blouson 2.0.0 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +5 -23
- data/.gitignore +1 -0
- data/Appraisals +4 -12
- data/CHANGELOG.md +10 -0
- data/blouson.gemspec +1 -1
- data/gemfiles/{rails_5.0.gemfile → rails_7.1.gemfile} +1 -1
- data/lib/blouson/engine.rb +6 -1
- data/lib/blouson/sensitive_query_filter.rb +39 -14
- data/lib/blouson/sensitive_table_query_log_silencer.rb +1 -1
- data/lib/blouson/version.rb +1 -1
- data/lib/blouson.rb +1 -1
- metadata +7 -9
- data/gemfiles/rails_5.1.gemfile +0 -7
- data/gemfiles/rails_5.2.gemfile +0 -7
- /data/lib/blouson/{sensitive_params_silener.rb → sensitive_params_silencer.rb} +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 840e5b805a31017d60d1652c29a478e2b356b7b37a573bb74f345e9dcde7c2ac
|
|
4
|
+
data.tar.gz: c7dd1bfac7e80734459faa5429d17eef64d73c04a034f18bfdb5126530b155da
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a42792b547527c0a2406a9d2bc206ef8860df465e879685f56202170559e2ebfc39da76837d7abf53a08e13bdbaa74a3def88bdd3f57e6daaab78f4d3d23a3ab
|
|
7
|
+
data.tar.gz: 231df2e6c0798617606195afaf2812c09e6de32ee9109e93ee0aca9e4e35c7e14be08b8a288238104ce525f22621a9897fb4f7c1d084aba804ab2cc0daf8def7
|
data/.github/workflows/ci.yml
CHANGED
|
@@ -11,38 +11,20 @@ jobs:
|
|
|
11
11
|
fail-fast: false
|
|
12
12
|
matrix:
|
|
13
13
|
ruby:
|
|
14
|
-
- '2.6'
|
|
15
14
|
- '2.7'
|
|
16
15
|
- '3.0'
|
|
17
16
|
- '3.1'
|
|
17
|
+
- '3.2'
|
|
18
|
+
- '3.3'
|
|
18
19
|
gemfile:
|
|
19
|
-
- rails_5.0
|
|
20
|
-
- rails_5.1
|
|
21
|
-
- rails_5.2
|
|
22
20
|
- rails_6.0
|
|
23
21
|
- rails_6.1
|
|
24
22
|
- rails_7.0
|
|
25
|
-
|
|
26
|
-
# Ruby >= 3.0 is supported since Rails 6.0
|
|
27
|
-
- ruby: '3.0'
|
|
28
|
-
gemfile: rails_5.0
|
|
29
|
-
- ruby: '3.0'
|
|
30
|
-
gemfile: rails_5.1
|
|
31
|
-
- ruby: '3.0'
|
|
32
|
-
gemfile: rails_5.2
|
|
33
|
-
- ruby: '3.1'
|
|
34
|
-
gemfile: rails_5.0
|
|
35
|
-
- ruby: '3.1'
|
|
36
|
-
gemfile: rails_5.1
|
|
37
|
-
- ruby: '3.1'
|
|
38
|
-
gemfile: rails_5.2
|
|
39
|
-
# Rails 7.0 supports Ruby >= 2.7 only
|
|
40
|
-
- ruby: '2.6'
|
|
41
|
-
gemfile: rails_7.0
|
|
23
|
+
- rails_7.1
|
|
42
24
|
name: Run test with Ruby ${{ matrix.ruby }} and Gemfile ${{ matrix.gemfile }}
|
|
43
25
|
services:
|
|
44
26
|
mysql:
|
|
45
|
-
image: mysql:
|
|
27
|
+
image: mysql:8.4
|
|
46
28
|
env:
|
|
47
29
|
MYSQL_ALLOW_EMPTY_PASSWORD: '1'
|
|
48
30
|
MYSQL_DATABASE: blouson
|
|
@@ -56,7 +38,7 @@ jobs:
|
|
|
56
38
|
env:
|
|
57
39
|
BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile
|
|
58
40
|
steps:
|
|
59
|
-
- uses: actions/checkout@
|
|
41
|
+
- uses: actions/checkout@v4
|
|
60
42
|
- uses: ruby/setup-ruby@v1
|
|
61
43
|
with:
|
|
62
44
|
ruby-version: ${{ matrix.ruby }}
|
data/.gitignore
CHANGED
data/Appraisals
CHANGED
|
@@ -1,15 +1,3 @@
|
|
|
1
|
-
appraise 'rails-5.0' do
|
|
2
|
-
gem 'rails', '~> 5.0.0'
|
|
3
|
-
end
|
|
4
|
-
|
|
5
|
-
appraise 'rails-5.1' do
|
|
6
|
-
gem 'rails', '~> 5.1.0'
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
appraise 'rails-5.2' do
|
|
10
|
-
gem 'rails', '~> 5.2.0'
|
|
11
|
-
end
|
|
12
|
-
|
|
13
1
|
appraise 'rails-6.0' do
|
|
14
2
|
gem 'rails', '~> 6.0.0'
|
|
15
3
|
end
|
|
@@ -22,4 +10,8 @@ appraise 'rails-7.0' do
|
|
|
22
10
|
gem 'rails', '~> 7.0.0'
|
|
23
11
|
end
|
|
24
12
|
|
|
13
|
+
appraise 'rails-7.1' do
|
|
14
|
+
gem 'rails', '~> 7.1.0'
|
|
15
|
+
end
|
|
16
|
+
|
|
25
17
|
# vim: set ft=ruby:
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,13 @@
|
|
|
1
|
+
# 3.0.0 (2024-09-18)
|
|
2
|
+
- [Breaking change] Drop support for Ruby 2.6
|
|
3
|
+
- [Breaking change] Drop support for Rails 5.0, 5.1, and 5.2
|
|
4
|
+
- Support Ruby 3.2 and 3.3
|
|
5
|
+
- Support Rails 7.1
|
|
6
|
+
- [Breaking change] blouson/sensitive_params_silener is renamed to blouson/sensitive_params_silencer
|
|
7
|
+
- Use `Rails.logger.debug?` for loggers other than the default Logger class
|
|
8
|
+
- Run tests with MySQL 8.4 instead of 5.7
|
|
9
|
+
- Ignore lockfiles for Appraisal for the development
|
|
10
|
+
|
|
1
11
|
# 2.0.0 (2022-05-23)
|
|
2
12
|
- Support parameter filter for `sentry-ruby` gem
|
|
3
13
|
- [Breaking change] Drop dependency of `sentry-raven` gem
|
data/blouson.gemspec
CHANGED
|
@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
|
|
|
21
21
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
22
22
|
spec.require_paths = ["lib"]
|
|
23
23
|
|
|
24
|
-
spec.add_dependency 'rails', '>=
|
|
24
|
+
spec.add_dependency 'rails', '>= 6.0.0'
|
|
25
25
|
|
|
26
26
|
spec.add_development_dependency 'arproxy'
|
|
27
27
|
spec.add_development_dependency 'mysql2'
|
data/lib/blouson/engine.rb
CHANGED
|
@@ -6,7 +6,7 @@ module Blouson
|
|
|
6
6
|
|
|
7
7
|
# We have to prevent logging sensitive data in SQL if production mode and logger level is debug
|
|
8
8
|
initializer 'blouson.load_helpers' do |app|
|
|
9
|
-
if !Rails.env.development? && Rails.logger.
|
|
9
|
+
if !Rails.env.development? && Rails.logger.debug?
|
|
10
10
|
ActiveSupport.on_load(:action_controller) do
|
|
11
11
|
around_action Blouson::SensitiveParamsSilencer
|
|
12
12
|
end
|
|
@@ -19,6 +19,11 @@ module Blouson
|
|
|
19
19
|
ActiveRecord::StatementInvalid.class_eval do
|
|
20
20
|
prepend Blouson::SensitiveQueryFilter::StatementInvalidErrorFilter
|
|
21
21
|
end
|
|
22
|
+
if Rails::VERSION::MAJOR >= 7 && Rails::VERSION::MINOR >= 1 && defined?(Mysql2::Error)
|
|
23
|
+
ActiveRecord::ConnectionAdapters::AbstractAdapter.class_eval do
|
|
24
|
+
prepend Blouson::SensitiveQueryFilter::AbstractAdapterFilter
|
|
25
|
+
end
|
|
26
|
+
end
|
|
22
27
|
end
|
|
23
28
|
end
|
|
24
29
|
end
|
|
@@ -15,33 +15,43 @@ module Blouson
|
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
module StatementInvalidErrorFilter
|
|
18
|
-
def initialize(message = nil,
|
|
19
|
-
if SensitiveQueryFilter.contain_sensitive_query?(message) ||
|
|
18
|
+
def initialize(message = nil, sql: nil, binds: nil, connection_pool: nil)
|
|
19
|
+
if SensitiveQueryFilter.contain_sensitive_query?(message) || SensitiveQueryFilter.contain_sensitive_query?(sql)
|
|
20
20
|
message = SensitiveQueryFilter.filter_sensitive_words(message) if message
|
|
21
21
|
sql = SensitiveQueryFilter.filter_sensitive_words(sql) if sql
|
|
22
22
|
if defined?(Mysql2::Error)
|
|
23
|
-
if
|
|
24
|
-
original_exception.extend(Mysql2Filter)
|
|
25
|
-
elsif $!.is_a?(Mysql2::Error)
|
|
23
|
+
if $!.is_a?(Mysql2::Error)
|
|
26
24
|
$!.extend(Mysql2Filter)
|
|
27
25
|
end
|
|
28
26
|
end
|
|
29
27
|
end
|
|
30
28
|
|
|
31
|
-
if
|
|
32
|
-
# Rails
|
|
33
|
-
|
|
34
|
-
|
|
29
|
+
if connection_pool
|
|
30
|
+
# Rails >= 7.1
|
|
31
|
+
#
|
|
32
|
+
# - https://github.com/rails/rails/pull/48295
|
|
33
|
+
super(message, sql: sql, binds: binds, connection_pool: connection_pool)
|
|
34
|
+
else
|
|
35
35
|
# Rails >= 6.0
|
|
36
36
|
#
|
|
37
37
|
# - https://github.com/rails/rails/pull/34468
|
|
38
38
|
super(message, sql: sql, binds: binds)
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def set_query(sql, binds)
|
|
43
|
+
if SensitiveQueryFilter.contain_sensitive_query?(sql)
|
|
44
|
+
super(SensitiveQueryFilter.filter_sensitive_words(sql), binds)
|
|
39
45
|
else
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
46
|
+
super(sql, binds)
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
def to_s
|
|
51
|
+
if SensitiveQueryFilter.contain_sensitive_query?(sql)
|
|
52
|
+
SensitiveQueryFilter.filter_sensitive_words(super)
|
|
53
|
+
else
|
|
54
|
+
super
|
|
45
55
|
end
|
|
46
56
|
end
|
|
47
57
|
end
|
|
@@ -51,5 +61,20 @@ module Blouson
|
|
|
51
61
|
SensitiveQueryFilter.filter_sensitive_words(super)
|
|
52
62
|
end
|
|
53
63
|
end
|
|
64
|
+
|
|
65
|
+
module AbstractAdapterFilter
|
|
66
|
+
def log(sql, name = "SQL", binds = [], type_casted_binds = [], statement_name = nil, async: false, &block)
|
|
67
|
+
super(sql, name, binds, type_casted_binds, statement_name, async: false, &block)
|
|
68
|
+
rescue ActiveRecord::RecordNotUnique, Mysql2::Error => ex
|
|
69
|
+
if ex.cause.is_a?(Mysql2::Error)
|
|
70
|
+
ex.cause.extend(Mysql2Filter)
|
|
71
|
+
elsif $!.is_a?(Mysql2::Error)
|
|
72
|
+
$!.extend(Mysql2Filter)
|
|
73
|
+
end
|
|
74
|
+
raise ex
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
private :log
|
|
78
|
+
end
|
|
54
79
|
end
|
|
55
80
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Blouson
|
|
2
2
|
class SensitiveTableQueryLogSilencer < Arproxy::Base
|
|
3
3
|
def execute(sql, name=nil, **kwargs)
|
|
4
|
-
if Rails.logger.
|
|
4
|
+
if !Rails.logger.debug? || !(Blouson::SENSITIVE_TABLE_REGEXP === sql)
|
|
5
5
|
return super(sql, name, **kwargs)
|
|
6
6
|
end
|
|
7
7
|
|
data/lib/blouson/version.rb
CHANGED
data/lib/blouson.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: blouson
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 3.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cookpad Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-09-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
19
|
+
version: 6.0.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - ">="
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version:
|
|
26
|
+
version: 6.0.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: arproxy
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -169,17 +169,15 @@ files:
|
|
|
169
169
|
- bin/console
|
|
170
170
|
- bin/setup
|
|
171
171
|
- blouson.gemspec
|
|
172
|
-
- gemfiles/rails_5.0.gemfile
|
|
173
|
-
- gemfiles/rails_5.1.gemfile
|
|
174
|
-
- gemfiles/rails_5.2.gemfile
|
|
175
172
|
- gemfiles/rails_6.0.gemfile
|
|
176
173
|
- gemfiles/rails_6.1.gemfile
|
|
177
174
|
- gemfiles/rails_7.0.gemfile
|
|
175
|
+
- gemfiles/rails_7.1.gemfile
|
|
178
176
|
- lib/blouson.rb
|
|
179
177
|
- lib/blouson/engine.rb
|
|
180
178
|
- lib/blouson/raven_parameter_filter_processor.rb
|
|
181
179
|
- lib/blouson/sensitive_mail_log_filter.rb
|
|
182
|
-
- lib/blouson/
|
|
180
|
+
- lib/blouson/sensitive_params_silencer.rb
|
|
183
181
|
- lib/blouson/sensitive_query_filter.rb
|
|
184
182
|
- lib/blouson/sensitive_table_query_log_silencer.rb
|
|
185
183
|
- lib/blouson/sentry_parameter_filter.rb
|
|
@@ -204,7 +202,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
204
202
|
- !ruby/object:Gem::Version
|
|
205
203
|
version: '0'
|
|
206
204
|
requirements: []
|
|
207
|
-
rubygems_version: 3.
|
|
205
|
+
rubygems_version: 3.5.11
|
|
208
206
|
signing_key:
|
|
209
207
|
specification_version: 4
|
|
210
208
|
summary: Filter tools to mask sensitive data in various logs
|
data/gemfiles/rails_5.1.gemfile
DELETED
data/gemfiles/rails_5.2.gemfile
DELETED
|
File without changes
|