logstop 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 996c1a6196492b32af2c6671404af889a1c42240a4e1e7d7b2047faa25f2ca0b
-  data.tar.gz: 2874a85dd249f9c9355dc17f7984b5d1fac26977cf98a74a478aafb19849f1b7
+  metadata.gz: 25fa65a53db09bbdaf79bc3328b362ba4916a6c053a6509d09c0954bad16630f
+  data.tar.gz: 63a35fc75f233f0111c74283aa26e97cfe9e3788d29cb07a896fa87819dd923b
 SHA512:
-  metadata.gz: af055d4cb224519ec8a68e5f34f7cac6a7dc91afc0df233fb1fa03890401a04c6af9c1e6b6c118995e3b6b115d337d0e84a60f32037a3b993ae873afc2784c19
-  data.tar.gz: 55878748c919f917afa735ed3e8c010e8598037ed21786e7ea225d6770ed21aef70fef75efb719b52b8fc42f1eda8619394c8bf5088fe1c951cb12c51c72f58f
+  metadata.gz: 124774d6a4f51314d3104712cb8096d4a16cdb1996bda58bd2de38d253ebb0811293e4513b010cb92ca275d13f73471e1ba0542b6f14b7b455fa7119870b399b
+  data.tar.gz: da752afaef25ad882edbd5a8ea081c04470d11783ed6e4023498c63dc1308fb59164f79b766e39d690bf92dd7ceb5a2e83426ec22b7d417065cb53fc89a10ef6

data/.travis.yml

@@ -0,0 +1,11 @@
+language: ruby
+rvm: 2.4.2
+gemfile:
+  - Gemfile
+sudo: false
+before_install: gem install bundler
+script: bundle exec rake test
+notifications:
+  email:
+    on_success: never
+    on_failure: change

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 0.2.0
+
+- Less aggressive filtering on numbers
+- Filter passwords in urls
+- Added `Logstop.scrub` method
+
 ## 0.1.0
 
 - First release

data/README.md

@@ -13,13 +13,16 @@ By default, scrubs:
 - phone numbers
 - credit card numbers
 - Social Security numbers (SSNs)
+- passwords in urls
 
 Works with all types of logging - Ruby, ActiveRecord, ActiveJob, and more
 
 ```
-User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."email" = ? [["email", "[FILTERED]"]]
+User Load (0.1ms)  SELECT "users".* FROM "users" WHERE "users"."email" = ?  [["email", "[FILTERED]"]]
 ```
 
+[![Build Status](https://travis-ci.org/ankane/logstop.svg?branch=master)](https://travis-ci.org/ankane/logstop)
+
 ## Installation
 
 Add this line to your application’s Gemfile:
@@ -42,10 +45,18 @@ To scrub IP addresses, use:
 Logstop::Formatter.new(formatter, ip: true)
 ```
 
+To scrub outside of logging, use:
+
+```ruby
+Logstop.scrub(msg)
+```
+
 ## Note
 
 This should be used in addition to `config.filtered_parameters`, not as a replacement.
 
+To scrub existing log files, check out [scrubadub](https://github.com/datascopeanalytics/scrubadub).
+
 ## Resources
 
 - [List of PII, as defined by NIST](https://en.wikipedia.org/wiki/Personally_identifiable_information#NIST_definition)

data/lib/logstop.rb

@@ -1,31 +1,28 @@
+require "logstop/formatter"
 require "logstop/version"
-require "logger"
 
 module Logstop
-  class Formatter < ::Logger::Formatter
-    FILTERED_STR = "[FILTERED]".freeze
+  FILTERED_STR = "[FILTERED]".freeze
+  FILTERED_URL_STR = "\\1[FILTERED]@".freeze
 
-    CREDIT_CARD_REGEX = /\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b/
-    EMAIL_REGEX = /\b[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\b/i
-    IP_REGEX = /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/
-    PHONE_REGEX = /\b(\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]?\d{3}[\s.-]?\d{4}\b/i
-    SSN_REGEX = /\b\d{3}[\s-]?\d{2}[\s-]?\d{4}\b/i
+  CREDIT_CARD_REGEX = /\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b/
+  EMAIL_REGEX = /\b[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\b/i
+  IP_REGEX = /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/
+  PHONE_REGEX = /\b(\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4}\b/i
+  SSN_REGEX = /\b\d{3}[\s-]\d{2}[\s-]\d{4}\b/i
+  URL_PASSWORD_REGEX = /(\/\/\S+:)\S+@/
 
-    def initialize(formatter = nil, ip: false)
-      @formatter = formatter || ::Logger::Formatter.new
-      @ip = ip
-    end
+  def self.scrub(msg, ip: false)
+    msg = msg.to_s
 
-    def call(severity, timestamp, progname, msg)
-      output = @formatter.call(severity, timestamp, progname, msg)
-      output = output.gsub(IP_REGEX, FILTERED_STR) if @ip
+    msg = msg.gsub(IP_REGEX, FILTERED_STR) if ip
 
-      # order filters are applied is important
-      output
-        .gsub(CREDIT_CARD_REGEX, FILTERED_STR)
-        .gsub(PHONE_REGEX, FILTERED_STR)
-        .gsub(SSN_REGEX, FILTERED_STR)
-        .gsub(EMAIL_REGEX, FILTERED_STR)
-    end
+    # order filters are applied is important
+    msg
+      .gsub(CREDIT_CARD_REGEX, FILTERED_STR)
+      .gsub(PHONE_REGEX, FILTERED_STR)
+      .gsub(SSN_REGEX, FILTERED_STR)
+      .gsub(EMAIL_REGEX, FILTERED_STR)
+      .gsub(URL_PASSWORD_REGEX, FILTERED_URL_STR)
   end
 end

data/lib/logstop/formatter.rb

@@ -0,0 +1,14 @@
+require "logger"
+
+module Logstop
+  class Formatter < ::Logger::Formatter
+    def initialize(formatter = nil, ip: false)
+      @formatter = formatter || ::Logger::Formatter.new
+      @ip = ip
+    end
+
+    def call(severity, timestamp, progname, msg)
+      Logstop.scrub(@formatter.call(severity, timestamp, progname, msg), ip: @ip)
+    end
+  end
+end

data/lib/logstop/version.rb

@@ -1,3 +1,3 @@
 module Logstop
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstop
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Andrew Kane
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-03-31 00:00:00.000000000 Z
+date: 2018-04-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: benchmark-ips
@@ -74,12 +74,14 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".travis.yml"
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
 - lib/logstop.rb
+- lib/logstop/formatter.rb
 - lib/logstop/version.rb
 - logstop.gemspec
 homepage: https://github.com/ankane/logstop