httpigeon 2.4.2 → 2.4.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +14 -0
- data/lib/httpigeon/log_redactor.rb +29 -13
- data/lib/httpigeon/request.rb +2 -2
- data/lib/httpigeon/version.rb +1 -1
- data/lib/httpigeon.rb +5 -5
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0b8d669487635648819946f6e0dc0397d455a8c9e94f3910237f87b44ba83baa
|
|
4
|
+
data.tar.gz: c8d74069ffcbc45b04fbbce70fd773fe61de28ca0653c36373f22b025ed0616d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c1310fd845d9e301ef72f653f92d90df00c59437f8bd930ca028a30ba63901399ebe474acf107e4d120051e5d972b2dc8fa1c77be707a692ac3f6376465766b6
|
|
7
|
+
data.tar.gz: f32e7f66c863a1bec098504328e6321d4b41d3a3276517169c7735b6547c50fc26cb43ff802b6c4a6b180c0dce95139ccac335bb4dd55dad8f3527109c427329
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,19 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [2.4.4](https://github.com/dailypay/httpigeon/compare/v2.4.3...v2.4.4) (2026-07-17)
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
### Bug Fixes
|
|
7
|
+
|
|
8
|
+
* **ASV-4361:** close five log-redaction and dispatch findings ([#64](https://github.com/dailypay/httpigeon/issues/64)) ([ef56054](https://github.com/dailypay/httpigeon/commit/ef5605465787d5cea1cce6f39ffd96763502a968))
|
|
9
|
+
|
|
10
|
+
## [2.4.3](https://github.com/dailypay/httpigeon/compare/v2.4.2...v2.4.3) (2026-05-01)
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
### Bug Fixes
|
|
14
|
+
|
|
15
|
+
* **ASV-4003:** Fix default filter regex patterns ([#61](https://github.com/dailypay/httpigeon/issues/61)) ([8cb6d37](https://github.com/dailypay/httpigeon/commit/8cb6d37c0d441507f0c18b19ea1b406fca2b5d6b))
|
|
16
|
+
|
|
3
17
|
## [2.4.2](https://github.com/dailypay/httpigeon/compare/v2.4.1...v2.4.2) (2026-02-18)
|
|
4
18
|
|
|
5
19
|
|
|
@@ -48,15 +48,21 @@ module HTTPigeon
|
|
|
48
48
|
|
|
49
49
|
if filter.present?
|
|
50
50
|
replacement = filter.split('::')[1].presence
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
51
|
+
# Replace collections wholesale; partial redaction leaks bytes of
|
|
52
|
+
# nested secrets.
|
|
53
|
+
v = if replacement.present?
|
|
54
|
+
replacement
|
|
55
|
+
elsif v.is_a?(Hash) || v.is_a?(Array)
|
|
56
|
+
HTTPigeon.redactor_string
|
|
57
|
+
else
|
|
58
|
+
redact_value(v)
|
|
59
|
+
end
|
|
59
60
|
[k, v]
|
|
61
|
+
else
|
|
62
|
+
# Recurse through the dispatcher so nested values redact like
|
|
63
|
+
# top-level ones. This runs content/regex filters over string
|
|
64
|
+
# values too (e.g. secrets in JSON bodies).
|
|
65
|
+
[k, redact(v)]
|
|
60
66
|
end
|
|
61
67
|
end
|
|
62
68
|
end
|
|
@@ -67,13 +73,23 @@ module HTTPigeon
|
|
|
67
73
|
|
|
68
74
|
next unless pattern.match?(%r{^/.*/([guysim]*)$})
|
|
69
75
|
|
|
76
|
+
regex = regex_for(pattern)
|
|
77
|
+
|
|
70
78
|
data = if replacement.present?
|
|
71
|
-
|
|
79
|
+
# Block form keeps the replacement literal; the string form
|
|
80
|
+
# expands backreferences (\1, \&) and re-emits the secret.
|
|
81
|
+
data.gsub(regex) { replacement }
|
|
72
82
|
else
|
|
73
|
-
data.gsub(
|
|
74
|
-
captures =
|
|
75
|
-
|
|
76
|
-
|
|
83
|
+
data.gsub(regex) do |sub|
|
|
84
|
+
captures = Regexp.last_match&.captures
|
|
85
|
+
|
|
86
|
+
# A zero-width capture yields nil; skip it rather than
|
|
87
|
+
# concatenating nil and raising TypeError.
|
|
88
|
+
if captures.present? && !captures[1].nil?
|
|
89
|
+
captures[0] + redact_value(captures[1])
|
|
90
|
+
else
|
|
91
|
+
sub
|
|
92
|
+
end
|
|
77
93
|
end
|
|
78
94
|
end
|
|
79
95
|
end
|
data/lib/httpigeon/request.rb
CHANGED
|
@@ -84,12 +84,12 @@ module HTTPigeon
|
|
|
84
84
|
|
|
85
85
|
raw_response = if HTTPigeon.mount_circuit_breaker
|
|
86
86
|
fuse.execute(request_id: connection.headers[REQUEST_ID_HEADER]) do
|
|
87
|
-
connection.send(
|
|
87
|
+
connection.send(sym_method, path, payload) do |request|
|
|
88
88
|
yield(request) if block_given?
|
|
89
89
|
end
|
|
90
90
|
end
|
|
91
91
|
else
|
|
92
|
-
connection.send(
|
|
92
|
+
connection.send(sym_method, path, payload) do |request|
|
|
93
93
|
yield(request) if block_given?
|
|
94
94
|
end
|
|
95
95
|
end
|
data/lib/httpigeon/version.rb
CHANGED
data/lib/httpigeon.rb
CHANGED
|
@@ -12,11 +12,11 @@ module HTTPigeon
|
|
|
12
12
|
extend self
|
|
13
13
|
|
|
14
14
|
module FilterPatterns
|
|
15
|
-
EMAIL = "/(?'key'(email_?(address|Address)?=))(?'value'(
|
|
16
|
-
PASSWORD = "/(?'key'(pass_?(w|W)?ord=))(?'value'([
|
|
17
|
-
USERNAME = "/(?'key'(user_?(n|N)?ame=))(?'value'([
|
|
18
|
-
CLIENT_ID = "/(?'key'(client_?(id|Id)?=))(?'value'([
|
|
19
|
-
CLIENT_SECRET = "/(?'key'(client_?(s|S)?ecret=))(?'value'([
|
|
15
|
+
EMAIL = "/(?'key'(email_?(address|Address)?=))(?'value'([^&\\n\\r]*\\.[a-z]+))(?=&|$)/".freeze
|
|
16
|
+
PASSWORD = "/(?'key'(pass_?(w|W)?ord=))(?'value'([^&\\n\\r])*)/".freeze
|
|
17
|
+
USERNAME = "/(?'key'(user_?(n|N)?ame=))(?'value'([^&\\n\\r])*)/".freeze
|
|
18
|
+
CLIENT_ID = "/(?'key'(client_?(id|Id)?=))(?'value'([^&\\n\\r])*)/".freeze
|
|
19
|
+
CLIENT_SECRET = "/(?'key'(client_?(s|S)?ecret=))(?'value'([^&\\n\\r])*)/".freeze
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
class InvalidConfigurationError < StandardError; end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: httpigeon
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.4.
|
|
4
|
+
version: 2.4.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 2k-joker
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2026-
|
|
11
|
+
date: 2026-07-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: faraday
|