failbot 2.0.1 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5f668202c2f67a5b46e2ab742f00f173e58f8f4d
-  data.tar.gz: 3ca18fe7d1d48e8bea33a91c8e2037e78bba2e1b
+  metadata.gz: e8f7925c230c8a2bb881cc98d04f0fbc0af41406
+  data.tar.gz: 4f2645f74f1599a3e28be1b336c483ca53d46ff0
 SHA512:
-  metadata.gz: 55fa453972efb9dbd6d5703e1f45eeef5d2235f3778cbf56041a3ba6f7dd62650764d9505f63ce190789aafeada5a353da7b48a49e7c3b8255cd79c4b541cdb4
-  data.tar.gz: 63baf5464539e8fb6639ceb625a3d0cdd2dcc25291c7b273eb0948b190479b9362430086e40ded78e0ac0c9e1390ed953d36322ce239a50eb2a34ba35d066ea8
+  metadata.gz: f212fdec123d2cabdf55b2e772e0df63e9fdb454b8aab68de06f47c46c7c1cb7cf6bdf9106dee5235e065e813cbf83b45e0cc2f28c1d583ed8bd02285bb8f968
+  data.tar.gz: c0272fd6b9275406eea6d403866e38e3755600985c22fffd772f8ec846311165c43a9fc608122541212049bc078fda7166a91f0fe9a5f52b6654f73026ca71d6

data/lib/failbot.rb

@@ -8,6 +8,7 @@ require "uri"
 
 require 'failbot/version'
 require "failbot/compat"
+require "failbot/sensitive_data_scrubber"
 
 # Failbot asynchronously takes exceptions and reports them to the
 # exception logger du jour. Keeps the main app from failing or lagging if
@@ -16,10 +17,11 @@ module Failbot
   # Interface for posting exception data to haystack.
   autoload :Haystack, 'failbot/haystack'
 
-  autoload :FileBackend,   'failbot/file_backend'
-  autoload :HTTPBackend,   'failbot/http_backend'
-  autoload :MemoryBackend, 'failbot/memory_backend'
-  autoload :JSONBackend,   'failbot/json_backend'
+  autoload :ConsoleBackend, 'failbot/console_backend'
+  autoload :FileBackend,    'failbot/file_backend'
+  autoload :HTTPBackend,    'failbot/http_backend'
+  autoload :MemoryBackend,  'failbot/memory_backend'
+  autoload :JSONBackend,    'failbot/json_backend'
 
   # Public: Set an instrumenter to be called when exceptions are reported.
   #
@@ -79,6 +81,8 @@ module Failbot
         Failbot::HTTPBackend.new(URI(settings["FAILBOT_HAYSTACK_URL"]))
       when 'json'
         Failbot::JSONBackend.new(settings["FAILBOT_BACKEND_JSON_HOST"], settings["FAILBOT_BACKEND_JSON_PORT"])
+      when 'console'
+        Failbot::ConsoleBackend.new
       else
         raise ArgumentError, "Unknown backend: #{name.inspect}"
       end
@@ -93,6 +97,8 @@ module Failbot
 
   # Bring in deprecated methods
   extend Failbot::Compat
+  # Bring in sensitive data scrubber specific methods
+  extend Failbot::SensitiveDataScrubber
 
   # Stack of context information to include in the next failbot report. These
   # hashes are condensed down into one and included in the next report. Don't
@@ -109,7 +115,7 @@ module Failbot
   #
   # Returns the value returned by the block when given; otherwise, returns nil.
   def push(info={})
-    context.push(info)
+    context.push(scrub(info))
     yield if block_given?
   ensure
     pop if block_given?
@@ -218,11 +224,12 @@ module Failbot
   #
   # Returns nothing.
   def report(e, other = {})
+    scrubbed_other = scrub(other)
     if @raise_errors
-      squash_contexts(context, exception_info(e), other) # surface problems squashing
+      squash_contexts(context, exception_info(e), scrubbed_other) # surface problems squashing
       raise e
     else
-      report!(e, other)
+      report!(e, scrubbed_other)
     end
   end
 

data/lib/failbot/console_backend.rb

@@ -0,0 +1,9 @@
+require 'json'
+
+module Failbot
+  class ConsoleBackend
+    def report(data)
+      $stderr.puts data.to_json
+    end
+  end
+end

data/lib/failbot/sensitive_data_scrubber.rb

@@ -0,0 +1,68 @@
+module Failbot
+  module SensitiveDataScrubber
+    FILTERED = '****'.freeze
+    BASIC_AUTH_REGEX = /:\/\/(.+:.*)(?=@)/
+    MAX_DEPTH = 100
+
+    def scrub(hash)
+      transform_values(hash) do |value|
+        scrub_urls(value)
+      end
+    end
+
+    def scrub_urls(value, max_depth=MAX_DEPTH)
+      return value if max_depth <= 0
+
+      case value
+      when String
+        scrub_url(value)
+      when Array
+        value.map do |element|
+          scrub_urls(element, max_depth - 1)
+        end
+      when Hash
+        transform_values(value) do |nested_value|
+          scrub_urls(nested_value, max_depth - 1)
+        end
+      else
+        value
+      end
+    end
+
+    def scrub_url(url)
+      uri = URI(url)
+
+      uri.query = scrub_request_params(uri.query) if uri.query
+
+      uri.to_s.gsub(BASIC_AUTH_REGEX, "://#{FILTERED}:#{FILTERED}")
+    rescue
+      url
+    end
+
+    # Took this from ruby 2.4+ because we do not want to rely on
+    # specific ruby versions.
+    #
+    def transform_values(hash)
+      return {} if hash.empty?
+      result = Hash.new
+      hash.each do |key, value|
+        result[key] = yield(value)
+      end
+      result
+    end
+
+    def scrub_request_params(query)
+      # We can do this with Rack query builder but we do not want to have a dependency on Rack
+      params = Hash[query.split('&').map { |el| el.split('=') }]
+
+      params.each do |attr, _|
+        if attr.include?('token') ||
+          !!attr.match(/oauth_\w+/) # this is for Oauth 1.0
+          params[attr] = FILTERED
+        end
+      end
+
+      params.map { |el| el.join('=') }.join('&')
+    end
+  end
+end

data/lib/failbot/version.rb

@@ -1,3 +1,3 @@
 module Failbot
-  VERSION = "2.0.1"
+  VERSION = "2.2.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: failbot
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.2.0
 platform: ruby
 authors:
 - "@rtomayko"
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-05-24 00:00:00.000000000 Z
+date: 2019-10-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -68,6 +68,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: minitest-stub-const
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.6'
 description: "..."
 email:
 - github+failbot@lists.github.com
@@ -77,6 +91,7 @@ extra_rdoc_files: []
 files:
 - lib/failbot.rb
 - lib/failbot/compat.rb
+- lib/failbot/console_backend.rb
 - lib/failbot/exit_hook.rb
 - lib/failbot/failbot.yml
 - lib/failbot/file_backend.rb
@@ -86,6 +101,7 @@ files:
 - lib/failbot/memory_backend.rb
 - lib/failbot/middleware.rb
 - lib/failbot/resque_failure_backend.rb
+- lib/failbot/sensitive_data_scrubber.rb
 - lib/failbot/version.rb
 homepage: http://github.com/github/failbot#readme
 licenses:
@@ -107,7 +123,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 1.3.6
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.5.2.3
 signing_key: 
 specification_version: 4
 summary: Deliver exceptions to Haystack