logstop 0.2.3 → 0.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bd3468821cf2db0f736994a67beb26daa32b9bb4ccc8051efac0bbd21b5ff5dc
-  data.tar.gz: f15cc9e3cf9ff371dc28dccc69201d2e4bfdad9f6e36d0d3d4375a7f505eda75
+  metadata.gz: 5ac4acd49c15d9cc5eaaf632ab3550c3b5e148e4b4fd07c5a40375ba39ca86ff
+  data.tar.gz: 9e3427aeb3921f9be61fbfb1d9e27f949ff1b9c9d4d023e01696397a34aeb06c
 SHA512:
-  metadata.gz: 91dc7ecf3ca0ec7f8b650cff86aafde56ef7102f3fea1b148343e7a1db3802685193f8f7e6cf2f9cb37070d95107f15c908db7b3191b5ca74edd6dfad125ba34
-  data.tar.gz: 0a4726cece72b09e6023e1605e0d3aaf5296795086bf4d511e0ceb25f380fa2f98b0b8d77cb4f5ff03ff900bb4b0ed2a08a1fbbbad9d4e94bf82809ec9e170c2
+  metadata.gz: 5b9c8532cec3764daaaf4fb159db1df4c33961510984336e33f93fc3817fedd02f9082e384857e0c61b29b0f025679eee52b1d2911bca3f0b4e13f2322ffef48
+  data.tar.gz: e6e84e9b97efba86d7b2f879522bae3289662e4fe637337b04b95d36d420e69735147185a64c6bfd305fd3368c758148fa0cdc87a06b50f613cbb8f2902f05d1

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+## 0.2.4 [unreleased]
+
+- Added `scubber` option for custom rules
+- Scrub URL-encoded data
+
 ## 0.2.3
 
 - Fixed tagged logging
@@ -9,12 +14,12 @@
 ## 0.2.1
 
 - Fix for log broadcaster in Rails console
-- Fix for url password filtering
+- Fix for URL password filtering
 
 ## 0.2.0
 
 - Less aggressive filtering on numbers
-- Filter passwords in urls
+- Filter passwords in URLs
 - Added `Logstop.scrub` method
 
 ## 0.1.0

data/README.md

@@ -3,7 +3,7 @@
 :fire: Keep personally identifiable information (PII) out of your logs
 
 ```ruby
-logger.info "Hi test@test.com!"
+logger.info "Hi test@example.org!"
 # => Hi [FILTERED]!
 ```
 
@@ -13,7 +13,7 @@ By default, scrubs:
 - phone numbers
 - credit card numbers
 - Social Security numbers (SSNs)
-- passwords in urls
+- passwords in URLs
 
 Works with all types of logging - Ruby, ActiveRecord, ActiveJob, and more
 
@@ -21,6 +21,8 @@ Works with all types of logging - Ruby, ActiveRecord, ActiveJob, and more
 User Load (0.1ms)  SELECT "users".* FROM "users" WHERE "users"."email" = ?  [["email", "[FILTERED]"]]
 ```
 
+Works even when sensitive data is URL-encoded
+
 [![Build Status](https://travis-ci.org/ankane/logstop.svg?branch=master)](https://travis-ci.org/ankane/logstop)
 
 ## Installation
@@ -53,13 +55,25 @@ To scrub IP addresses, use:
 Logstop.guard(logger, ip: true)
 ```
 
+Add custom rules with: [master]
+
+```ruby
+scrubber = lambda do |msg|
+  msg.gsub(/custom_regexp/, "[FILTERED]".freeze)
+end
+
+Logstop.guard(logger, scrubber: scrubber)
+```
+
 To scrub outside of logging, use:
 
 ```ruby
 Logstop.scrub(msg)
 ```
 
-## Note
+It supports the same options as `guard`.
+
+## Notes
 
 This should be used in addition to `config.filtered_parameters`, not as a replacement.
 
@@ -67,6 +81,8 @@ To scrub existing log files, check out [scrubadub](https://github.com/datascopea
 
 To anonymize IP addresses, check out [IP Anonymizer](https://github.com/ankane/ip_anonymizer).
 
+Learn more about [securing sensitive data in Rails](https://ankane.org/sensitive-data-rails).
+
 ## Resources
 
 - [List of PII, as defined by NIST](https://en.wikipedia.org/wiki/Personally_identifiable_information#NIST_definition)
@@ -83,3 +99,12 @@ Everyone is encouraged to help improve this project. Here are a few ways you can
 - Fix bugs and [submit pull requests](https://github.com/ankane/logstop/pulls)
 - Write, clarify, or fix documentation
 - Suggest or add new features
+
+To get started with development and testing:
+
+```sh
+git clone https://github.com/ankane/logstop.git
+cd logstop
+bundle install
+rake test
+```

data/lib/logstop.rb

@@ -6,25 +6,29 @@ module Logstop
   FILTERED_STR = "[FILTERED]".freeze
   FILTERED_URL_STR = "\\1[FILTERED]@".freeze
 
-  CREDIT_CARD_REGEX = /\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b/
-  EMAIL_REGEX = /\b[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\b/i
+  CREDIT_CARD_REGEX = /\b\d{4}[\s+-]?\d{4}[\s+-]?\d{4}[\s+-]?\d{4}\b/
+  EMAIL_REGEX = /\b[\w][\w+.-]+(@|%40)[a-z\d-]+(\.[a-z\d-]+)*\.[a-z]+\b/i
   IP_REGEX = /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/
-  PHONE_REGEX = /\b(\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]\d{3}[\s.-]\d{4}\b/
-  SSN_REGEX = /\b\d{3}[\s-]\d{2}[\s-]\d{4}\b/
-  URL_PASSWORD_REGEX = /(\/\/\S+:)\S+@/
+  PHONE_REGEX = /\b(\+\d{1,2}\s)?\(?\d{3}\)?[\s+.-]\d{3}[\s+.-]\d{4}\b/
+  SSN_REGEX = /\b\d{3}[\s+-]\d{2}[\s+-]\d{4}\b/
+  URL_PASSWORD_REGEX = /((\/\/|%2F%2F)\S+(:|%3A))\S+(@|%40)/
 
-  def self.scrub(msg, ip: false)
+  def self.scrub(msg, ip: false, scrubber: nil)
     msg = msg.to_s
 
-    msg = msg.gsub(IP_REGEX, FILTERED_STR) if ip
-
     # order filters are applied is important
-    msg
+    msg = msg
+      .gsub(URL_PASSWORD_REGEX, FILTERED_URL_STR)
+      .gsub(EMAIL_REGEX, FILTERED_STR)
       .gsub(CREDIT_CARD_REGEX, FILTERED_STR)
       .gsub(PHONE_REGEX, FILTERED_STR)
       .gsub(SSN_REGEX, FILTERED_STR)
-      .gsub(URL_PASSWORD_REGEX, FILTERED_URL_STR)
-      .gsub(EMAIL_REGEX, FILTERED_STR)
+
+    msg = msg.gsub(IP_REGEX, FILTERED_STR) if ip
+
+    msg = scrubber.call(msg) if scrubber
+
+    msg
   end
 
   def self.guard(logger, **options)

data/lib/logstop/formatter.rb

@@ -2,13 +2,14 @@ require "logger"
 
 module Logstop
   class Formatter < ::Logger::Formatter
-    def initialize(formatter = nil, ip: false)
+    def initialize(formatter = nil, ip: false, scrubber: nil)
       @formatter = formatter || ::Logger::Formatter.new
       @ip = ip
+      @scrubber = scrubber
     end
 
     def call(severity, timestamp, progname, msg)
-      Logstop.scrub(@formatter.call(severity, timestamp, progname, msg), ip: @ip)
+      Logstop.scrub(@formatter.call(severity, timestamp, progname, msg), ip: @ip, scrubber: @scrubber)
     end
 
     # for tagged logging

data/lib/logstop/version.rb

@@ -1,3 +1,3 @@
 module Logstop
-  VERSION = "0.2.3"
+  VERSION = "0.2.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstop
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.2.4
 platform: ruby
 authors:
 - Andrew Kane
 autorequire: 
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2018-05-16 00:00:00.000000000 Z
+date: 2018-12-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -52,6 +52,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: memory_profiler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -81,24 +95,18 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 description: 
-email:
-- andrew@chartkick.com
+email: andrew@chartkick.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- ".travis.yml"
 - CHANGELOG.md
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
 - lib/logstop.rb
 - lib/logstop/formatter.rb
 - lib/logstop/railtie.rb
 - lib/logstop/version.rb
-- logstop.gemspec
 homepage: https://github.com/ankane/logstop
 licenses:
 - MIT
@@ -111,7 +119,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/.gitignore

@@ -1,9 +0,0 @@
-/.bundle/
-/.yardoc
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/spec/reports/
-/tmp/
-Gemfile.lock

data/.travis.yml

@@ -1,11 +0,0 @@
-language: ruby
-rvm: 2.4.2
-gemfile:
-  - Gemfile
-sudo: false
-before_install: gem install bundler
-script: bundle exec rake test
-notifications:
-  email:
-    on_success: never
-    on_failure: change

data/Gemfile

@@ -1,6 +0,0 @@
-source "https://rubygems.org"
-
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
-
-# Specify your gem's dependencies in logstop.gemspec
-gemspec

data/Rakefile

@@ -1,33 +0,0 @@
-require "bundler/gem_tasks"
-require "rake/testtask"
-
-Rake::TestTask.new(:test) do |t|
-  t.libs << "test"
-  t.libs << "lib"
-  t.test_files = FileList["test/**/*_test.rb"]
-end
-
-task default: :test
-
-task :benchmark do
-  require "bundler/setup"
-  Bundler.require
-  require "benchmark/ips"
-
-  str = StringIO.new
-  logger = ::Logger.new(str)
-
-  str2 = StringIO.new
-  logger2 = ::Logger.new(str2)
-  logger2.formatter = Logstop::Formatter.new
-
-  Benchmark.ips do |x|
-    x.report "logger" do
-      logger.info "This is a string: test@test.com"
-    end
-
-    x.report "logger2" do
-      logger2.info "This is a string: test@test.com"
-    end
-  end
-end

data/logstop.gemspec

@@ -1,28 +0,0 @@
-
-lib = File.expand_path("../lib", __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require "logstop/version"
-
-Gem::Specification.new do |spec|
-  spec.name          = "logstop"
-  spec.version       = Logstop::VERSION
-  spec.authors       = ["Andrew Kane"]
-  spec.email         = ["andrew@chartkick.com"]
-
-  spec.summary       = "Keep personally identifiable information (PII) out of your logs"
-  spec.homepage      = "https://github.com/ankane/logstop"
-  spec.license       = "MIT"
-
-  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(test|spec|features)/})
-  end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
-
-  spec.add_development_dependency "activesupport"
-  spec.add_development_dependency "benchmark-ips"
-  spec.add_development_dependency "bundler"
-  spec.add_development_dependency "minitest"
-  spec.add_development_dependency "rake"
-end