failbot 2.3.1 → 2.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/failbot.rb +4 -5
  3. data/lib/failbot/sensitive_data_scrubber.rb +10 -20
  4. data/lib/failbot/version.rb +1 -1
  5. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 556ca34093cb33fc4db100a530b407cd4ed38282d615ecffbea2050a6479121d
4
- data.tar.gz: b885163eaefde6ef987f7b4340dcd98f1a2c45c34cfda1352fd9c490eb866a35
3
+ metadata.gz: 3d59eaaa4b282ed08208605e95c1016cf129cc2bc8d8a877d9be047aac0a7a98
4
+ data.tar.gz: 08e20096fdc2ca17e6decb2a0528d0170d4dd836f627f1ef79de5062ff972684
5
5
  SHA512:
6
- metadata.gz: 303221221b3f2426e21fcee2bd4398ed0975fe68ba68d82938a495fc1654ec8476fef153fa617b33a8034f42babc4617ea0c5b48ab94d2121ba3e1da4eb29a92
7
- data.tar.gz: d38ba8d750531eac9f6ee1359c0ec30aa6165ad9d64f3f7fda3454a18cbe818242d50a4e524827ea1c37b79dc2db66ea3e558294b352d4a2db4fbe2ce00c9315
6
+ metadata.gz: 26da2ec068e6e273b984bf9c8ff5d231182914bff9a3bb0861e13854f1a43a8bab3587ea8b12531b4d2d41c2f98e71fa94e7880fa1ca0237fca4634eb46f04d0
7
+ data.tar.gz: ca25afcbfd0e45c8cf23218b4cc695347f9f39294e943a6402f4b698ff3dbeb22f0179276f7d691e323c9a6b733de034f88c9e9b3d3c57582ec1688be81c606b
data/lib/failbot.rb CHANGED
@@ -117,7 +117,7 @@ module Failbot
117
117
  #
118
118
  # Returns the value returned by the block when given; otherwise, returns nil.
119
119
  def push(info={})
120
- context.push(scrub(info))
120
+ context.push(info)
121
121
  yield if block_given?
122
122
  ensure
123
123
  pop if block_given?
@@ -226,12 +226,11 @@ module Failbot
226
226
  #
227
227
  # Returns nothing.
228
228
  def report(e, other = {})
229
- scrubbed_other = scrub(other)
230
229
  if @raise_errors
231
- squash_contexts(context, exception_info(e), scrubbed_other) # surface problems squashing
230
+ squash_contexts(context, exception_info(e), other) # surface problems squashing
232
231
  raise e
233
232
  else
234
- report!(e, scrubbed_other)
233
+ report!(e, other)
235
234
  end
236
235
  end
237
236
 
@@ -261,7 +260,7 @@ module Failbot
261
260
  data = data.merge("app" => @app_override)
262
261
  end
263
262
 
264
- data = sanitize(data)
263
+ data = scrub(sanitize(data))
265
264
 
266
265
  backend.report(data)
267
266
  instrument("report.failbot", data)
data/lib/failbot/sensitive_data_scrubber.rb CHANGED
@@ -1,7 +1,9 @@
1
1
  module Failbot
2
2
  module SensitiveDataScrubber
3
- FILTERED = '****'.freeze
4
- BASIC_AUTH_REGEX = /:\/\/(.+:.*)(?=@)/
3
+ FILTERED = '[FILTERED]'.freeze
4
+ BASIC_AUTH_REGEX = /https?:\/{2}([\w%\-!]*:[\w%\-!]*)@/
5
+ SENSITIVE_KEYWORDS = %w{ secret key access_token token password api_key oauth oauth_nonce }
6
+ QUERY_STRING_REGEX = Regexp.new("(?<key>#{SENSITIVE_KEYWORDS.join("|")})=[\\-\\w%]+")
5
7
  MAX_DEPTH = 100
6
8
 
7
9
  def scrub(hash)
@@ -30,11 +32,13 @@ module Failbot
30
32
  end
31
33
 
32
34
  def scrub_url(url)
33
- uri = URI(url)
34
-
35
- uri.query = scrub_request_params(uri.query) if uri.query
35
+ filtered_url = url.gsub(QUERY_STRING_REGEX) do |_|
36
+ "#{$~[:key]}=#{FILTERED}"
37
+ end
36
38
 
37
- uri.to_s.gsub(BASIC_AUTH_REGEX, "://#{FILTERED}:#{FILTERED}")
39
+ filtered_url.gsub(BASIC_AUTH_REGEX) do |m|
40
+ ($1 && m.gsub($1, "#{FILTERED}:#{FILTERED}")) || m
41
+ end
38
42
  rescue
39
43
  url
40
44
  end
@@ -50,19 +54,5 @@ module Failbot
50
54
  end
51
55
  result
52
56
  end
53
-
54
- def scrub_request_params(query)
55
- # We can do this with Rack query builder but we do not want to have a dependency on Rack
56
- params = Hash[query.split('&').map { |el| el.split('=') }]
57
-
58
- params.each do |attr, _|
59
- if attr.include?('token') ||
60
- attr.include?('oauth')
61
- params[attr] = FILTERED
62
- end
63
- end
64
-
65
- params.map { |el| el.join('=') }.join('&')
66
- end
67
57
  end
68
58
  end
data/lib/failbot/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Failbot
2
- VERSION = "2.3.1"
2
+ VERSION = "2.3.3"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: failbot
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.1
4
+ version: 2.3.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - "@rtomayko"
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2019-12-13 00:00:00.000000000 Z
13
+ date: 2020-01-15 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: rake
@@ -122,7 +122,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
122
122
  - !ruby/object:Gem::Version
123
123
  version: 1.3.6
124
124
  requirements: []
125
- rubygems_version: 3.0.3
125
+ rubygems_version: 3.1.2
126
126
  signing_key:
127
127
  specification_version: 4
128
128
  summary: Deliver exceptions to Haystack