logstop 0.2.2 → 0.2.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: da4a7ae0dfced4f2fd89ef52da3c7560b714161722f9e6642628d2bc5c6dc7bd
-  data.tar.gz: 8d96132e4c979d29ffec7572e9947f3f2e48cd40305bbefe9b0559a371a7ed13
+  metadata.gz: 06f0dd3d6fdaab9b3b43855f0cfca8d282be00b92b7ca0cce0fca78563e15942
+  data.tar.gz: f6c531bedfc8fff417f150c81ea3c16b0fffcfa2d11a322113f4e46f34061c28
 SHA512:
-  metadata.gz: 1eedaef8e9a44ef497585e0dfc0b7ce82b28f88066df8edb13d38b6f181966784bb582996f49f8b469bad457874083d00bfa84b7be07330aa9882c0405882af8
-  data.tar.gz: 4c4125427122c48e8f742e37514a25d0c61f29e36c1bc542e4a56b8f37f59e16b011b9ec609b9c735e205c211c8cf2211ddf59fe958c8d11de667a03f8f839cc
+  metadata.gz: cf0546107ba926046989f0962817ddfcd9f5f1b43ed569bdd50982702388a4c4f76ef41bcb74515973a7b4346e11c49c7727a5468c8bf1baabdadbf259284c5c
+  data.tar.gz: ff895c82dd97a3c7977fd30ed360185c05e78cf0db601c548cf39733b37a8367a1934870d2144acf40829896da38bc46a747fc9c1957ff3b635be3a5975d8d43

data/CHANGELOG.md

@@ -1,18 +1,39 @@
-## 0.2.2
+## 0.2.7 (2021-02-08)
+
+- Fixed filtering for URL-encoded emails with `+`
+
+## 0.2.6 (2020-04-10)
+
+- Reduced allocations
+
+## 0.2.5 (2019-10-27)
+
+- Fixed filtering UUIDs
+
+## 0.2.4 (2018-12-11)
+
+- Added `scubber` option for custom rules
+- Scrub URL-encoded data
+
+## 0.2.3 (2018-05-16)
+
+- Fixed tagged logging
+
+## 0.2.2 (2018-05-15)
 
 - Added `guard` method
 
-## 0.2.1
+## 0.2.1 (2018-05-15)
 
 - Fix for log broadcaster in Rails console
-- Fix for url password filtering
+- Fix for URL password filtering
 
-## 0.2.0
+## 0.2.0 (2018-04-03)
 
 - Less aggressive filtering on numbers
-- Filter passwords in urls
+- Filter passwords in URLs
 - Added `Logstop.scrub` method
 
-## 0.1.0
+## 0.1.0 (2018-03-31)
 
 - First release

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2018 Andrew Kane
+Copyright (c) 2018-2021 Andrew Kane
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -3,7 +3,7 @@
 :fire: Keep personally identifiable information (PII) out of your logs
 
 ```ruby
-logger.info "Hi test@test.com!"
+logger.info "Hi test@example.org!"
 # => Hi [FILTERED]!
 ```
 
@@ -13,15 +13,17 @@ By default, scrubs:
 - phone numbers
 - credit card numbers
 - Social Security numbers (SSNs)
-- passwords in urls
+- passwords in URLs
 
-Works with all types of logging - Ruby, ActiveRecord, ActiveJob, and more
+Works with all types of logging - Ruby, Active Record, Active Job, and more
 
 ```
 User Load (0.1ms)  SELECT "users".* FROM "users" WHERE "users"."email" = ?  [["email", "[FILTERED]"]]
 ```
 
-[![Build Status](https://travis-ci.org/ankane/logstop.svg?branch=master)](https://travis-ci.org/ankane/logstop)
+Works even when sensitive data is URL-encoded
+
+[![Build Status](https://github.com/ankane/logstop/workflows/build/badge.svg?branch=master)](https://github.com/ankane/logstop/actions)
 
 ## Installation
 
@@ -53,19 +55,35 @@ To scrub IP addresses, use:
 Logstop.guard(logger, ip: true)
 ```
 
+Add custom rules with:
+
+```ruby
+scrubber = lambda do |msg|
+  msg.gsub(/custom_regexp/, "[FILTERED]".freeze)
+end
+
+Logstop.guard(logger, scrubber: scrubber)
+```
+
 To scrub outside of logging, use:
 
 ```ruby
 Logstop.scrub(msg)
 ```
 
-## Note
+It supports the same options as `guard`.
 
-This should be used in addition to `config.filtered_parameters`, not as a replacement.
+## Notes
 
-To scrub existing log files, check out [scrubadub](https://github.com/datascopeanalytics/scrubadub).
+This should be used in addition to `config.filter_parameters`, not as a replacement.
 
-To anonymize IP addresses, check out [IP Anonymizer](https://github.com/ankane/ip_anonymizer).
+Learn more about [securing sensitive data in Rails](https://ankane.org/sensitive-data-rails).
+
+Also:
+
+- To scrub existing log files, check out [scrubadub](https://github.com/datascopeanalytics/scrubadub)
+- To anonymize IP addresses, check out [IP Anonymizer](https://github.com/ankane/ip_anonymizer)
+- To scan for unencrypted personal data in your database, check out [pdscan](https://github.com/ankane/pdscan)
 
 ## Resources
 
@@ -83,3 +101,12 @@ Everyone is encouraged to help improve this project. Here are a few ways you can
 - Fix bugs and [submit pull requests](https://github.com/ankane/logstop/pulls)
 - Write, clarify, or fix documentation
 - Suggest or add new features
+
+To get started with development:
+
+```sh
+git clone https://github.com/ankane/logstop.git
+cd logstop
+bundle install
+bundle exec rake test
+```

data/lib/logstop.rb

@@ -4,27 +4,32 @@ require "logstop/version"
 
 module Logstop
   FILTERED_STR = "[FILTERED]".freeze
-  FILTERED_URL_STR = "\\1[FILTERED]@".freeze
+  FILTERED_URL_STR = "\\1[FILTERED]\\2".freeze
 
-  CREDIT_CARD_REGEX = /\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b/
-  EMAIL_REGEX = /\b[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\b/i
+  CREDIT_CARD_REGEX = /\b[3456]\d{15}\b/
+  CREDIT_CARD_REGEX_DELIMITERS = /\b[3456]\d{3}[\s+-]\d{4}[\s+-]\d{4}[\s+-]\d{4}\b/
+  EMAIL_REGEX = /\b[\w]([\w+.-]|%2B)+(?:@|%40)[a-z\d-]+(?:\.[a-z\d-]+)*\.[a-z]+\b/i
   IP_REGEX = /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/
-  PHONE_REGEX = /\b(\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4}\b/
-  SSN_REGEX = /\b\d{3}[\s-]\d{2}[\s-]\d{4}\b/
-  URL_PASSWORD_REGEX = /(\/\/\S+:)\S+@/
+  PHONE_REGEX = /\b(?:\+\d{1,2}\s)?\(?\d{3}\)?[\s+.-]\d{3}[\s+.-]\d{4}\b/
+  SSN_REGEX = /\b\d{3}[\s+-]\d{2}[\s+-]\d{4}\b/
+  URL_PASSWORD_REGEX = /((?:\/\/|%2F%2F)\S+(?::|%3A))\S+(@|%40)/
 
-  def self.scrub(msg, ip: false)
-    msg = msg.to_s
-
-    msg = msg.gsub(IP_REGEX, FILTERED_STR) if ip
+  def self.scrub(msg, ip: false, scrubber: nil)
+    msg = msg.to_s.dup
 
     # order filters are applied is important
+    msg.gsub!(URL_PASSWORD_REGEX, FILTERED_URL_STR)
+    msg.gsub!(EMAIL_REGEX, FILTERED_STR)
+    msg.gsub!(CREDIT_CARD_REGEX, FILTERED_STR)
+    msg.gsub!(CREDIT_CARD_REGEX_DELIMITERS, FILTERED_STR)
+    msg.gsub!(PHONE_REGEX, FILTERED_STR)
+    msg.gsub!(SSN_REGEX, FILTERED_STR)
+
+    msg.gsub!(IP_REGEX, FILTERED_STR) if ip
+
+    msg = scrubber.call(msg) if scrubber
+
     msg
-      .gsub(CREDIT_CARD_REGEX, FILTERED_STR)
-      .gsub(PHONE_REGEX, FILTERED_STR)
-      .gsub(SSN_REGEX, FILTERED_STR)
-      .gsub(URL_PASSWORD_REGEX, FILTERED_URL_STR)
-      .gsub(EMAIL_REGEX, FILTERED_STR)
   end
 
   def self.guard(logger, **options)

data/lib/logstop/formatter.rb

@@ -2,13 +2,24 @@ require "logger"
 
 module Logstop
   class Formatter < ::Logger::Formatter
-    def initialize(formatter = nil, ip: false)
+    def initialize(formatter = nil, ip: false, scrubber: nil)
       @formatter = formatter || ::Logger::Formatter.new
       @ip = ip
+      @scrubber = scrubber
     end
 
     def call(severity, timestamp, progname, msg)
-      Logstop.scrub(@formatter.call(severity, timestamp, progname, msg), ip: @ip)
+      Logstop.scrub(@formatter.call(severity, timestamp, progname, msg), ip: @ip, scrubber: @scrubber)
+    end
+
+    # for tagged logging
+    def method_missing(method_name, *arguments, &block)
+      @formatter.send(method_name, *arguments, &block)
+    end
+
+    # for tagged logging
+    def respond_to?(method_name, include_private = false)
+      @formatter.send(:respond_to?, method_name, include_private) || super
     end
   end
 end

data/lib/logstop/version.rb

@@ -1,3 +1,3 @@
 module Logstop
-  VERSION = "0.2.2"
+  VERSION = "0.2.7"
 end

metadata

@@ -1,95 +1,33 @@
 --- !ruby/object:Gem::Specification
 name: logstop
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.2.7
 platform: ruby
 authors:
 - Andrew Kane
-autorequire: 
-bindir: exe
+autorequire:
+bindir: bin
 cert_chain: []
-date: 2018-05-15 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
-  name: benchmark-ips
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: minitest
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-description: 
-email:
-- andrew@chartkick.com
+date: 2021-02-08 00:00:00.000000000 Z
+dependencies: []
+description:
+email: andrew@ankane.org
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- ".travis.yml"
 - CHANGELOG.md
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
 - lib/logstop.rb
 - lib/logstop/formatter.rb
 - lib/logstop/railtie.rb
 - lib/logstop/version.rb
-- logstop.gemspec
 homepage: https://github.com/ankane/logstop
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -97,16 +35,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
-signing_key: 
+rubygems_version: 3.2.3
+signing_key:
 specification_version: 4
 summary: Keep personally identifiable information (PII) out of your logs
 test_files: []

data/.gitignore

@@ -1,9 +0,0 @@
-/.bundle/
-/.yardoc
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/spec/reports/
-/tmp/
-Gemfile.lock

data/.travis.yml

@@ -1,11 +0,0 @@
-language: ruby
-rvm: 2.4.2
-gemfile:
-  - Gemfile
-sudo: false
-before_install: gem install bundler
-script: bundle exec rake test
-notifications:
-  email:
-    on_success: never
-    on_failure: change

data/Gemfile

@@ -1,6 +0,0 @@
-source "https://rubygems.org"
-
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
-
-# Specify your gem's dependencies in logstop.gemspec
-gemspec

data/Rakefile

@@ -1,33 +0,0 @@
-require "bundler/gem_tasks"
-require "rake/testtask"
-
-Rake::TestTask.new(:test) do |t|
-  t.libs << "test"
-  t.libs << "lib"
-  t.test_files = FileList["test/**/*_test.rb"]
-end
-
-task default: :test
-
-task :benchmark do
-  require "bundler/setup"
-  Bundler.require
-  require "benchmark/ips"
-
-  str = StringIO.new
-  logger = ::Logger.new(str)
-
-  str2 = StringIO.new
-  logger2 = ::Logger.new(str2)
-  logger2.formatter = Logstop::Formatter.new
-
-  Benchmark.ips do |x|
-    x.report "logger" do
-      logger.info "This is a string: test@test.com"
-    end
-
-    x.report "logger2" do
-      logger2.info "This is a string: test@test.com"
-    end
-  end
-end

data/logstop.gemspec

@@ -1,27 +0,0 @@
-
-lib = File.expand_path("../lib", __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require "logstop/version"
-
-Gem::Specification.new do |spec|
-  spec.name          = "logstop"
-  spec.version       = Logstop::VERSION
-  spec.authors       = ["Andrew Kane"]
-  spec.email         = ["andrew@chartkick.com"]
-
-  spec.summary       = "Keep personally identifiable information (PII) out of your logs"
-  spec.homepage      = "https://github.com/ankane/logstop"
-  spec.license       = "MIT"
-
-  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(test|spec|features)/})
-  end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
-
-  spec.add_development_dependency "benchmark-ips"
-  spec.add_development_dependency "bundler"
-  spec.add_development_dependency "minitest"
-  spec.add_development_dependency "rake"
-end