@camunda8/orchestration-cluster-api 1.1.4 → 1.2.0

package/CHANGELOG.md

@@ -1,13 +1,25 @@
-## [1.1.4](https://github.com/camunda/orchestration-cluster-api-js/compare/v1.1.3...v1.1.4) (2025-11-13)
+# [1.2.0](https://github.com/camunda/orchestration-cluster-api-js/compare/v1.1.5...v1.2.0) (2025-11-13)
+
+
+### Features
+
+* add silly level logging ([a8a4aad](https://github.com/camunda/orchestration-cluster-api-js/commit/a8a4aadd3556d5c441d63d2a9b3943a68dc747e5))
 
+## [1.1.5](https://github.com/camunda/orchestration-cluster-api-js/compare/v1.1.4...v1.1.5) (2025-11-13)
+
+### Bug Fixes
+
+- use creds from SaaS correctly. fixes [#28](https://github.com/camunda/orchestration-cluster-api-js/issues/28) ([348bc9e](https://github.com/camunda/orchestration-cluster-api-js/commit/348bc9e3916b7a549ddd17215cd4367877805216))
+
+## [1.1.4](https://github.com/camunda/orchestration-cluster-api-js/compare/v1.1.3...v1.1.4) (2025-11-13)
 
 ### Bug Fixes
 
-* **ci:** prevent BUILDINFO drift from parallel matrix jobs ([45edce6](https://github.com/camunda/orchestration-cluster-api-js/commit/45edce610714cf8cb51ca31833f5469bc925085b))
-* **gen:** regenerate artifacts ([da77e80](https://github.com/camunda/orchestration-cluster-api-js/commit/da77e809ca58c41f5486c392e46d6ad43954a369))
-* mark methods experimental ([f88a8cd](https://github.com/camunda/orchestration-cluster-api-js/commit/f88a8cd6689774ff5cb08c279b04f788d2298375))
-* remove pre-release note ([0c3c26d](https://github.com/camunda/orchestration-cluster-api-js/commit/0c3c26d4b674a33aa5f1a3e9c68f131f90411729))
-* update dependencies ([faacf92](https://github.com/camunda/orchestration-cluster-api-js/commit/faacf92d995add72bcbc41e9740b9bf746b714e3))
+- **ci:** prevent BUILDINFO drift from parallel matrix jobs ([45edce6](https://github.com/camunda/orchestration-cluster-api-js/commit/45edce610714cf8cb51ca31833f5469bc925085b))
+- **gen:** regenerate artifacts ([da77e80](https://github.com/camunda/orchestration-cluster-api-js/commit/da77e809ca58c41f5486c392e46d6ad43954a369))
+- mark methods experimental ([f88a8cd](https://github.com/camunda/orchestration-cluster-api-js/commit/f88a8cd6689774ff5cb08c279b04f788d2298375))
+- remove pre-release note ([0c3c26d](https://github.com/camunda/orchestration-cluster-api-js/commit/0c3c26d4b674a33aa5f1a3e9c68f131f90411729))
+- update dependencies ([faacf92](https://github.com/camunda/orchestration-cluster-api-js/commit/faacf92d995add72bcbc41e9740b9bf746b714e3))
 
 ## [1.1.3](https://github.com/camunda/orchestration-cluster-api-js/compare/v1.1.2...v1.1.3) (2025-11-10)
 

package/README.md

@@ -806,6 +806,10 @@ To enable debug logs via env:
 CAMUNDA_SDK_LOG_LEVEL=debug
 ```
 
+### Unsafe Deep Diagnostics (`silly`)
+
+Setting `CAMUNDA_SDK_LOG_LEVEL=silly` enables the deepest diagnostics. In addition to everything at `trace`, the SDK will emit HTTP request and response body previews for all HTTP methods under the `telemetry` scope (log line contains `http.body`). This can leak sensitive information (secrets, PII). A warning (`log.level.silly.enabled`) is emitted on client construction. Use only for short‑lived local debugging; never enable in production or share captured logs externally. Body output is truncated (max ~4KB) and form-data parts identify uploaded files as `[File]`.
+
 ### Bring Your Own Logger
 
 Provide a `transport` function to forward structured `LogEvent` objects into any logging library.

package/dist/{chunk-7HDBRIEN.js → chunk-7RIALC7K.js}

@@ -2,7 +2,7 @@ import {
   __export,
   __require,
   createLogger
-} from "./chunk-IEZVLX66.js";
+} from "./chunk-W6JB7JZH.js";
 
 // src/runtime/errors.ts
 function isSdkError(e) {
@@ -8864,9 +8864,9 @@ var SCHEMA = {
   },
   CAMUNDA_SDK_LOG_LEVEL: {
     type: "enum",
-    choices: ["silent", "error", "warn", "info", "debug", "trace"],
+    choices: ["silent", "error", "warn", "info", "debug", "trace", "silly"],
     default: "error",
-    doc: "SDK log level."
+    doc: 'SDK log level. "silly" adds unsafe deep diagnostics including HTTP request and response bodies.'
   },
   CAMUNDA_SDK_TELEMETRY_LOG: {
     type: "boolean",
@@ -9094,6 +9094,7 @@ function hydrateConfig(options = {}) {
       provided[k] = baseEnv[k].trim();
     }
   }
+  const userSetStrategy = provided["CAMUNDA_AUTH_STRATEGY"] !== void 0 && provided["CAMUNDA_AUTH_STRATEGY"].trim() !== "";
   const parseErrors = [];
   function boolParserFactory(key) {
     return (v) => {
@@ -9158,6 +9159,12 @@ function hydrateConfig(options = {}) {
   if (envInput["CAMUNDA_SUPPORT_LOG_ENABLED"] === void 0 && envInput["CAMUNDA_SUPPORT_LOGGER"] !== void 0) {
     envInput["CAMUNDA_SUPPORT_LOG_ENABLED"] = envInput["CAMUNDA_SUPPORT_LOGGER"];
   }
+  if (envInput["CAMUNDA_REST_ADDRESS"] === void 0 && baseEnv["ZEEBE_REST_ADDRESS"] !== void 0 && baseEnv["ZEEBE_REST_ADDRESS"].trim() !== "") {
+    envInput["CAMUNDA_REST_ADDRESS"] = baseEnv["ZEEBE_REST_ADDRESS"].trim();
+  }
+  if ((envInput["CAMUNDA_AUTH_STRATEGY"] === void 0 || envInput["CAMUNDA_AUTH_STRATEGY"].trim() === "") && envInput["CAMUNDA_OAUTH_URL"] !== void 0 && envInput["CAMUNDA_OAUTH_URL"].trim() !== "" && envInput["CAMUNDA_CLIENT_ID"] !== void 0 && envInput["CAMUNDA_CLIENT_ID"].trim() !== "" && envInput["CAMUNDA_CLIENT_SECRET"] !== void 0 && envInput["CAMUNDA_CLIENT_SECRET"].trim() !== "") {
+    envInput["CAMUNDA_AUTH_STRATEGY"] = "OAUTH";
+  }
   let envTyped = {};
   envTyped = createEnv(typedEnvSchema, { env: envInput });
   for (const k of allKeys()) {
@@ -9171,6 +9178,9 @@ function hydrateConfig(options = {}) {
       rawMap[k] = String(entry.default);
     }
   }
+  if (!userSetStrategy && rawMap["CAMUNDA_AUTH_STRATEGY"] === "NONE" && rawMap["CAMUNDA_OAUTH_URL"] && rawMap["CAMUNDA_OAUTH_URL"].trim() !== "" && rawMap["CAMUNDA_CLIENT_ID"] && rawMap["CAMUNDA_CLIENT_ID"].trim() !== "" && rawMap["CAMUNDA_CLIENT_SECRET"] && rawMap["CAMUNDA_CLIENT_SECRET"].trim() !== "") {
+    rawMap["CAMUNDA_AUTH_STRATEGY"] = "OAUTH";
+  }
   const authStrategyRaw = (rawMap["CAMUNDA_AUTH_STRATEGY"] || "NONE").toString();
   const authStrategy = authStrategyRaw.trim().toUpperCase();
   if (!["NONE", "OAUTH", "BASIC"].includes(authStrategy)) {
@@ -9614,7 +9624,7 @@ function installAuthInterceptor(client2, getStrategy, getAuthHeaders) {
 }
 
 // src/runtime/version.ts
-var packageVersion = "1.1.4";
+var packageVersion = "1.2.0";
 
 // src/runtime/supportLogger.ts
 var NoopSupportLogger = class {
@@ -9815,6 +9825,46 @@ function wrapFetch(orig, opts) {
     const requestId = "r" + (++globalRequestCounter).toString(36);
     const correlationId = opts.correlation ? opts.correlation() : void 0;
     const start = Date.now();
+    let bodyPreview;
+    try {
+      const lvl = logger?.level?.();
+      if (lvl === "silly" && (method === "POST" || method === "PUT" || method === "PATCH")) {
+        let body = init?.body;
+        if (body === void 0 && typeof Request !== "undefined" && input instanceof Request) {
+          try {
+            body = await input.clone().text();
+          } catch {
+            body = void 0;
+          }
+        }
+        if (body !== void 0 && body !== null) {
+          if (typeof body === "string") bodyPreview = body;
+          else if (body instanceof URLSearchParams) bodyPreview = body.toString();
+          else if (typeof FormData !== "undefined" && body instanceof FormData) {
+            const entries = [];
+            for (const [k, v] of body.entries()) {
+              entries.push(`${k}=${typeof v === "string" ? v.slice(0, 200) : "[File]"}`);
+            }
+            bodyPreview = entries.join("&");
+          } else if (body instanceof Blob) {
+            bodyPreview = `[Blob size=${body.size}]`;
+          } else if (body instanceof ArrayBuffer) {
+            bodyPreview = `[ArrayBuffer byteLength=${body.byteLength}]`;
+          } else if (body instanceof Uint8Array) {
+            bodyPreview = `[Uint8Array length=${body.length}]`;
+          } else if (typeof body === "object") {
+            try {
+              bodyPreview = JSON.stringify(body).slice(0, 4e3);
+            } catch {
+              bodyPreview = "[Unstringifiable object body]";
+            }
+          }
+          if (bodyPreview && bodyPreview.length > 4e3)
+            bodyPreview = bodyPreview.slice(0, 4e3) + "\u2026";
+        }
+      }
+    } catch {
+    }
     const startEvt = {
       type: "http.start",
       ts: start,
@@ -9827,6 +9877,11 @@ function wrapFetch(orig, opts) {
     try {
       hooks?.beforeRequest?.(startEvt);
       mirrorLog(startEvt);
+      if (bodyPreview && logger?.level?.() === "silly") {
+        logger.silly(() => [
+          `op=${method} ${redactedUrl} http.body requestId=${requestId} size=${bodyPreview.length} preview=${bodyPreview}`
+        ]);
+      }
     } catch {
     }
     try {
@@ -9848,6 +9903,44 @@ function wrapFetch(orig, opts) {
         mirrorLog(endEvt);
       } catch {
       }
+      try {
+        if (logger?.level?.() === "silly") {
+          let respPreview;
+          const cloned = res.clone();
+          const ctype = cloned.headers.get("Content-Type") || "";
+          let originalSize;
+          if (/^(application\/json|text\/)/i.test(ctype)) {
+            try {
+              const text = await cloned.text();
+              originalSize = text.length;
+              respPreview = text.slice(0, 4e3);
+              if (text.length > 4e3) respPreview += "\u2026";
+            } catch {
+              respPreview = void 0;
+            }
+          } else if (/multipart\//i.test(ctype)) {
+            respPreview = "[multipart body omitted]";
+          } else if (/octet-stream|binary/i.test(ctype)) {
+            respPreview = "[binary body omitted]";
+          } else {
+            try {
+              const text = await cloned.text();
+              if (text) {
+                originalSize = text.length;
+                respPreview = text.slice(0, 200);
+                if (text.length > 200) respPreview += "\u2026";
+              }
+            } catch {
+            }
+          }
+          if (respPreview) {
+            logger.silly(() => [
+              `op=${method} ${redactedUrl} http.response requestId=${requestId} status=${res.status} size=${originalSize} preview=${respPreview}`
+            ]);
+          }
+        }
+      } catch {
+      }
       try {
         const opName = `${endEvt.method} ${endEvt.url}`;
         opts.supportLogger?.log(
@@ -10650,7 +10743,7 @@ var CamundaClient = class {
       });
     } else if (
       // Auto-enable mirror telemetry when trace level and user did not explicitly set CAMUNDA_SDK_TELEMETRY_LOG to a disabling value.
-      this._log.level() === "trace" && !this._config.telemetry?.log && // No explicit override provided
+      /^(trace|silly)$/.test(this._log.level()) && !this._config.telemetry?.log && // No explicit override provided
       this._overrides["CAMUNDA_SDK_TELEMETRY_LOG"] === void 0 && // And env var either absent or truthy enabling value
       (typeof process === "undefined" || process.env["CAMUNDA_SDK_TELEMETRY_LOG"] === void 0 || /^(1|true|yes|on)$/i.test(process.env["CAMUNDA_SDK_TELEMETRY_LOG"] || ""))
     ) {
@@ -10667,6 +10760,12 @@ var CamundaClient = class {
       fetch: this._fetch,
       throwOnError: opts.throwOnError !== false
     });
+    if (this._log.level() === "silly") {
+      this._log.warn(
+        "log.level.silly.enabled",
+        "HTTP request and response bodies will be logged; this may leak sensitive information. Use only for local debugging."
+      );
+    }
     installAuthInterceptor(
       this._client,
       () => this._config.auth.strategy,
@@ -10745,7 +10844,7 @@ var CamundaClient = class {
         supportLogger: this._supportLogger,
         mirrorToLog: true
       });
-    } else if (this._log.level() === "trace" && !this._config.telemetry?.log && this._overrides["CAMUNDA_SDK_TELEMETRY_LOG"] === void 0 && (typeof process === "undefined" || process.env["CAMUNDA_SDK_TELEMETRY_LOG"] === void 0 || /^(1|true|yes|on)$/i.test(process.env["CAMUNDA_SDK_TELEMETRY_LOG"] || ""))) {
+    } else if (/^(trace|silly)$/.test(this._log.level()) && !this._config.telemetry?.log && this._overrides["CAMUNDA_SDK_TELEMETRY_LOG"] === void 0 && (typeof process === "undefined" || process.env["CAMUNDA_SDK_TELEMETRY_LOG"] === void 0 || /^(1|true|yes|on)$/i.test(process.env["CAMUNDA_SDK_TELEMETRY_LOG"] || ""))) {
       this._fetch = wrapFetch(this._fetch || fetch, {
         hooks: void 0,
         correlation: this._config.telemetry?.correlation ? () => getCorrelation() : void 0,
@@ -18773,4 +18872,4 @@ export {
   withTimeoutTE,
   eventuallyTE
 };
-//# sourceMappingURL=chunk-7HDBRIEN.js.map
+//# sourceMappingURL=chunk-7RIALC7K.js.map