter_klass.new(self.class.filters)
|
|
18
24
|
end
|
|
19
25
|
|
|
20
26
|
def process(value)
|
|
@@ -65,6 +71,10 @@ module Blouson
|
|
|
65
71
|
end
|
|
66
72
|
|
|
67
73
|
def process_cookie(value)
|
|
74
|
+
if (cookies = value.dig(:request, :cookies))
|
|
75
|
+
value[:request][:cookies] = @parameter_filter.filter(cookies)
|
|
76
|
+
end
|
|
77
|
+
|
|
68
78
|
if value[:request] && value[:request][:headers] && value[:request][:headers]['Cookie']
|
|
69
79
|
cookies = Hash[value[:request][:headers]['Cookie'].split('; ').map { |pair| pair.split('=', 2) }]
|
|
70
80
|
filtered = @parameter_filter.filter(cookies)
|
|
@@ -15,9 +15,10 @@ module Blouson
|
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
module StatementInvalidErrorFilter
|
|
18
|
-
def initialize(message = nil, original_exception = nil)
|
|
19
|
-
if SensitiveQueryFilter.contain_sensitive_query?(message)
|
|
20
|
-
message = SensitiveQueryFilter.filter_sensitive_words(message)
|
|
18
|
+
def initialize(message = nil, original_exception = nil, sql: nil, binds: nil)
|
|
19
|
+
if SensitiveQueryFilter.contain_sensitive_query?(message) || (SensitiveQueryFilter.contain_sensitive_query?(sql))
|
|
20
|
+
message = SensitiveQueryFilter.filter_sensitive_words(message) if message
|
|
21
|
+
sql = SensitiveQueryFilter.filter_sensitive_words(sql) if sql
|
|
21
22
|
if defined?(Mysql2::Error)
|
|
22
23
|
if original_exception.is_a?(Mysql2::Error)
|
|
23
24
|
original_exception.extend(Mysql2Filter)
|
|
@@ -30,6 +31,11 @@ module Blouson
|
|
|
30
31
|
if original_exception
|
|
31
32
|
# Rails < 5.0
|
|
32
33
|
super(message, original_exception)
|
|
34
|
+
elsif sql
|
|
35
|
+
# Rails >= 6.0
|
|
36
|
+
#
|
|
37
|
+
# - https://github.com/rails/rails/pull/34468
|
|
38
|
+
super(message, sql: sql, binds: binds)
|
|
33
39
|
else
|
|
34
40
|
# Rails >= 5.0
|
|
35
41
|
#
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
module Blouson
|
|
2
2
|
class SensitiveTableQueryLogSilencer < Arproxy::Base
|
|
3
|
-
def execute(sql, name=nil)
|
|
3
|
+
def execute(sql, name=nil, **kwargs)
|
|
4
4
|
if Rails.logger.level != Logger::DEBUG || !(Blouson::SENSITIVE_TABLE_REGEXP === sql)
|
|
5
|
-
return super(sql, name)
|
|
5
|
+
return super(sql, name, **kwargs)
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
ActiveRecord::Base.logger.silence(Logger::INFO) do
|
|
9
9
|
Rails.logger.info " [Blouson::SensitiveTableQueryLogSilencer] SQL Log is skipped for sensitive table"
|
|
10
|
-
super(sql, name)
|
|
10
|
+
super(sql, name, **kwargs)
|
|
11
11
|
end
|
|
12
12
|
end
|
|
13
13
|
end
|
data/lib/blouson/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: blouson
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cookpad Inc.
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-05-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -143,9 +143,9 @@ executables: []
|
|
|
143
143
|
extensions: []
|
|
144
144
|
extra_rdoc_files: []
|
|
145
145
|
files:
|
|
146
|
+
- ".github/workflows/ci.yml"
|
|
146
147
|
- ".gitignore"
|
|
147
148
|
- ".rspec"
|
|
148
|
-
- ".travis.yml"
|
|
149
149
|
- Appraisals
|
|
150
150
|
- CHANGELOG.md
|
|
151
151
|
- Gemfile
|
|
@@ -155,10 +155,12 @@ files:
|
|
|
155
155
|
- bin/console
|
|
156
156
|
- bin/setup
|
|
157
157
|
- blouson.gemspec
|
|
158
|
-
- gemfiles/rails_4.2.gemfile
|
|
159
158
|
- gemfiles/rails_5.0.gemfile
|
|
160
159
|
- gemfiles/rails_5.1.gemfile
|
|
161
160
|
- gemfiles/rails_5.2.gemfile
|
|
161
|
+
- gemfiles/rails_6.0.gemfile
|
|
162
|
+
- gemfiles/rails_6.1.gemfile
|
|
163
|
+
- gemfiles/rails_7.0.gemfile
|
|
162
164
|
- lib/blouson.rb
|
|
163
165
|
- lib/blouson/engine.rb
|
|
164
166
|
- lib/blouson/raven_parameter_filter_processor.rb
|
|
@@ -172,7 +174,7 @@ homepage: https://github.com/cookpad/blouson
|
|
|
172
174
|
licenses:
|
|
173
175
|
- MIT
|
|
174
176
|
metadata: {}
|
|
175
|
-
post_install_message:
|
|
177
|
+
post_install_message:
|
|
176
178
|
rdoc_options: []
|
|
177
179
|
require_paths:
|
|
178
180
|
- lib
|
|
@@ -187,8 +189,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
187
189
|
- !ruby/object:Gem::Version
|
|
188
190
|
version: '0'
|
|
189
191
|
requirements: []
|
|
190
|
-
rubygems_version: 3.
|
|
191
|
-
signing_key:
|
|
192
|
+
rubygems_version: 3.3.8
|
|
193
|
+
signing_key:
|
|
192
194
|
specification_version: 4
|
|
193
195
|
summary: Filter tools to mask sensitive data in various logs
|
|
194
196
|
test_files: []
|
data/.travis.yml
DELETED
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
sudo: false
|
|
2
|
-
language: ruby
|
|
3
|
-
services:
|
|
4
|
-
- mysql
|
|
5
|
-
gemfile:
|
|
6
|
-
- gemfiles/rails_4.2.gemfile
|
|
7
|
-
- gemfiles/rails_5.0.gemfile
|
|
8
|
-
- gemfiles/rails_5.1.gemfile
|
|
9
|
-
- gemfiles/rails_5.2.gemfile
|
|
10
|
-
rvm:
|
|
11
|
-
- 2.3.8
|
|
12
|
-
- 2.4.6
|
|
13
|
-
- 2.5.5
|
|
14
|
-
- 2.6.3
|
|
15
|
-
before_install:
|
|
16
|
-
- "[[ $BUNDLE_GEMFILE =~ rails_4\\.2 ]] && gem uninstall -v '>= 2' -i $(rvm gemdir)@global -ax bundler || true"
|
|
17
|
-
- "[[ $BUNDLE_GEMFILE =~ rails_4\\.2 ]] && gem install bundler -v '< 2' || true"
|