@rawnodes/logger 2.9.0 → 2.11.0

package/dist/index.mjs

@@ -161,8 +161,10 @@ var DEFAULT_OPTIONS = {
 var BaseHttpTransport = class {
   buffer;
   onErrorCallback;
+  masker;
   constructor(opts = {}) {
     this.onErrorCallback = opts.onError;
+    this.masker = opts.masker;
     this.buffer = new MessageBuffer({
       batchSize: opts.batchSize ?? DEFAULT_OPTIONS.batchSize,
       flushInterval: opts.flushInterval ?? DEFAULT_OPTIONS.flushInterval,
@@ -197,12 +199,16 @@ var BaseHttpTransport = class {
   }
   transformMessage(info) {
     const { level, message, timestamp, context, ...meta } = info;
+    let resolvedMeta;
+    if (Object.keys(meta).length > 0) {
+      resolvedMeta = this.masker ? this.masker(meta) : meta;
+    }
     return {
       level,
       message: String(message),
       timestamp: timestamp instanceof Date ? timestamp : timestamp ? new Date(String(timestamp)) : /* @__PURE__ */ new Date(),
       context,
-      meta: Object.keys(meta).length > 0 ? meta : void 0
+      meta: resolvedMeta
     };
   }
   handleError(error, messages) {
@@ -249,7 +255,7 @@ var DEFAULT_REQUEST_TIMEOUT_MS = 1e4;
 var DiscordTransport = class extends BaseHttpTransport {
   config;
   requestTimeout;
-  constructor(config) {
+  constructor(config, masker) {
     super({
       batchSize: config.batchSize ?? 10,
       flushInterval: config.flushInterval ?? 2e3,
@@ -258,7 +264,8 @@ var DiscordTransport = class extends BaseHttpTransport {
       maxQueueSize: config.maxQueueSize,
       dropPolicy: config.dropPolicy,
       onDrop: config.onDrop,
-      onError: config.onError
+      onError: config.onError,
+      masker
     });
     this.config = config;
     this.requestTimeout = config.requestTimeout ?? DEFAULT_REQUEST_TIMEOUT_MS;
@@ -398,7 +405,7 @@ var TelegramTransport = class extends BaseHttpTransport {
   config;
   apiUrl;
   requestTimeout;
-  constructor(config) {
+  constructor(config, masker) {
     super({
       batchSize: config.batchSize ?? 20,
       flushInterval: config.flushInterval ?? 1e3,
@@ -407,7 +414,8 @@ var TelegramTransport = class extends BaseHttpTransport {
       maxQueueSize: config.maxQueueSize,
       dropPolicy: config.dropPolicy,
       onDrop: config.onDrop,
-      onError: config.onError
+      onError: config.onError,
+      masker
     });
     this.config = config;
     this.apiUrl = `https://api.telegram.org/bot${config.botToken}`;
@@ -512,7 +520,7 @@ var ZohoCliqTransport = class extends BaseHttpTransport {
   config;
   endpoint;
   requestTimeout;
-  constructor(config) {
+  constructor(config, masker) {
     super({
       batchSize: config.batchSize ?? 20,
       flushInterval: config.flushInterval ?? 2e3,
@@ -521,7 +529,8 @@ var ZohoCliqTransport = class extends BaseHttpTransport {
       maxQueueSize: config.maxQueueSize,
       dropPolicy: config.dropPolicy,
       onDrop: config.onDrop,
-      onError: config.onError
+      onError: config.onError,
+      masker
     });
     this.config = config;
     this.requestTimeout = config.requestTimeout ?? DEFAULT_REQUEST_TIMEOUT_MS3;
@@ -643,7 +652,8 @@ var CloudWatchTransport = class extends BaseHttpTransport {
   initialized = false;
   initPromise = null;
   resolvedLogStreamName;
-  constructor(config, configHostname) {
+  maskReplacer;
+  constructor(config, configHostname, maskReplacerFn) {
     super({
       batchSize: config.batchSize ?? 100,
       flushInterval: config.flushInterval ?? 1e3,
@@ -654,6 +664,7 @@ var CloudWatchTransport = class extends BaseHttpTransport {
       onDrop: config.onDrop,
       onError: config.onError
     });
+    this.maskReplacer = maskReplacerFn;
     this.config = config;
     this.resolvedLogStreamName = resolveLogStreamName(config.logStreamName, configHostname);
     this.client = new CloudWatchLogsClient({
@@ -666,6 +677,7 @@ var CloudWatchTransport = class extends BaseHttpTransport {
   }
   async sendBatch(messages) {
     await this.ensureInitialized();
+    const replacer = this.maskReplacer;
     const logEvents = messages.map((msg) => ({
       timestamp: msg.timestamp.getTime(),
       message: JSON.stringify({
@@ -673,7 +685,7 @@ var CloudWatchTransport = class extends BaseHttpTransport {
         message: msg.message,
         context: msg.context,
         ...msg.meta
-      })
+      }, replacer)
     }));
     logEvents.sort((a, b) => (a.timestamp ?? 0) - (b.timestamp ?? 0));
     const command = new PutLogEventsCommand({
@@ -825,12 +837,12 @@ function shouldPassTransport(log, level, rules, state, respectOverrides) {
   return LOG_LEVELS[logLevel] <= LOG_LEVELS[effectiveLevel];
 }
 var RESERVED_LOG_FIELDS = /* @__PURE__ */ new Set(["level", "time", "msg", "context", "__or"]);
-function formatLog(log, format, store) {
+function formatLog(log, format, state) {
   const levelName = getLevelName(log.level);
   const timestamp = new Date(log.time).toISOString();
   const context = log.context || "APP";
   const message = log.msg || "";
-  const storeContext = store.getStore();
+  const storeContext = state.store.getStore();
   const meta = {};
   for (const [key, value] of Object.entries(log)) {
     if (!RESERVED_LOG_FIELDS.has(key)) {
@@ -840,6 +852,7 @@ function formatLog(log, format, store) {
   if (storeContext) {
     Object.assign(meta, storeContext);
   }
+  const replacer = state.maskReplacer;
   if (format === "json") {
     return JSON.stringify({
       level: levelName,
@@ -847,7 +860,7 @@ function formatLog(log, format, store) {
       context,
       message,
       ...meta
-    }) + "\n";
+    }, replacer) + "\n";
   }
   if (format === "plain") {
     const LEVEL_COLORS = {
@@ -863,10 +876,11 @@ function formatLog(log, format, store) {
     const color = LEVEL_COLORS[levelName] || "";
     const coloredLevel = color ? `${color}${levelName}${RESET}` : levelName;
     const formatValue = (key, value) => {
-      if (typeof value === "string" && value.includes("\n")) {
-        return "\n    " + value.split("\n").join("\n    ");
+      const masked = replacer ? replacer.call(void 0, key, value) : value;
+      if (typeof masked === "string" && masked.includes("\n")) {
+        return "\n    " + masked.split("\n").join("\n    ");
       }
-      return JSON.stringify(value);
+      return JSON.stringify(masked, replacer);
     };
     const metaStr = Object.keys(meta).length > 0 ? "\n  " + Object.entries(meta).map(([k, v]) => `${k}: ${formatValue(k, v)}`).join("\n  ") : "";
     return `[${timestamp}] ${coloredLevel} [${context}] ${message}${metaStr}
@@ -875,7 +889,8 @@ function formatLog(log, format, store) {
   if (format === "logfmt") {
     const parts = [`level=${levelName}`, `msg="${message}"`, `context=${context}`, `ts=${timestamp}`];
     for (const [k, v] of Object.entries(meta)) {
-      parts.push(`${k}=${JSON.stringify(v)}`);
+      const masked = replacer ? replacer.call(void 0, k, v) : v;
+      parts.push(`${k}=${JSON.stringify(masked, replacer)}`);
     }
     return parts.join(" ") + "\n";
   }
@@ -899,7 +914,7 @@ function createFormattedFilterStream(format, level, rules, state, destination, r
         callback();
         return;
       }
-      const formatted = formatLog(log, format, state.store);
+      const formatted = formatLog(log, format, state);
       destination.write(formatted);
       callback();
     }
@@ -956,7 +971,7 @@ function createStreams(config, state) {
     });
   }
   for (const discordConfig of toArray(config.discord)) {
-    const transport = new DiscordTransport(discordConfig);
+    const transport = new DiscordTransport(discordConfig, state.maskerFn);
     transports.push(transport);
     const discordStream = createHttpTransportStream(
       transport,
@@ -971,7 +986,7 @@ function createStreams(config, state) {
     });
   }
   for (const telegramConfig of toArray(config.telegram)) {
-    const transport = new TelegramTransport(telegramConfig);
+    const transport = new TelegramTransport(telegramConfig, state.maskerFn);
     transports.push(transport);
     const telegramStream = createHttpTransportStream(
       transport,
@@ -986,7 +1001,7 @@ function createStreams(config, state) {
     });
   }
   for (const zohoCliqConfig of toArray(config.zohoCliq)) {
-    const transport = new ZohoCliqTransport(zohoCliqConfig);
+    const transport = new ZohoCliqTransport(zohoCliqConfig, state.maskerFn);
     transports.push(transport);
     const zohoStream = createHttpTransportStream(
       transport,
@@ -1001,7 +1016,7 @@ function createStreams(config, state) {
     });
   }
   for (const cloudwatchConfig of toArray(config.cloudwatch)) {
-    const transport = new CloudWatchTransport(cloudwatchConfig, config.hostname);
+    const transport = new CloudWatchTransport(cloudwatchConfig, config.hostname, state.maskReplacer);
     transports.push(transport);
     const cwStream = createHttpTransportStream(
       transport,
@@ -1073,6 +1088,116 @@ function createHttpTransportStream(transport, level, rules, state, respectOverri
   });
 }
 
+// src/utils/mask-secrets.ts
+var DEFAULT_SECRET_PATTERNS = [
+  "password",
+  "secret",
+  "token",
+  "apikey",
+  "api_key",
+  "api-key",
+  "auth",
+  "credential",
+  "private"
+];
+var DEFAULT_MASK = "***";
+var REGEX_ESCAPE_RE = /[.*+?^${}()|[\]\\]/g;
+function buildSecretRe(patterns) {
+  const escaped = patterns.map((p) => p.replace(REGEX_ESCAPE_RE, "\\$&"));
+  return new RegExp(escaped.join("|"), "i");
+}
+var DEFAULT_SECRET_RE = buildSecretRe(DEFAULT_SECRET_PATTERNS);
+var DEFAULT_RESOLVED = {
+  secretRe: DEFAULT_SECRET_RE,
+  mask: DEFAULT_MASK,
+  deep: true
+};
+function resolveOptions(options) {
+  if (options.patterns === void 0 && options.mask === void 0 && options.deep === void 0) {
+    return DEFAULT_RESOLVED;
+  }
+  const { patterns = DEFAULT_SECRET_PATTERNS, mask = DEFAULT_MASK, deep = true } = options;
+  return {
+    secretRe: patterns === DEFAULT_SECRET_PATTERNS ? DEFAULT_SECRET_RE : buildSecretRe(patterns),
+    mask,
+    deep
+  };
+}
+function isSecretKey(key, secretRe) {
+  return secretRe.test(key);
+}
+function maskUrlCredentials(url, mask) {
+  try {
+    const parsed = new URL(url);
+    if (parsed.password) {
+      parsed.password = mask;
+    }
+    if (parsed.username && parsed.password) {
+      parsed.username = mask;
+    }
+    return parsed.toString();
+  } catch {
+    return url;
+  }
+}
+function maskString(str, mask) {
+  if (str.length < 10) return str;
+  if (str.charCodeAt(0) !== 104) return str;
+  if (!str.startsWith("http://") && !str.startsWith("https://")) return str;
+  if (str.indexOf("@") === -1) return str;
+  return maskUrlCredentials(str, mask);
+}
+function maskInternal(obj, opts) {
+  if (obj === null || obj === void 0) return obj;
+  const t = typeof obj;
+  if (t === "string") return maskString(obj, opts.mask);
+  if (t !== "object") return obj;
+  if (Array.isArray(obj)) {
+    return opts.deep ? obj.map((item) => maskInternal(item, opts)) : obj;
+  }
+  const { secretRe, mask, deep } = opts;
+  const result = {};
+  const syms = Object.getOwnPropertySymbols(obj);
+  for (let i = 0; i < syms.length; i++) {
+    const sym = syms[i];
+    result[sym] = obj[sym];
+  }
+  for (const [key, value] of Object.entries(obj)) {
+    if (isSecretKey(key, secretRe)) {
+      result[key] = mask;
+      continue;
+    }
+    const vt = typeof value;
+    if (vt === "string") {
+      result[key] = maskString(value, mask);
+    } else if (deep && vt === "object" && value !== null) {
+      result[key] = maskInternal(value, opts);
+    } else {
+      result[key] = value;
+    }
+  }
+  return result;
+}
+function maskSecrets(obj, options = {}) {
+  return maskInternal(obj, resolveOptions(options));
+}
+function createMasker(options = {}) {
+  const opts = resolveOptions(options);
+  return (obj) => maskInternal(obj, opts);
+}
+function maskReplacer(options = {}) {
+  const { secretRe, mask } = resolveOptions(options);
+  return function(key, value) {
+    if (key !== "" && secretRe.test(key)) return mask;
+    if (typeof value !== "string") return value;
+    if (value.length < 10) return value;
+    if (value.charCodeAt(0) !== 104) return value;
+    if (!value.startsWith("http://") && !value.startsWith("https://")) return value;
+    if (value.indexOf("@") === -1) return value;
+    return maskUrlCredentials(value, mask);
+  };
+}
+
 // src/state.ts
 var CUSTOM_LEVELS = {
   http: 25,
@@ -1121,6 +1246,7 @@ function createState(config, store) {
     levelOverrides.set(key, rule);
   }
   const { contextIndex, complexRules } = buildIndexes(levelOverrides);
+  const maskOptions = config.maskSecrets === true ? {} : config.maskSecrets || void 0;
   const state = {
     pino: null,
     store: loggerStore,
@@ -1129,7 +1255,9 @@ function createState(config, store) {
     contextIndex,
     complexRules,
     callerConfig: void 0,
-    transports: []
+    transports: [],
+    maskReplacer: maskOptions ? maskReplacer(maskOptions) : void 0,
+    maskerFn: maskOptions ? createMasker(maskOptions) : void 0
   };
   const { destination, transports } = createStreams(config, state);
   state.transports = transports;
@@ -1354,7 +1482,16 @@ var RelayConfigSchema = z.object({
   bufferSize: z.number().int().positive().optional(),
   reconnectDelay: z.number().int().positive().optional(),
   maxReconnectDelay: z.number().int().positive().optional(),
-  respectRuntimeOverrides: z.boolean().optional()
+  respectRuntimeOverrides: z.boolean().optional(),
+  allowedWsHosts: z.array(z.string()).optional(),
+  maskSecrets: z.union([
+    z.boolean(),
+    z.object({
+      patterns: z.array(z.string()).optional(),
+      mask: z.string().optional(),
+      deep: z.boolean().optional()
+    })
+  ]).optional()
 });
 var LevelConfigObjectSchema = z.object({
   default: LogLevelSchema,
@@ -1372,6 +1509,11 @@ var AutoShutdownConfigSchema = z.object({
   timeout: z.number().int().positive().optional(),
   signals: z.array(z.string()).optional()
 });
+var MaskSecretsOptionsSchema = z.object({
+  patterns: z.array(z.string()).optional(),
+  mask: z.string().optional(),
+  deep: z.boolean().optional()
+});
 var LoggerConfigSchema = z.object({
   level: LevelConfigSchema,
   console: ConsoleConfigSchema,
@@ -1383,7 +1525,8 @@ var LoggerConfigSchema = z.object({
   relay: RelayConfigSchema.optional(),
   caller: z.union([z.boolean(), CallerConfigSchema]).optional(),
   hostname: z.string().optional(),
-  autoShutdown: z.union([z.boolean(), AutoShutdownConfigSchema]).optional()
+  autoShutdown: z.union([z.boolean(), AutoShutdownConfigSchema]).optional(),
+  maskSecrets: z.union([z.boolean(), MaskSecretsOptionsSchema]).optional()
 });
 function validateConfig(config) {
   return LoggerConfigSchema.parse(config);
@@ -1539,13 +1682,22 @@ function extractAxiosHttpData(error) {
     }
   }
   if (error.config) {
-    const { url, baseURL, method } = error.config;
+    const { url, baseURL, method, params, data, headers } = error.config;
     if (url) {
       httpData.url = baseURL && !url.startsWith("http") ? `${baseURL}${url}` : url;
     }
     if (method) {
       httpData.method = method.toUpperCase();
     }
+    if (params !== void 0) {
+      httpData.params = sanitizeResponseData(params);
+    }
+    if (data !== void 0) {
+      httpData.requestData = sanitizeResponseData(data);
+    }
+    if (headers !== void 0) {
+      httpData.requestHeaders = sanitizeResponseData(headers);
+    }
   }
   return httpData;
 }
@@ -1583,6 +1735,18 @@ function extractGenericHttpData(error) {
       httpData.method = config.method.toUpperCase();
       hasData = true;
     }
+    if (config.params !== void 0) {
+      httpData.params = sanitizeResponseData(config.params);
+      hasData = true;
+    }
+    if (config.data !== void 0) {
+      httpData.requestData = sanitizeResponseData(config.data);
+      hasData = true;
+    }
+    if (config.headers !== void 0) {
+      httpData.requestHeaders = sanitizeResponseData(config.headers);
+      hasData = true;
+    }
   }
   return hasData ? httpData : void 0;
 }
@@ -1921,75 +2085,6 @@ function getOrGenerateRequestId(headers, options = {}) {
   return extractRequestId(headers) ?? generateRequestId(options);
 }
 
-// src/utils/mask-secrets.ts
-var DEFAULT_SECRET_PATTERNS = [
-  "password",
-  "secret",
-  "token",
-  "apikey",
-  "api_key",
-  "api-key",
-  "auth",
-  "credential",
-  "private"
-];
-var DEFAULT_MASK = "***";
-function isSecretKey(key, patterns) {
-  const lowerKey = key.toLowerCase();
-  return patterns.some((pattern) => lowerKey.includes(pattern.toLowerCase()));
-}
-function maskUrlCredentials(url, mask) {
-  try {
-    const parsed = new URL(url);
-    if (parsed.password) {
-      parsed.password = mask;
-    }
-    if (parsed.username && parsed.password) {
-      parsed.username = mask;
-    }
-    return parsed.toString();
-  } catch {
-    return url;
-  }
-}
-function maskSecrets(obj, options = {}) {
-  const { patterns = DEFAULT_SECRET_PATTERNS, mask = DEFAULT_MASK, deep = true } = options;
-  if (obj === null || obj === void 0) {
-    return obj;
-  }
-  if (typeof obj === "string") {
-    if (obj.startsWith("http://") || obj.startsWith("https://")) {
-      return maskUrlCredentials(obj, mask);
-    }
-    return obj;
-  }
-  if (Array.isArray(obj)) {
-    return deep ? obj.map((item) => maskSecrets(item, options)) : obj;
-  }
-  if (typeof obj === "object") {
-    const result = {};
-    for (const sym of Object.getOwnPropertySymbols(obj)) {
-      result[sym] = obj[sym];
-    }
-    for (const [key, value] of Object.entries(obj)) {
-      if (isSecretKey(key, patterns)) {
-        result[key] = mask;
-      } else if (deep && typeof value === "object" && value !== null) {
-        result[key] = maskSecrets(value, options);
-      } else if (typeof value === "string") {
-        result[key] = maskSecrets(value, options);
-      } else {
-        result[key] = value;
-      }
-    }
-    return result;
-  }
-  return obj;
-}
-function createMasker(options = {}) {
-  return (obj) => maskSecrets(obj, options);
-}
-
 // src/formatters.ts
 var MAX_FLATTEN_DEPTH = 10;
 var CIRCULAR_REF = "[Circular]";
@@ -2041,6 +2136,6 @@ function formatLogfmt(data) {
   return Object.entries(flattened).filter(([, value]) => value !== void 0 && value !== null).map(([key, value]) => `${key}=${formatLogfmtValue(value)}`).join(" ");
 }
 
-export { AutoShutdownConfigSchema, BaseHttpTransport, CallerConfigSchema, CloudWatchConfigSchema, CloudWatchTransport, ConsoleConfigSchema, DiscordConfigSchema, DiscordTransport, FileConfigSchema, HttpTransportBaseConfigSchema, LOG_LEVELS, LevelConfigObjectSchema, LevelConfigSchema, LevelRuleSchema, LogFormatSchema, LogLevelSchema, LogStreamNameSchema, LogStreamPatternConfigSchema, LogStreamPatternSchema, LogStreamTemplateConfigSchema, Logger, LoggerConfigSchema, LoggerStore, MessageBuffer, RelayConfigSchema, TelegramConfigSchema, TelegramTransport, ZohoCliqConfigSchema, ZohoCliqTransport, assertLogLevel, createMasker, createSingletonLogger, extractRequestId, flattenObject, formatCallerInfo, formatLogfmt, formatLogfmtValue, generateRequestId, getCallerInfo, getOrGenerateRequestId, isValidLogLevel, maskSecrets, matchesContext, measureAsync, measureSync, registerShutdown, safeValidateConfig, serializeError, validateConfig };
+export { AutoShutdownConfigSchema, BaseHttpTransport, CallerConfigSchema, CloudWatchConfigSchema, CloudWatchTransport, ConsoleConfigSchema, DiscordConfigSchema, DiscordTransport, FileConfigSchema, HttpTransportBaseConfigSchema, LOG_LEVELS, LevelConfigObjectSchema, LevelConfigSchema, LevelRuleSchema, LogFormatSchema, LogLevelSchema, LogStreamNameSchema, LogStreamPatternConfigSchema, LogStreamPatternSchema, LogStreamTemplateConfigSchema, Logger, LoggerConfigSchema, LoggerStore, MessageBuffer, RelayConfigSchema, TelegramConfigSchema, TelegramTransport, ZohoCliqConfigSchema, ZohoCliqTransport, assertLogLevel, createMasker, createSingletonLogger, extractRequestId, flattenObject, formatCallerInfo, formatLogfmt, formatLogfmtValue, generateRequestId, getCallerInfo, getOrGenerateRequestId, isValidLogLevel, maskReplacer, maskSecrets, matchesContext, measureAsync, measureSync, registerShutdown, safeValidateConfig, serializeError, validateConfig };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map