@ogcio/o11y-sdk-node 0.4.0 → 0.4.2

package/CHANGELOG.md

@@ -1,5 +1,19 @@
 # Changelog
 
+## [0.4.2](https://github.com/ogcio/o11y/compare/@ogcio/o11y-sdk-node@v0.4.1...@ogcio/o11y-sdk-node@v0.4.2) (2025-09-03)
+
+
+### Bug Fixes
+
+* withSpan function throws error if sdk is not initialized AB[#30828](https://github.com/ogcio/o11y/issues/30828) ([#200](https://github.com/ogcio/o11y/issues/200)) ([407b616](https://github.com/ogcio/o11y/commit/407b616590024ca4131610c7a69bacd9699f23c5))
+
+## [0.4.1](https://github.com/ogcio/o11y/compare/@ogcio/o11y-sdk-node@v0.4.0...@ogcio/o11y-sdk-node@v0.4.1) (2025-09-03)
+
+
+### Bug Fixes
+
+* nested attributes redaction node sdk AB[#30826](https://github.com/ogcio/o11y/issues/30826) ([#198](https://github.com/ogcio/o11y/issues/198)) ([b926ba5](https://github.com/ogcio/o11y/commit/b926ba54097fd6028c8aa78cbe1c276ce2cc2166))
+
 ## [0.4.0](https://github.com/ogcio/o11y/compare/@ogcio/o11y-sdk-node@v0.3.1...@ogcio/o11y-sdk-node@v0.4.0) (2025-09-02)
 
 

package/dist/lib/config-manager.d.ts

@@ -1,3 +1,3 @@
 import { NodeSDKConfig } from "./index.js";
 export declare const setNodeSdkConfig: (config: NodeSDKConfig) => void;
-export declare const getNodeSdkConfig: () => NodeSDKConfig;
+export declare const getNodeSdkConfig: () => NodeSDKConfig | undefined;

package/dist/lib/config-manager.js

@@ -3,9 +3,6 @@ export const setNodeSdkConfig = (config) => {
     nodeSDKConfig = config;
 };
 export const getNodeSdkConfig = () => {
-    if (!nodeSDKConfig) {
-        throw new Error("Node SDK Config was not initialized.");
-    }
     // Ensure getters do not edit config.
-    return JSON.parse(JSON.stringify(nodeSDKConfig));
+    return nodeSDKConfig ? JSON.parse(JSON.stringify(nodeSDKConfig)) : undefined;
 };

package/dist/lib/exporter/pii-exporter-decorator.d.ts

@@ -8,7 +8,7 @@ export declare class PIIExporterDecorator extends OTLPExporterBase<(ReadableSpan
     private readonly _exporter;
     private readonly _config;
     private readonly _redactors;
-    constructor(exporter: OTLPExporterBase<(ReadableSpan | ReadableLogRecord)[] | ResourceMetrics>, config: NodeSDKConfig);
+    constructor(exporter: OTLPExporterBase<(ReadableSpan | ReadableLogRecord)[] | ResourceMetrics>, config: NodeSDKConfig | undefined);
     forceFlush(): Promise<void>;
     shutdown(): Promise<void>;
     export(items: (ReadableSpan | ReadableLogRecord)[] | ResourceMetrics, resultCallback: (result: ExportResult) => void): void;

package/dist/lib/exporter/pii-exporter-decorator.js

@@ -1,5 +1,5 @@
 import { OTLPExporterBase } from "@opentelemetry/otlp-exporter-base";
-import { _cleanLogBodyPII, _cleanObjectPII, _cleanStringPII, } from "../internals/redaction/pii-detection.js";
+import { _cleanStringPII, _recursiveObjectClean, } from "../internals/redaction/pii-detection.js";
 import { redactors, } from "../internals/redaction/redactors/index.js";
 export class PIIExporterDecorator extends OTLPExporterBase {
     _exporter;
@@ -9,7 +9,7 @@ export class PIIExporterDecorator extends OTLPExporterBase {
         super(exporter["_delegate"]);
         this._exporter = exporter;
         this._config = config;
-        this._redactors = this._buildRedactors(config.detection);
+        this._redactors = this._buildRedactors(config?.detection);
     }
     forceFlush() {
         return this._exporter.forceFlush();
@@ -67,22 +67,22 @@ export class PIIExporterDecorator extends OTLPExporterBase {
         Object.assign(span, {
             name: _cleanStringPII(span.name, "trace", this._redactors),
             attributes: span.attributes &&
-                _cleanObjectPII(span.attributes, "trace", this._redactors),
+                _recursiveObjectClean(span.attributes, "trace", this._redactors),
             resource: {
                 attributes: span?.resource?.attributes &&
-                    _cleanObjectPII(span.resource.attributes, "trace", this._redactors),
+                    _recursiveObjectClean(span.resource.attributes, "trace", this._redactors),
             },
             links: span?.links?.map((link) => {
                 Object.assign(link, {
                     attributes: link?.attributes &&
-                        _cleanObjectPII(link.attributes, "trace", this._redactors),
+                        _recursiveObjectClean(link.attributes, "trace", this._redactors),
                 });
             }),
             events: span?.events?.map((event) => {
                 Object.assign(event, {
                     name: _cleanStringPII(event.name, "trace", this._redactors),
                     attributes: event?.attributes &&
-                        _cleanObjectPII(event.attributes, "trace", this._redactors),
+                        _recursiveObjectClean(event.attributes, "trace", this._redactors),
                 });
                 return event;
             }),
@@ -91,12 +91,12 @@ export class PIIExporterDecorator extends OTLPExporterBase {
     _redactLogRecord(log) {
         return {
             ...log,
-            body: _cleanLogBodyPII(log.body, this._redactors),
+            body: _recursiveObjectClean(log.body, "log", this._redactors),
             attributes: log.attributes &&
-                _cleanObjectPII(log.attributes, "log", this._redactors),
+                _recursiveObjectClean(log.attributes, "log", this._redactors),
             resource: log.resource && {
                 ...log.resource,
-                attributes: _cleanObjectPII(log.resource.attributes, "log", this._redactors),
+                attributes: _recursiveObjectClean(log.resource.attributes, "log", this._redactors),
             },
         };
     }
@@ -104,7 +104,7 @@ export class PIIExporterDecorator extends OTLPExporterBase {
         Object.assign(metric, {
             resource: {
                 attributes: metric?.resource?.attributes &&
-                    _cleanObjectPII(metric.resource.attributes, "metric", this._redactors),
+                    _recursiveObjectClean(metric.resource.attributes, "metric", this._redactors),
             },
         });
     }

package/dist/lib/internals/redaction/pii-detection.d.ts

@@ -1,23 +1,25 @@
 import type { AnyValue } from "@opentelemetry/api-logs";
 import { Redactor } from "./redactors/index.js";
-import { AttributeValue } from "@opentelemetry/api";
 export type PIISource = "trace" | "log" | "metric";
+/**
+ * Checks whether a string contains URI-encoded components.
+ *
+ * @param {string} value - The string to inspect.
+ * @returns {boolean} `true` if the string is encoded, `false` otherwise.
+ */
+export declare function _containsEncodedComponents(value: string): boolean;
 /**
  * Cleans a string by redacting configured PIIs and emitting metrics for redacted values.
  *
  * If the string is URL-encoded, it will be decoded before redaction.
- * Metrics are emitted for:
- * - each domain found in redacted email addresses.
- * - IPv4|IPv6 addresses redacted.
  *
  * @template T
  *
- * @param {T} value - The input value to sanitize.
+ * @param {string} value - The input value to sanitize.
  * @param {"trace" | "log"} source - The source context of the input, used in metrics.
  * @param {Redactor[]} redactors - The string processors containing the redaction logic.
  *
- * @returns {T} The cleaned string with any configured PII replaced by `[REDACTED PII_TYPE]`.
+ * @returns {string} The cleaned string with any configured PII replaced by `[REDACTED PII_TYPE]`.
  */
-export declare function _cleanStringPII<T extends AnyValue>(value: T, source: PIISource, redactors: Redactor[]): T;
-export declare function _cleanObjectPII(entry: object, source: PIISource, redactors: Redactor[]): Record<string, AttributeValue>;
-export declare function _cleanLogBodyPII<T extends AnyValue>(value: T, redactors: Redactor[]): T;
+export declare function _cleanStringPII(value: string, source: PIISource, redactors: Redactor[]): string;
+export declare function _recursiveObjectClean<T extends AnyValue>(value: T, source: PIISource, redactors: Redactor[]): T;

package/dist/lib/internals/redaction/pii-detection.js

@@ -6,34 +6,36 @@ const encoder = new TextEncoder();
  * @param {string} value - The string to inspect.
  * @returns {boolean} `true` if the string is encoded, `false` otherwise.
  */
-function _containsEncodedComponents(value) {
+export function _containsEncodedComponents(value) {
     try {
-        return decodeURI(value) !== decodeURIComponent(value);
+        const decodedURIComponent = decodeURIComponent(value);
+        if (decodeURI(value) !== decodedURIComponent) {
+            return true;
+        }
+        if (value !== decodedURIComponent) {
+            return (encodeURIComponent(decodedURIComponent) === value ||
+                encodeURI(decodedURIComponent) === value);
+        }
     }
     catch {
         return false;
     }
+    return false;
 }
 /**
  * Cleans a string by redacting configured PIIs and emitting metrics for redacted values.
  *
  * If the string is URL-encoded, it will be decoded before redaction.
- * Metrics are emitted for:
- * - each domain found in redacted email addresses.
- * - IPv4|IPv6 addresses redacted.
  *
  * @template T
  *
- * @param {T} value - The input value to sanitize.
+ * @param {string} value - The input value to sanitize.
  * @param {"trace" | "log"} source - The source context of the input, used in metrics.
  * @param {Redactor[]} redactors - The string processors containing the redaction logic.
  *
- * @returns {T} The cleaned string with any configured PII replaced by `[REDACTED PII_TYPE]`.
+ * @returns {string} The cleaned string with any configured PII replaced by `[REDACTED PII_TYPE]`.
  */
 export function _cleanStringPII(value, source, redactors) {
-    if (Array.isArray(value)) {
-        return value.map((v) => _cleanStringPII(v, source, redactors));
-    }
     if (typeof value !== "string") {
         return value;
     }
@@ -45,18 +47,9 @@ export function _cleanStringPII(value, source, redactors) {
     }
     return redactors.reduce((redactedValue, currentRedactor) => currentRedactor(redactedValue, source, kind), decodedValue);
 }
-export function _cleanObjectPII(entry, source, redactors) {
-    if (!entry) {
-        return entry;
-    }
-    return Object.fromEntries(Object.entries(entry).map(([k, v]) => [
-        k,
-        _cleanStringPII(v, source, redactors),
-    ]));
-}
-export function _cleanLogBodyPII(value, redactors) {
+export function _recursiveObjectClean(value, source, redactors) {
     if (typeof value === "string") {
-        return _cleanStringPII(value, "log", redactors);
+        return _cleanStringPII(value, source, redactors);
     }
     if (typeof value === "number" ||
         typeof value === "boolean" ||
@@ -66,7 +59,7 @@ export function _cleanLogBodyPII(value, redactors) {
     if (value instanceof Uint8Array) {
         try {
             const decoded = decoder.decode(value);
-            const sanitized = _cleanStringPII(decoded, "log", redactors);
+            const sanitized = _cleanStringPII(decoded, source, redactors);
             return encoder.encode(sanitized);
         }
         catch {
@@ -74,12 +67,12 @@ export function _cleanLogBodyPII(value, redactors) {
         }
     }
     if (Array.isArray(value)) {
-        return value.map((value) => _cleanLogBodyPII(value, redactors));
+        return value.map((value) => _recursiveObjectClean(value, source, redactors));
     }
     if (typeof value === "object") {
         const sanitized = {};
         for (const [key, val] of Object.entries(value)) {
-            sanitized[key] = _cleanLogBodyPII(val, redactors);
+            sanitized[key] = _recursiveObjectClean(val, source, redactors);
         }
         return sanitized;
     }

package/dist/lib/internals/redaction/redactors/ip.js

@@ -1,7 +1,7 @@
 import { _getPIICounterRedactionMetric } from "../../shared-metrics.js";
 // Generous IP address matchers (might match some invalid addresses like 192.168.01.1)
-const IPV4_REGEX = /(?<!\d)(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}(?!\d)/gi;
-const IPV6_REGEX = /(?<![0-9a-f:])((?:[0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4}|(?:[0-9A-Fa-f]{1,4}:){1,7}:|:(?::[0-9A-Fa-f]{1,4}){1,7}|(?:[0-9A-Fa-f]{1,4}:){1,6}:[0-9A-Fa-f]{1,4}|(?:[0-9A-Fa-f]{1,4}:){1,5}(?::[0-9A-Fa-f]{1,4}){1,2}|(?:[0-9A-Fa-f]{1,4}:){1,4}(?::[0-9A-Fa-f]{1,4}){1,3}|(?:[0-9A-Fa-f]{1,4}:){1,3}(?::[0-9A-Fa-f]{1,4}){1,4}|(?:[0-9A-Fa-f]{1,4}:){1,2}(?::[0-9A-Fa-f]{1,4}){1,5}|[0-9A-Fa-f]{1,4}:(?::[0-9A-Fa-f]{1,4}){1,6}|:(?::[0-9A-Fa-f]{1,4}){1,7}:?|(?:[0-9A-Fa-f]{1,4}:){1,4}:(?:25[0-5]|2[0-4]\d|1\d\d|\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|\d{1,2})){3})(?![0-9a-f:])/gi;
+const IPV4_REGEX = /(?<!\d)(?:%[0-9A-Fa-f]{2})?(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}(?:%[0-9A-Fa-f]{2})?(?!\d)/gi;
+const IPV6_REGEX = /(?<![0-9a-f:])(?:%[0-9A-Fa-f]{2})?((?:[0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4}|(?:[0-9A-Fa-f]{1,4}:){1,7}:|:(?::[0-9A-Fa-f]{1,4}){1,7}|(?:[0-9A-Fa-f]{1,4}:){1,6}:[0-9A-Fa-f]{1,4}|(?:[0-9A-Fa-f]{1,4}:){1,5}(?::[0-9A-Fa-f]{1,4}){1,2}|(?:[0-9A-Fa-f]{1,4}:){1,4}(?::[0-9A-Fa-f]{1,4}){1,3}|(?:[0-9A-Fa-f]{1,4}:){1,3}(?::[0-9A-Fa-f]{1,4}){1,4}|(?:[0-9A-Fa-f]{1,4}:){1,2}(?::[0-9A-Fa-f]{1,4}){1,5}|[0-9A-Fa-f]{1,4}:(?::[0-9A-Fa-f]{1,4}){1,6}|:(?::[0-9A-Fa-f]{1,4}){1,7}:?|(?:[0-9A-Fa-f]{1,4}:){1,4}:(?:25[0-5]|2[0-4]\d|1\d\d|\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|\d{1,2})){3})(?:%[0-9A-Fa-f]{2})?(?![0-9a-f:])/gi;
 /**
  * Redacts all ip addresses in the input string and collects metadata.
  *

package/dist/lib/traces.js

@@ -45,6 +45,6 @@ export function getActiveSpan() {
 }
 export function withSpan({ traceName, spanName, spanOptions = {}, fn, }) {
     const sdkConfig = getNodeSdkConfig();
-    const tracer = trace.getTracer(traceName ?? sdkConfig.serviceName ?? "o11y-sdk", sdkConfig.serviceVersion);
+    const tracer = trace.getTracer(traceName ?? sdkConfig?.serviceName ?? "o11y-sdk", sdkConfig?.serviceVersion);
     return tracer.startActiveSpan(spanName, spanOptions, selfContainedSpanHandlerGenerator(fn));
 }

package/dist/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@ogcio/o11y-sdk-node",
-    "version": "0.4.0",
+    "version": "0.4.2",
     "description": "Opentelemetry standard instrumentation SDK for NodeJS based project",
     "main": "dist/index.js",
     "type": "module",

package/dist/vitest.config.js

@@ -36,7 +36,7 @@ export default defineConfig({
             },
             {
                 test: {
-                    include: ["**/test/integration/*.test.ts"],
+                    include: ["**/test/integration/**/*.test.ts"],
                     name: "integration",
                 },
             },

package/lib/config-manager.ts

@@ -6,11 +6,7 @@ export const setNodeSdkConfig = (config: NodeSDKConfig) => {
   nodeSDKConfig = config;
 };
 
-export const getNodeSdkConfig = (): NodeSDKConfig => {
-  if (!nodeSDKConfig) {
-    throw new Error("Node SDK Config was not initialized.");
-  }
-
+export const getNodeSdkConfig = (): NodeSDKConfig | undefined => {
   // Ensure getters do not edit config.
-  return JSON.parse(JSON.stringify(nodeSDKConfig));
+  return nodeSDKConfig ? JSON.parse(JSON.stringify(nodeSDKConfig)) : undefined;
 };

package/lib/exporter/pii-exporter-decorator.ts

@@ -8,9 +8,8 @@ import {
 import { ReadableSpan, SpanExporter } from "@opentelemetry/sdk-trace-base";
 import { NodeSDKConfig } from "../index.js";
 import {
-  _cleanLogBodyPII,
-  _cleanObjectPII,
   _cleanStringPII,
+  _recursiveObjectClean,
 } from "../internals/redaction/pii-detection.js";
 import {
   Redactor,
@@ -32,12 +31,12 @@ export class PIIExporterDecorator
     exporter: OTLPExporterBase<
       (ReadableSpan | ReadableLogRecord)[] | ResourceMetrics
     >,
-    config: NodeSDKConfig,
+    config: NodeSDKConfig | undefined,
   ) {
     super(exporter["_delegate"]);
     this._exporter = exporter;
     this._config = config;
-    this._redactors = this._buildRedactors(config.detection);
+    this._redactors = this._buildRedactors(config?.detection);
   }
 
   forceFlush(): Promise<void> {
@@ -114,17 +113,21 @@ export class PIIExporterDecorator
       name: _cleanStringPII(span.name, "trace", this._redactors),
       attributes:
         span.attributes &&
-        _cleanObjectPII(span.attributes, "trace", this._redactors),
+        _recursiveObjectClean(span.attributes, "trace", this._redactors),
       resource: {
         attributes:
           span?.resource?.attributes &&
-          _cleanObjectPII(span.resource.attributes, "trace", this._redactors),
+          _recursiveObjectClean(
+            span.resource.attributes,
+            "trace",
+            this._redactors,
+          ),
       },
       links: span?.links?.map((link) => {
         Object.assign(link, {
           attributes:
             link?.attributes &&
-            _cleanObjectPII(link.attributes, "trace", this._redactors),
+            _recursiveObjectClean(link.attributes, "trace", this._redactors),
         });
       }),
       events: span?.events?.map((event) => {
@@ -132,7 +135,7 @@ export class PIIExporterDecorator
           name: _cleanStringPII(event.name, "trace", this._redactors),
           attributes:
             event?.attributes &&
-            _cleanObjectPII(event.attributes, "trace", this._redactors),
+            _recursiveObjectClean(event.attributes, "trace", this._redactors),
         });
         return event;
       }),
@@ -142,13 +145,13 @@ export class PIIExporterDecorator
   private _redactLogRecord(log: ReadableLogRecord): ReadableLogRecord {
     return {
       ...log,
-      body: _cleanLogBodyPII(log.body, this._redactors),
+      body: _recursiveObjectClean(log.body, "log", this._redactors),
       attributes:
         log.attributes &&
-        _cleanObjectPII(log.attributes, "log", this._redactors),
+        _recursiveObjectClean(log.attributes, "log", this._redactors),
       resource: log.resource && {
         ...log.resource,
-        attributes: _cleanObjectPII(
+        attributes: _recursiveObjectClean(
           log.resource.attributes,
           "log",
           this._redactors,
@@ -162,7 +165,7 @@ export class PIIExporterDecorator
       resource: {
         attributes:
           metric?.resource?.attributes &&
-          _cleanObjectPII(
+          _recursiveObjectClean(
             metric.resource.attributes,
             "metric",
             this._redactors,

package/lib/internals/redaction/pii-detection.ts

@@ -1,6 +1,5 @@
 import type { AnyValue, AnyValueMap } from "@opentelemetry/api-logs";
 import { Redactor } from "./redactors/index.js";
-import { AttributeValue } from "@opentelemetry/api";
 
 const decoder = new TextDecoder();
 const encoder = new TextEncoder();
@@ -13,41 +12,44 @@ export type PIISource = "trace" | "log" | "metric";
  * @param {string} value - The string to inspect.
  * @returns {boolean} `true` if the string is encoded, `false` otherwise.
  */
-function _containsEncodedComponents(value: string): boolean {
+export function _containsEncodedComponents(value: string): boolean {
   try {
-    return decodeURI(value) !== decodeURIComponent(value);
+    const decodedURIComponent = decodeURIComponent(value);
+    if (decodeURI(value) !== decodedURIComponent) {
+      return true;
+    }
+
+    if (value !== decodedURIComponent) {
+      return (
+        encodeURIComponent(decodedURIComponent) === value ||
+        encodeURI(decodedURIComponent) === value
+      );
+    }
   } catch {
     return false;
   }
+
+  return false;
 }
 
 /**
  * Cleans a string by redacting configured PIIs and emitting metrics for redacted values.
  *
  * If the string is URL-encoded, it will be decoded before redaction.
- * Metrics are emitted for:
- * - each domain found in redacted email addresses.
- * - IPv4|IPv6 addresses redacted.
  *
  * @template T
  *
- * @param {T} value - The input value to sanitize.
+ * @param {string} value - The input value to sanitize.
  * @param {"trace" | "log"} source - The source context of the input, used in metrics.
  * @param {Redactor[]} redactors - The string processors containing the redaction logic.
  *
- * @returns {T} The cleaned string with any configured PII replaced by `[REDACTED PII_TYPE]`.
+ * @returns {string} The cleaned string with any configured PII replaced by `[REDACTED PII_TYPE]`.
  */
-export function _cleanStringPII<T extends AnyValue>(
-  value: T,
+export function _cleanStringPII(
+  value: string,
   source: PIISource,
   redactors: Redactor[],
-): T {
-  if (Array.isArray(value)) {
-    return value.map((v) =>
-      _cleanStringPII<typeof v>(v, source, redactors),
-    ) as T;
-  }
-
+): string {
   if (typeof value !== "string") {
     return value;
   }
@@ -59,37 +61,20 @@ export function _cleanStringPII<T extends AnyValue>(
     decodedValue = decodeURIComponent(value);
     kind = "url";
   }
-
   return redactors.reduce(
     (redactedValue: string, currentRedactor): string =>
       currentRedactor(redactedValue, source, kind),
     decodedValue,
-  ) as T;
-}
-
-export function _cleanObjectPII(
-  entry: object,
-  source: PIISource,
-  redactors: Redactor[],
-): Record<string, AttributeValue> {
-  if (!entry) {
-    return entry;
-  }
-
-  return Object.fromEntries(
-    Object.entries(entry).map(([k, v]) => [
-      k,
-      _cleanStringPII(v, source, redactors),
-    ]),
   );
 }
 
-export function _cleanLogBodyPII<T extends AnyValue>(
+export function _recursiveObjectClean<T extends AnyValue>(
   value: T,
+  source: PIISource,
   redactors: Redactor[],
 ): T {
   if (typeof value === "string") {
-    return _cleanStringPII(value, "log", redactors);
+    return _cleanStringPII(value, source, redactors) as T;
   }
 
   if (
@@ -103,7 +88,7 @@ export function _cleanLogBodyPII<T extends AnyValue>(
   if (value instanceof Uint8Array) {
     try {
       const decoded = decoder.decode(value);
-      const sanitized = _cleanStringPII(decoded, "log", redactors);
+      const sanitized = _cleanStringPII(decoded, source, redactors);
       return encoder.encode(sanitized) as T;
     } catch {
       return value;
@@ -111,13 +96,15 @@ export function _cleanLogBodyPII<T extends AnyValue>(
   }
 
   if (Array.isArray(value)) {
-    return value.map((value) => _cleanLogBodyPII(value, redactors)) as T;
+    return value.map((value) =>
+      _recursiveObjectClean(value, source, redactors),
+    ) as T;
   }
 
   if (typeof value === "object") {
     const sanitized: AnyValueMap = {};
     for (const [key, val] of Object.entries(value)) {
-      sanitized[key] = _cleanLogBodyPII(val, redactors);
+      sanitized[key] = _recursiveObjectClean(val, source, redactors);
     }
     return sanitized as T;
   }

package/lib/internals/redaction/redactors/ip.ts

@@ -2,9 +2,9 @@ import { _getPIICounterRedactionMetric } from "../../shared-metrics.js";
 
 // Generous IP address matchers (might match some invalid addresses like 192.168.01.1)
 const IPV4_REGEX =
-  /(?<!\d)(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}(?!\d)/gi;
+  /(?<!\d)(?:%[0-9A-Fa-f]{2})?(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}(?:%[0-9A-Fa-f]{2})?(?!\d)/gi;
 const IPV6_REGEX =
-  /(?<![0-9a-f:])((?:[0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4}|(?:[0-9A-Fa-f]{1,4}:){1,7}:|:(?::[0-9A-Fa-f]{1,4}){1,7}|(?:[0-9A-Fa-f]{1,4}:){1,6}:[0-9A-Fa-f]{1,4}|(?:[0-9A-Fa-f]{1,4}:){1,5}(?::[0-9A-Fa-f]{1,4}){1,2}|(?:[0-9A-Fa-f]{1,4}:){1,4}(?::[0-9A-Fa-f]{1,4}){1,3}|(?:[0-9A-Fa-f]{1,4}:){1,3}(?::[0-9A-Fa-f]{1,4}){1,4}|(?:[0-9A-Fa-f]{1,4}:){1,2}(?::[0-9A-Fa-f]{1,4}){1,5}|[0-9A-Fa-f]{1,4}:(?::[0-9A-Fa-f]{1,4}){1,6}|:(?::[0-9A-Fa-f]{1,4}){1,7}:?|(?:[0-9A-Fa-f]{1,4}:){1,4}:(?:25[0-5]|2[0-4]\d|1\d\d|\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|\d{1,2})){3})(?![0-9a-f:])/gi;
+  /(?<![0-9a-f:])(?:%[0-9A-Fa-f]{2})?((?:[0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4}|(?:[0-9A-Fa-f]{1,4}:){1,7}:|:(?::[0-9A-Fa-f]{1,4}){1,7}|(?:[0-9A-Fa-f]{1,4}:){1,6}:[0-9A-Fa-f]{1,4}|(?:[0-9A-Fa-f]{1,4}:){1,5}(?::[0-9A-Fa-f]{1,4}){1,2}|(?:[0-9A-Fa-f]{1,4}:){1,4}(?::[0-9A-Fa-f]{1,4}){1,3}|(?:[0-9A-Fa-f]{1,4}:){1,3}(?::[0-9A-Fa-f]{1,4}){1,4}|(?:[0-9A-Fa-f]{1,4}:){1,2}(?::[0-9A-Fa-f]{1,4}){1,5}|[0-9A-Fa-f]{1,4}:(?::[0-9A-Fa-f]{1,4}){1,6}|:(?::[0-9A-Fa-f]{1,4}){1,7}:?|(?:[0-9A-Fa-f]{1,4}:){1,4}:(?:25[0-5]|2[0-4]\d|1\d\d|\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|\d{1,2})){3})(?:%[0-9A-Fa-f]{2})?(?![0-9a-f:])/gi;
 
 /**
  * Redacts all ip addresses in the input string and collects metadata.

package/lib/traces.ts

@@ -67,8 +67,8 @@ export function withSpan<T>({
 }: WithSpanParams<T>) {
   const sdkConfig = getNodeSdkConfig();
   const tracer = trace.getTracer(
-    traceName ?? sdkConfig.serviceName ?? "o11y-sdk",
-    sdkConfig.serviceVersion,
+    traceName ?? sdkConfig?.serviceName ?? "o11y-sdk",
+    sdkConfig?.serviceVersion,
   );
   return tracer.startActiveSpan(
     spanName,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ogcio/o11y-sdk-node",
-  "version": "0.4.0",
+  "version": "0.4.2",
   "description": "Opentelemetry standard instrumentation SDK for NodeJS based project",
   "main": "dist/index.js",
   "type": "module",

package/test/config-manager.test.ts

@@ -3,8 +3,8 @@ import { getNodeSdkConfig, setNodeSdkConfig } from "../lib/config-manager";
 import { NodeSDKConfig } from "../lib";
 
 describe("Config Manager", () => {
-  it("throws if getConfig is called before initialization", () => {
-    expect(() => getNodeSdkConfig()).toThrow();
+  it("does not throw if getConfig is called before initialization", () => {
+    expect(() => getNodeSdkConfig()).not.toThrow();
   });
 
   it("sdk defined config is not pollutable", () => {

package/test/integration/README.md

@@ -1,26 +1,74 @@
-# Integration Test
+# Integration Test Runner
 
-This folder contains a setup for integration test with o11y node sdk.
+This script is a **Bash-based test runner** that discovers and executes integration test scripts for the Node SDK (`./packages/sdk-node/test/integration`).  
+It ensures tests run inside an isolated Docker network and provides a summary of results.
 
-## Workflow
+---
 
-- Docker must be in running state
-- Run the sh script `sh ./packages/sdk-node/test/integration/run.sh 1 .` from project root with following params
-  1. pipeline build number, for local development, any number or string is fine
-  2. root folder for docker context
-- Change dir to `packages/sdk-node/`
-- Run full test suite with `pnpm test`
+## Usage
 
-## Script
+```bash
+./run-tests.sh <build-id> <root-path> <is-ci?>
+```
+
+**Arguments**
+
+<build-id>
+A unique identifier for the test run. Used to name the Docker network (<build-id>_testnetwork).
+
+<root-path>
+The root path for the project or build environment.
+
+[ci-flag] (optional)
+Defaults to false.
+If set to true, the script will remove all Docker images after the tests complete (intended for CI pipelines to save disk space).
+
+## How It Works
+
+- Ensures at least two arguments are provided. Exits with usage instructions otherwise.
+- Creates a temporary Docker network named <build-id>\_testnetwork.
+- Finds all integration test scripts under: ./packages/sdk-node/test/integration/test\*/run.sh
+- Runs each test script.
+- Captures exit codes and tracks failures.
+- Prints results per test.
+- Removes the Docker network after all tests finish.
+- If running in CI mode (ci-flag = true), removes all Docker images.
+- Reports whether all tests passed or how many failed.
+  Exits with:
+  - 0 if all tests succeeded
+  - 1 if one or more tests failed
+
+**Example**
+
+```
+# Run tests locally
+./run-tests.sh my-build-id /path/to/project
+
+# Run tests in CI mode (cleanup Docker images after)
+./run-tests.sh my-build-id /path/to/project true
+```
+
+## Tests
+
+### test_fastify-o11y-pii-enabled
 
 The `run.sh` script performs the following steps:
 
 - build a docker image of a fastify app `/examples/fastify`
-- setup an temporary test docker network
 - run grafana alloy inside a docker container with a test configuration `/alloy/integration-test.alloy`
 - ensure is running otherwise exit process
 - run fastify app in a docker container
 - ensure is running otherwise exit process
 - execute some curl to the fastify microservice
 - persist alloy log to a file and save to following path `/packages/sdk-node/test/integration/`
+- verify pii data are removed and metrics are increased
 - docker turn down process (containers/network/image)
+
+### test_without-o11y
+
+The `run.sh` script performs the following steps:
+
+- build a docker image of a fastify app `/examples/fastify`
+- verify service execution with o11y sdk disabled (otel collector empty)
+- execute http requests for dummy route with otel trace customization function calls
+- assert 200 http status without any error