@hasna/logs 0.3.29 → 0.3.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/cli/index.js +2 -2
  2. package/dist/{index-89jb7jg9.js → index-k9w7zfsv.js} +1 -1
  3. package/dist/{index-dbhpykkz.js → index-mx0f61s2.js} +43 -5
  4. package/dist/mcp/index.js +1 -1
  5. package/dist/server/index.js +2 -2
  6. package/package.json +1 -1
package/dist/cli/index.js CHANGED
@@ -8,7 +8,7 @@ import {
8
8
  runJob,
9
9
  structuredLogToEntry,
10
10
  validateStructuredLogReferences
11
- } from "../index-89jb7jg9.js";
11
+ } from "../index-k9w7zfsv.js";
12
12
  import {
13
13
  PACKAGE_VERSION,
14
14
  createPage,
@@ -30,7 +30,7 @@ import {
30
30
  searchTestReports,
31
31
  summarizeLogs,
32
32
  validateUniversalEventInput
33
- } from "../index-dbhpykkz.js";
33
+ } from "../index-mx0f61s2.js";
34
34
  import {
35
35
  getStorageStatus,
36
36
  storagePull,
package/dist/{index-89jb7jg9.js → index-k9w7zfsv.js} RENAMED
@@ -8,7 +8,7 @@ import {
8
8
  redactValue,
9
9
  saveSnapshot,
10
10
  touchPage
11
- } from "./index-dbhpykkz.js";
11
+ } from "./index-mx0f61s2.js";
12
12
  import {
13
13
  getEventStoreDataDir
14
14
  } from "./index-t3x838zw.js";
package/dist/{index-dbhpykkz.js → index-mx0f61s2.js} RENAMED
@@ -237,7 +237,7 @@ async function fireAlert(db, rule, count) {
237
237
  }
238
238
 
239
239
  // src/lib/ingest.ts
240
- import { randomBytes } from "crypto";
240
+ import { createHash, randomBytes } from "crypto";
241
241
 
242
242
  // src/lib/event-bus.ts
243
243
  class LogEventBus {
@@ -511,6 +511,23 @@ var REDACTED = "[REDACTED]";
511
511
  var SENSITIVE_KEY = /(?:authorization|cookie|set-cookie|credentials?\b|api[_-]?key|token|secret|password|passwd|pwd|private[_-]?key|access[_-]?token|refresh[_-]?token|session[_-]?secret|client[_-]?(?:secret|credentials?))/i;
512
512
  var SENSITIVE_FLAG = /^(?:authorization|auth|credentials?|api[-_]?key|token|secret|password|passwd|pwd|private[-_]?key|access[-_]?token|refresh[-_]?token|session[-_]?secret|client[-_]?(?:secret|credentials?))$/i;
513
513
  var SENSITIVE_FLAG_NAME = /(?:authorization|credentials?\b|api[-_]?key|token|secret|password|passwd|pwd|private[-_]?key|access[-_]?token|refresh[-_]?token|session[-_]?secret|client[-_]?(?:secret|credentials?))/i;
514
+ var LOG_ENTRY_REDACTABLE_TOP_LEVEL_FIELDS = [
515
+ "id",
516
+ "source_event_id",
517
+ "service",
518
+ "machine_id",
519
+ "repo_id",
520
+ "app_id",
521
+ "process_id",
522
+ "run_id",
523
+ "trace_id",
524
+ "span_id",
525
+ "parent_span_id",
526
+ "session_id",
527
+ "release_id",
528
+ "environment",
529
+ "agent"
530
+ ];
514
531
  var STRING_PATTERNS = [
515
532
  {
516
533
  label: "openlogs_canary",
@@ -586,6 +603,14 @@ var STRING_PATTERNS = [
586
603
  function redactLogEntry(entry) {
587
604
  const reports = [];
588
605
  const next = { ...entry };
606
+ for (const field of LOG_ENTRY_REDACTABLE_TOP_LEVEL_FIELDS) {
607
+ const value = entry[field];
608
+ if (typeof value !== "string")
609
+ continue;
610
+ const result = redactString(value, field);
611
+ next[field] = result.value;
612
+ reports.push(result.report);
613
+ }
589
614
  if (typeof entry.message === "string") {
590
615
  const result = redactString(entry.message, "message");
591
616
  next.message = result.value;
@@ -732,7 +757,8 @@ function ingestLog(db, entry) {
732
757
  return withEventStoreLock(db, () => ingestLogLocked(db, entry));
733
758
  }
734
759
  function ingestLogLocked(db, entry) {
735
- const eventId = entry.id ?? createEventId();
760
+ const eventIdRedaction = typeof entry.id === "string" ? redactString(entry.id, "id") : null;
761
+ const eventId = entry.id ? eventIdRedaction?.report.applied ? createRedactedEventId(entry.id) : entry.id : createEventId();
736
762
  const existing = db.prepare("SELECT * FROM logs WHERE id = ?").get(eventId);
737
763
  if (existing)
738
764
  return existing;
@@ -750,6 +776,14 @@ function ingestLogLocked(db, entry) {
750
776
  };
751
777
  const redacted = redactLogEntry(normalized);
752
778
  const safeEntry = redacted.value;
779
+ if (eventIdRedaction?.report.applied) {
780
+ const report = mergeRedactionReports(eventIdRedaction.report, redacted.report);
781
+ safeEntry.metadata = {
782
+ ...safeEntry.metadata ?? {},
783
+ redaction: redactionMetadata(report)
784
+ };
785
+ }
786
+ const safeSourceEventId = safeEntry.source_event_id ?? null;
753
787
  const identity = extractIdentity(safeEntry);
754
788
  const envelope = createLogEnvelope(safeEntry, eventId, eventTime, ingestTime, identity);
755
789
  const write = appendRawEvent(db, envelope);
@@ -778,7 +812,7 @@ function ingestLogLocked(db, entry) {
778
812
  indexRawEvent(db, {
779
813
  event_id: eventId,
780
814
  schema_version: envelope.schema_version,
781
- source_event_id: sourceEventId,
815
+ source_event_id: safeSourceEventId,
782
816
  event_type: envelope.type,
783
817
  event_time: eventTime,
784
818
  ingest_time: ingestTime,
@@ -918,6 +952,10 @@ function stringMetadata(metadata, key) {
918
952
  function createEventId() {
919
953
  return randomBytes(16).toString("hex");
920
954
  }
955
+ function createRedactedEventId(value) {
956
+ const digest = createHash("sha256").update(value).digest("hex").slice(0, 32);
957
+ return `log_redacted_${digest}`;
958
+ }
921
959
 
922
960
  // src/lib/package-meta.ts
923
961
  import { existsSync, readFileSync } from "fs";
@@ -1302,7 +1340,7 @@ function clampNonNegativeInt2(value, fallback) {
1302
1340
  }
1303
1341
 
1304
1342
  // src/lib/universal-ingest.ts
1305
- import { createHash, randomBytes as randomBytes2 } from "crypto";
1343
+ import { createHash as createHash2, randomBytes as randomBytes2 } from "crypto";
1306
1344
  var UNIVERSAL_EVENT_TYPES = [
1307
1345
  "log",
1308
1346
  "exception",
@@ -1822,7 +1860,7 @@ function normalizeIsoTime(value, field) {
1822
1860
  function deterministicSourceEventId(source, sourceEventId) {
1823
1861
  if (!sourceEventId)
1824
1862
  return;
1825
- const digest = createHash("sha256").update(source).update("\x00").update(sourceEventId).digest("hex").slice(0, 32);
1863
+ const digest = createHash2("sha256").update(source).update("\x00").update(sourceEventId).digest("hex").slice(0, 32);
1826
1864
  return `evt_src_${digest}`;
1827
1865
  }
1828
1866
  function compactObject(value) {
package/dist/mcp/index.js CHANGED
@@ -93,7 +93,7 @@ import {
93
93
  searchTestReports,
94
94
  summarizeLogs,
95
95
  validateUniversalEventInput
96
- } from "../index-dbhpykkz.js";
96
+ } from "../index-mx0f61s2.js";
97
97
  import {
98
98
  getStoragePg,
99
99
  getStorageStatus,
package/dist/server/index.js CHANGED
@@ -8,7 +8,7 @@ import {
8
8
  startScheduler,
9
9
  structuredLogPayloadToEntries,
10
10
  validateStructuredLogReferences
11
- } from "../index-89jb7jg9.js";
11
+ } from "../index-k9w7zfsv.js";
12
12
  import {
13
13
  countLogs
14
14
  } from "../index-gcd14q2f.js";
@@ -50,7 +50,7 @@ import {
50
50
  updateAlertRule,
51
51
  updateProject,
52
52
  validateUniversalEventInput
53
- } from "../index-dbhpykkz.js";
53
+ } from "../index-mx0f61s2.js";
54
54
  import {
55
55
  getDb,
56
56
  getIssue,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@hasna/logs",
3
- "version": "0.3.29",
3
+ "version": "0.3.30",
4
4
  "description": "Log aggregation + browser script + headless page scanner + performance monitoring for AI agents",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",