sentry-sanitizer 0.7.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 17e8a5a1dcd6a12efae12b9f326fe9c1df140f02428782a6f6ecb6c102bda038
-  data.tar.gz: 342037b0b4f1bd0e45e4ae5b9fe3698914275320bc45162bcd69d03236a3b8cf
+  metadata.gz: fbeef1bae28044c2da929cc9ea538ec08982a55ce2a36ceb556ee455cad34e51
+  data.tar.gz: 0fb66fff71d7b78a01f08cefa08cb809ec3cb29f52d36704b71db038885e81a5
 SHA512:
-  metadata.gz: 39b42429f3b7ee5783a29ebf796220167370d4038a48bd19c1a6809d23aace59dddf3c2498e4777edccf0badb1784f0250196e413347cea77817923fa79b5ed2
-  data.tar.gz: cb70a216f92b749b68acdb158277277d4d9d0e0b19966b1aff8275c5456794025291b3730b64c91e6b31df89d5f2af077b3aa057d84ac67bdbb89168cf1555f9
+  metadata.gz: 8020e375a0c1c5ae217c51bd63e5ad3dc47be4359f70f2e9eaed9ed9ff258de8c6df33a076e24e783f31874d695d3ce2a5e63a95388b47803c311699c3f39008
+  data.tar.gz: 7f541bae3f4cadd941cfd99eb3b669e604619baea6b2286fdb348f7cc4666ccbbef5812c3432ebdfc235f65b24e0fb98bb63662346bd8e411c6323fa57f400a2

data/.github/workflows/ci-linux.yml

@@ -10,11 +10,12 @@ jobs:
     strategy:
       matrix:
         include:
-          - { ruby_version: 2.5 }
           - { ruby_version: 2.7 }
           - { ruby_version: 3.0 }
           - { ruby_version: 3.1 }
           - { ruby_version: 3.2 }
+          - { ruby_version: 3.3 }
+          - { ruby_version: 3.4 }
           - { ruby_version: jruby }
     steps:
       - uses: actions/checkout@v1

data/.github/workflows/ci-macos.yml

@@ -10,11 +10,12 @@ jobs:
     strategy:
       matrix:
         include:
-          - { ruby_version: 2.5 }
           - { ruby_version: 2.7 }
           - { ruby_version: 3.0 }
           - { ruby_version: 3.1 }
           - { ruby_version: 3.2 }
+          - { ruby_version: 3.3 }
+          - { ruby_version: 3.4 }
           - { ruby_version: jruby }
     steps:
       - uses: actions/checkout@v1

data/.github/workflows/coveralls-report.yml

@@ -34,5 +34,5 @@ jobs:
         env:
           COVERALLS_SERVICE_NUMBER: ${{ github.sha }}
         with:
-          carryforward: "ruby-2.5,ruby-2.6,ruby-2.7,ruby-3.0,ruby-3.1,ruby-jruby"
+          carryforward: "ruby-2.7,ruby-3.0,ruby-3.1,ruby-3.2,ruby-3.3,ruby-3.4,ruby-jruby"
           parallel-finished: true

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog
 
+## 0.8.0
+
+- Add `breadcrumbs.json_data_fields` configuration option [#18](https://github.com/mrexox/sentry-sanitizer/pull/18)
+
 ## 0.7.0
 
 - fix: filter extra even without request [#14](https://github.com/mrexox/sentry-sanitizer/pull/14)

data/Gemfile

@@ -7,10 +7,11 @@ git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
 # Specify your gem's dependencies in sentry-sanitizer.gemspec
 gemspec
 
+gem "base64"
 gem "rubocop", "~> 1.28.2"
 gem "simplecov", require: false, group: :test
 
-gem "bundler", ">= 1.17"
+gem "bundler", ">= 2.3"
 gem "rack"
-gem "rake", "~> 10.0"
+gem "rake", "~> 12"
 gem "rspec", "~> 3.0"

data/Gemfile.lock

@@ -1,25 +1,29 @@
 PATH
   remote: .
   specs:
-    sentry-sanitizer (0.7.0)
-      sentry-ruby (~> 5.3)
+    sentry-sanitizer (0.8.0)
+      sentry-ruby (>= 5.3, < 7.0.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    ast (2.4.2)
-    bigdecimal (3.1.9)
+    ast (2.4.3)
+    base64 (0.3.0)
+    bigdecimal (3.3.1)
     concurrent-ruby (1.3.5)
     diff-lcs (1.5.0)
     docile (1.4.0)
-    parallel (1.23.0)
-    parser (3.2.2.1)
+    parallel (1.27.0)
+    parser (3.3.10.0)
       ast (~> 2.4.1)
+      racc
+    prism (1.6.0)
+    racc (1.8.1)
     rack (2.2.3.1)
     rainbow (3.1.1)
-    rake (10.5.0)
-    regexp_parser (2.8.0)
-    rexml (3.2.5)
+    rake (12.3.3)
+    regexp_parser (2.11.3)
+    rexml (3.4.4)
     rspec (3.11.0)
       rspec-core (~> 3.11.0)
       rspec-expectations (~> 3.11.0)
@@ -42,25 +46,27 @@ GEM
       rubocop-ast (>= 1.17.0, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.29.0)
-      parser (>= 3.2.1.0)
+    rubocop-ast (1.47.1)
+      parser (>= 3.3.7.2)
+      prism (~> 1.4)
     ruby-progressbar (1.13.0)
-    sentry-ruby (5.22.2)
+    sentry-ruby (6.0.0)
       bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
     simplecov (0.18.5)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
     simplecov-html (0.12.3)
-    unicode-display_width (2.4.2)
+    unicode-display_width (2.6.0)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  bundler (>= 1.17)
+  base64
+  bundler (>= 2.3)
   rack
-  rake (~> 10.0)
+  rake (~> 12)
   rspec (~> 3.0)
   rubocop (~> 1.28.2)
   sentry-sanitizer!

data/README.md

@@ -59,6 +59,9 @@ Sentry.init do |config|
   # You can sanitize query string params for GET requests
   config.sanitize.query_string = true
 
+  # Sanitize breadcrumbs data[:body] payload (Setry::Net:HTTP)
+  config.sanitize.breadcrumbs.json_data_fields = [:body]
+
   # ...
 end
 ```

data/Rakefile

@@ -6,3 +6,4 @@ require "rspec/core/rake_task"
 RSpec::Core::RakeTask.new(:spec)
 
 task default: :spec
+task test: :spec

data/bin/bundle

@@ -0,0 +1,114 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'bundle' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "rubygems"
+
+m = Module.new do
+  module_function
+
+  def invoked_as_script?
+    File.expand_path($0) == File.expand_path(__FILE__)
+  end
+
+  def env_var_version
+    ENV["BUNDLER_VERSION"]
+  end
+
+  def cli_arg_version
+    return unless invoked_as_script? # don't want to hijack other binstubs
+    return unless "update".start_with?(ARGV.first || " ") # must be running `bundle update`
+    bundler_version = nil
+    update_index = nil
+    ARGV.each_with_index do |a, i|
+      if update_index && update_index.succ == i && a =~ Gem::Version::ANCHORED_VERSION_PATTERN
+        bundler_version = a
+      end
+      next unless a =~ /\A--bundler(?:[= ](#{Gem::Version::VERSION_PATTERN}))?\z/
+      bundler_version = $1
+      update_index = i
+    end
+    bundler_version
+  end
+
+  def gemfile
+    gemfile = ENV["BUNDLE_GEMFILE"]
+    return gemfile if gemfile && !gemfile.empty?
+
+    File.expand_path("../Gemfile", __dir__)
+  end
+
+  def lockfile
+    lockfile =
+      case File.basename(gemfile)
+      when "gems.rb" then gemfile.sub(/\.rb$/, gemfile)
+      else "#{gemfile}.lock"
+      end
+    File.expand_path(lockfile)
+  end
+
+  def lockfile_version
+    return unless File.file?(lockfile)
+    lockfile_contents = File.read(lockfile)
+    return unless lockfile_contents =~ /\n\nBUNDLED WITH\n\s{2,}(#{Gem::Version::VERSION_PATTERN})\n/
+    Regexp.last_match(1)
+  end
+
+  def bundler_requirement
+    @bundler_requirement ||=
+      env_var_version || cli_arg_version ||
+        bundler_requirement_for(lockfile_version)
+  end
+
+  def bundler_requirement_for(version)
+    return "#{Gem::Requirement.default}.a" unless version
+
+    bundler_gem_version = Gem::Version.new(version)
+
+    requirement = bundler_gem_version.approximate_recommendation
+
+    return requirement unless Gem.rubygems_version < Gem::Version.new("2.7.0")
+
+    requirement += ".a" if bundler_gem_version.prerelease?
+
+    requirement
+  end
+
+  def load_bundler!
+    ENV["BUNDLE_GEMFILE"] ||= gemfile
+
+    activate_bundler
+  end
+
+  def activate_bundler
+    gem_error = activation_error_handling do
+      gem "bundler", bundler_requirement
+    end
+    return if gem_error.nil?
+    require_error = activation_error_handling do
+      require "bundler/version"
+    end
+    return if require_error.nil? && Gem::Requirement.new(bundler_requirement).satisfied_by?(Gem::Version.new(Bundler::VERSION))
+    warn "Activating bundler (#{bundler_requirement}) failed:\n#{gem_error.message}\n\nTo install the version of bundler this project requires, run `gem install bundler -v '#{bundler_requirement}'`"
+    exit 42
+  end
+
+  def activation_error_handling
+    yield
+    nil
+  rescue StandardError, LoadError => e
+    e
+  end
+end
+
+m.load_bundler!
+
+if m.invoked_as_script?
+  load Gem.bin_path("bundler", "bundle")
+end

data/bin/rake

@@ -0,0 +1,27 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rake' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+bundle_binstub = File.expand_path("bundle", __dir__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rake", "rake")

data/lib/sentry/sanitizer/cleaner.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "json"
+
 module Sentry
   module Sanitizer
     class Cleaner
@@ -17,46 +19,64 @@ module Sentry
         @do_cookies = config.cookies || false
         @do_query_string = config.query_string || false
         @mask = config.mask || DEFAULT_MASK
+        @breadcrumbs_json_data_fields = config.breadcrumbs.json_data_fields || []
       end
 
       def call(event)
         case event
         when Sentry::Event
-          sanitize(event, :event)
+          sanitize_event!(event)
         when Hash
-          sanitize(event, :hash)
+          sanitize_hash!(event)
+        when Sentry::Breadcrumb
+          sanitize_breadcrumb!(event)
         end
       end
 
-      def sanitize(event, type) # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
-        case type
-        when :event
-          if event.request
-            event.request.data = sanitize_data(event.request.data)
-            event.request.headers = sanitize_headers(event.request.headers)
-            event.request.cookies = sanitize_cookies(event.request.cookies)
-            event.request.query_string = sanitize_query_string(event.request.query_string)
-          end
-          event.extra = sanitize_data(event.extra)
-        when :hash
-          if event["request"]
-            event["request"]["data"] = sanitize_data(event["request"]["data"])
-            event["request"]["headers"] = sanitize_headers(event["request"]["headers"])
-            event["request"]["cookies"] = sanitize_cookies(event["request"]["cookies"])
-            event["request"]["query_string"] = sanitize_query_string(event["request"]["query_string"])
-          elsif event[:request]
-            event[:request][:data] = sanitize_data(event[:request][:data])
-            event[:request][:headers] = sanitize_headers(event[:request][:headers])
-            event[:request][:cookies] = sanitize_cookies(event[:request][:cookies])
-            event[:request][:query_string] = sanitize_query_string(event[:request][:query_string])
-          end
+      def sanitize_event!(event)
+        if event.request
+          event.request.data = sanitize_data(event.request.data)
+          event.request.headers = sanitize_headers(event.request.headers)
+          event.request.cookies = sanitize_cookies(event.request.cookies)
+          event.request.query_string = sanitize_query_string(event.request.query_string)
+        end
+        event.extra = sanitize_data(event.extra)
+      end
 
-          if event["extra"]
-            event["extra"] = sanitize_data(event["extra"])
-          elsif event[:extra]
-            event[:extra] = sanitize_data(event[:extra])
-          end
+      def sanitize_hash!(event)
+        if event["request"]
+          event["request"]["data"] = sanitize_data(event["request"]["data"])
+          event["request"]["headers"] = sanitize_headers(event["request"]["headers"])
+          event["request"]["cookies"] = sanitize_cookies(event["request"]["cookies"])
+          event["request"]["query_string"] = sanitize_query_string(event["request"]["query_string"])
+        elsif event[:request]
+          event[:request][:data] = sanitize_data(event[:request][:data])
+          event[:request][:headers] = sanitize_headers(event[:request][:headers])
+          event[:request][:cookies] = sanitize_cookies(event[:request][:cookies])
+          event[:request][:query_string] = sanitize_query_string(event[:request][:query_string])
+        end
+
+        if event["extra"]
+          event["extra"] = sanitize_data(event["extra"])
+        elsif event[:extra]
+          event[:extra] = sanitize_data(event[:extra])
+        end
+      end
+
+      def sanitize_breadcrumb!(breadcrumb)
+        return unless breadcrumbs_json_data_fields
+        return unless breadcrumbs_json_data_fields.size.positive?
+        return unless breadcrumb.data
+
+        breadcrumbs_json_data_fields.each do |field|
+          next unless breadcrumb.data.key?(field)
+
+          json_data = JSON.parse(breadcrumb.data[field])
+
+          breadcrumb.data[field] = JSON.dump(sanitize_data(json_data))
         end
+      rescue JSON::ParserError
+        # ignore
       end
 
       def sanitize_data(hash)
@@ -72,7 +92,8 @@ module Sentry
                   :http_headers,
                   :do_cookies,
                   :do_query_string,
-                  :mask
+                  :mask,
+                  :breadcrumbs_json_data_fields
 
       # Sanitize specified headers
       def sanitize_headers(headers)

data/lib/sentry/sanitizer/configuration.rb

@@ -21,11 +21,27 @@ module Sentry
 
         event
       }
+
+      self.before_breadcrumb = lambda { |breadcrumb, _hint|
+        Sentry::Sanitizer::Cleaner.new(Sentry.configuration.sanitize).call(breadcrumb)
+
+        breadcrumb
+      }
     end
   end
 
   module Sanitizer
     class Configuration
+      class Breadcrumbs
+        attr_reader :json_data_fields
+
+        def json_data_fields=(fields)
+          raise ArgumentError, "json_data_fields must be Array of Symbol" unless fields.is_a? Array
+
+          @json_data_fields = fields
+        end
+      end
+
       attr_reader :fields,
                   :http_headers,
                   :cookies,
@@ -37,10 +53,15 @@ module Sentry
           fields,
           http_headers,
           cookies,
-          query_string
+          query_string,
+          @breadcrumbs
         ].any? { |setting| !setting.nil? }
       end
 
+      def breadcrumbs
+        @breadcrumbs ||= Breadcrumbs.new
+      end
+
       def fields=(fields)
         raise ArgumentError, "sanitize_fields must be array" unless fields.is_a? Array
 

data/lib/sentry/sanitizer/configuration_mixin.rb

@@ -3,12 +3,12 @@
 module Sentry
   module Sanitizer
     module ConfigurationMixin
-      # Allow adding multiple hooks for this extension
+      # Allow adding multiple hooks to `before_send`, so user hooks are not ignored.
       #
-      # @param [nil, false, #call] value
+      # @param [nil, #call] value
       #
       def before_send=(value)
-        raise ArgumentError, "before_send must be callable (or false to disable)" unless value.nil? || value == false || value.respond_to?(:call)
+        raise ArgumentError, "before_send must be callable (or nil to disable)" unless value.nil? || value == false || value.respond_to?(:call)
 
         return unless value
 
@@ -23,6 +23,28 @@ module Sentry
           event
         }
       end
+
+      # Allow adding multiple hooks to `before_breadcrumb`, so user hooks are not ignored.
+      #
+      # @param [nil, #call] value
+      #
+      def before_breadcrumb=(value) # rubocop:disable Metrics/CyclomaticComplexity
+        raise ArgumentError, "before_breadcrumb must be callable (or nil to disable)" unless value.nil? || value == false || value.respond_to?(:call)
+
+        return unless value
+
+        @before_breadcrumb_hook_list ||= []
+        @before_breadcrumb_hook_list << value
+
+        @before_breadcrumb = lambda { |breadcrumb, hint|
+          @before_breadcrumb_hook_list.each do |hook|
+            breadcrumb = hook.call(breadcrumb, hint)
+            break unless breadcrumb
+          end
+
+          breadcrumb
+        }
+      end
     end
   end
 end

data/lib/sentry/sanitizer/version.rb

@@ -2,6 +2,6 @@
 
 module Sentry
   module Sanitizer
-    VERSION = "0.7.0"
+    VERSION = "0.8.0"
   end
 end

data/sentry-sanitizer.gemspec

@@ -27,6 +27,6 @@ Gem::Specification.new do |spec|
 
   spec.require_paths = ["lib"]
 
-  spec.add_runtime_dependency "sentry-ruby", "~> 5.3"
+  spec.add_runtime_dependency "sentry-ruby", ">= 5.3", "< 7.0.0"
   spec.metadata["rubygems_mfa_required"] = "true"
 end

metadata

@@ -1,29 +1,34 @@
 --- !ruby/object:Gem::Specification
 name: sentry-sanitizer
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Valentine Kiselev
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-27 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sentry-ruby
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '5.3'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 7.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '5.3'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 7.0.0
 description: Add missing sanitizing support for sentry-ruby (previous sentry-raven)
 email:
 - mrexox@outlook.com
@@ -44,7 +49,9 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- bin/bundle
 - bin/console
+- bin/rake
 - bin/setup
 - lefthook.yml
 - lib/sentry-sanitizer.rb
@@ -63,7 +70,6 @@ metadata:
   source_code_uri: https://github.com/mrexox/sentry-sanitizer
   changelog_uri: https://github.com/mrexox/sentry-sanitizer
   rubygems_mfa_required: 'true'
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -78,8 +84,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.19
-signing_key:
+rubygems_version: 3.6.9
 specification_version: 4
 summary: Sanitizing middleware for sentry-ruby gem
 test_files: []