@salesforce/core 3.30.10 → 3.30.11

package/lib/crypto/keyChainImpl.js

@@ -37,9 +37,7 @@ const GET_PASSWORD_RETRY_COUNT = 3;
  *
  * @param optionsArray CLI command args.
  */
-function _optionsToString(optionsArray) {
-    return optionsArray.reduce((accum, element) => `${accum} ${element}`);
-}
+const optionsToString = (optionsArray) => optionsArray.join(' ');
 /**
  * Helper to determine if a program is executable. Returns `true` if the program is executable for the user. For
  * Windows true is always returned.
@@ -48,7 +46,7 @@ function _optionsToString(optionsArray) {
  * @param gid Unix group id.
  * @param uid Unix user id.
  */
-const _isExe = (mode, gid, uid) => {
+const isExe = (mode, gid, uid) => {
     if (process.platform === 'win32') {
         return true;
     }
@@ -67,7 +65,10 @@ const _isExe = (mode, gid, uid) => {
  * @param fsIfc The file system interface.
  * @param isExeIfc Executable validation function.
  */
-const _validateProgram = async (programPath, fsIfc, isExeIfc) => {
+// eslint-disable-next-line no-underscore-dangle
+const _validateProgram = async (programPath, fsIfc, isExeIfc
+// eslint-disable-next-line @typescript-eslint/require-await
+) => {
     let noPermission;
     try {
         const stats = fsIfc.statSync(programPath);
@@ -98,7 +99,7 @@ class KeychainAccess {
      * Validates the os level program is executable.
      */
     async validateProgram() {
-        await _validateProgram(this.osImpl.getProgram(), this.fsIfc, _isExe);
+        await _validateProgram(this.osImpl.getProgram(), this.fsIfc, isExe);
     }
     /**
      * Returns a password using the native program for credential management.
@@ -136,6 +137,7 @@ class KeychainAccess {
                 return await this.osImpl.onGetCommandClose(code, stdout, stderr, opts, fn);
             }
             catch (e) {
+                // eslint-disable-next-line @typescript-eslint/ban-ts-comment
                 // @ts-ignore
                 if (e.retry) {
                     if (retryCount >= GET_PASSWORD_RETRY_COUNT) {
@@ -172,7 +174,7 @@ class KeychainAccess {
             fn(messages.createError('passwordRequiredError'));
             return;
         }
-        await _validateProgram(this.osImpl.getProgram(), this.fsIfc, _isExe);
+        await _validateProgram(this.osImpl.getProgram(), this.fsIfc, isExe);
         const credManager = this.osImpl.setCommandFunc(opts, childProcess.spawn);
         let stdout = '';
         let stderr = '';
@@ -188,7 +190,7 @@ class KeychainAccess {
         }
         credManager.on('close', 
         // eslint-disable-next-line @typescript-eslint/no-misused-promises
-        async (code) => await this.osImpl.onSetCommandClose(code, stdout, stderr, opts, fn));
+        async (code) => this.osImpl.onSetCommandClose(code, stdout, stderr, opts, fn));
         if (credManager.stdin) {
             credManager.stdin.end();
         }
@@ -200,23 +202,25 @@ exports.KeychainAccess = KeychainAccess;
  *
  * Uses libsecret.
  */
-const _linuxImpl = {
+const linuxImpl = {
     getProgram() {
-        return process.env.SFDX_SECRET_TOOL_PATH || path.join(path.sep, 'usr', 'bin', 'secret-tool');
+        return process.env.SFDX_SECRET_TOOL_PATH ?? path.join(path.sep, 'usr', 'bin', 'secret-tool');
     },
     getProgramOptions(opts) {
         return ['lookup', 'user', opts.account, 'domain', opts.service];
     },
     getCommandFunc(opts, fn) {
-        return fn(_linuxImpl.getProgram(), _linuxImpl.getProgramOptions(opts));
+        return fn(linuxImpl.getProgram(), linuxImpl.getProgramOptions(opts));
     },
+    // eslint-disable-next-line @typescript-eslint/require-await
     async onGetCommandClose(code, stdout, stderr, opts, fn) {
         if (code === 1) {
-            const command = `${_linuxImpl.getProgram()} ${_optionsToString(_linuxImpl.getProgramOptions(opts))}`;
+            const command = `${linuxImpl.getProgram()} ${optionsToString(linuxImpl.getProgramOptions(opts))}`;
             const error = messages.createError('passwordNotFoundError', [], [command]);
             // This is a workaround for linux.
             // Calling secret-tool too fast can cause it to return an unexpected error. (below)
-            if (stderr != null && stderr.includes('invalid or unencryptable secret')) {
+            if (stderr?.includes('invalid or unencryptable secret')) {
+                // eslint-disable-next-line @typescript-eslint/ban-ts-comment
                 // @ts-ignore TODO: make an error subclass with this field
                 error.retry = true;
                 // Throwing here allows us to perform a retry in KeychainAccess
@@ -233,15 +237,16 @@ const _linuxImpl = {
         return ['store', "--label='salesforce.com'", 'user', opts.account, 'domain', opts.service];
     },
     setCommandFunc(opts, fn) {
-        const secretTool = fn(_linuxImpl.getProgram(), _linuxImpl.setProgramOptions(opts));
+        const secretTool = fn(linuxImpl.getProgram(), linuxImpl.setProgramOptions(opts));
         if (secretTool.stdin) {
             secretTool.stdin.write(`${opts.password}\n`);
         }
         return secretTool;
     },
+    // eslint-disable-next-line @typescript-eslint/require-await
     async onSetCommandClose(code, stdout, stderr, opts, fn) {
         if (code !== 0) {
-            const command = `${_linuxImpl.getProgram()} ${_optionsToString(_linuxImpl.setProgramOptions(opts))}`;
+            const command = `${linuxImpl.getProgram()} ${optionsToString(linuxImpl.setProgramOptions(opts))}`;
             fn(messages.createError('setCredentialError', [`${stdout} - ${stderr}`], [os.userInfo().username, command]));
         }
         else {
@@ -254,7 +259,7 @@ const _linuxImpl = {
  *
  * /usr/bin/security is a cli front end for OSX keychain.
  */
-const _darwinImpl = {
+const darwinImpl = {
     getProgram() {
         return path.join(path.sep, 'usr', 'bin', 'security');
     },
@@ -262,8 +267,9 @@ const _darwinImpl = {
         return ['find-generic-password', '-a', opts.account, '-s', opts.service, '-g'];
     },
     getCommandFunc(opts, fn) {
-        return fn(_darwinImpl.getProgram(), _darwinImpl.getProgramOptions(opts));
+        return fn(darwinImpl.getProgram(), darwinImpl.getProgramOptions(opts));
     },
+    // eslint-disable-next-line @typescript-eslint/require-await
     async onGetCommandClose(code, stdout, stderr, opts, fn) {
         let err;
         if (code !== 0) {
@@ -273,7 +279,7 @@ const _darwinImpl = {
                     break;
                 }
                 default: {
-                    const command = `${_darwinImpl.getProgram()} ${_optionsToString(_darwinImpl.getProgramOptions(opts))}`;
+                    const command = `${darwinImpl.getProgram()} ${optionsToString(darwinImpl.getProgramOptions(opts))}`;
                     err = messages.createError('passwordNotFoundError', [`${stdout} - ${stderr}`], [command]);
                 }
             }
@@ -292,7 +298,7 @@ const _darwinImpl = {
             }
         }
         else {
-            const command = `${_darwinImpl.getProgram()} ${_optionsToString(_darwinImpl.getProgramOptions(opts))}`;
+            const command = `${darwinImpl.getProgram()} ${optionsToString(darwinImpl.getProgramOptions(opts))}`;
             fn(messages.createError('passwordNotFoundError', [`${stdout} - ${stderr}`], [command]));
         }
     },
@@ -304,11 +310,12 @@ const _darwinImpl = {
         return result;
     },
     setCommandFunc(opts, fn) {
-        return fn(_darwinImpl.getProgram(), _darwinImpl.setProgramOptions(opts));
+        return fn(darwinImpl.getProgram(), darwinImpl.setProgramOptions(opts));
     },
+    // eslint-disable-next-line @typescript-eslint/require-await
     async onSetCommandClose(code, stdout, stderr, opts, fn) {
         if (code !== 0) {
-            const command = `${_darwinImpl.getProgram()} ${_optionsToString(_darwinImpl.setProgramOptions(opts))}`;
+            const command = `${darwinImpl.getProgram()} ${optionsToString(darwinImpl.setProgramOptions(opts))}`;
             fn(messages.createError('setCredentialError', [`${stdout} - ${stderr}`], [os.userInfo().username, command]));
         }
         else {
@@ -323,7 +330,7 @@ var SecretField;
     SecretField["ACCOUNT"] = "account";
     SecretField["KEY"] = "key";
 })(SecretField || (SecretField = {}));
-async function _writeFile(opts, fn) {
+async function writeFile(opts, fn) {
     try {
         const contents = {
             [SecretField.ACCOUNT]: opts.account,
@@ -339,7 +346,7 @@ async function _writeFile(opts, fn) {
         fn(err);
     }
 }
-async function _readFile() {
+async function readFile() {
     // The file and access is validated before this method is called
     const fileContents = (0, kit_1.parseJsonMap)(await fs.promises.readFile(getSecretFile(), 'utf8'));
     return {
@@ -360,7 +367,7 @@ class GenericKeychainAccess {
             if (fileAccessError == null) {
                 // read it's contents
                 try {
-                    const { service, account, password } = await _readFile();
+                    const { service, account, password } = await readFile();
                     // validate service name and account just because
                     if (opts.service === service && opts.account === account) {
                         fn(null, password);
@@ -375,13 +382,11 @@ class GenericKeychainAccess {
                     fn(readJsonErr);
                 }
             }
+            else if (fileAccessError.code === 'ENOENT') {
+                fn(messages.createError('passwordNotFoundError'));
+            }
             else {
-                if (fileAccessError.code === 'ENOENT') {
-                    fn(messages.createError('passwordNotFoundError'));
-                }
-                else {
-                    fn(fileAccessError);
-                }
+                fn(fileAccessError);
             }
         });
     }
@@ -393,7 +398,7 @@ class GenericKeychainAccess {
                 // file not found
                 if (fileAccessError.code === 'ENOENT') {
                     // create the file
-                    await _writeFile.call(this, opts, fn);
+                    await writeFile.call(this, opts, fn);
                 }
                 else {
                     fn(fileAccessError);
@@ -401,10 +406,11 @@ class GenericKeychainAccess {
             }
             else {
                 // the existing file validated. we can write the updated key
-                await _writeFile.call(this, opts, fn);
+                await writeFile.call(this, opts, fn);
             }
         });
     }
+    // eslint-disable-next-line class-methods-use-this
     async isValidFileAccess(cb) {
         try {
             const root = (0, os_1.homedir)();
@@ -436,6 +442,7 @@ class GenericUnixKeychainAccess extends GenericKeychainAccess {
                     await cb(null);
                 }
                 else {
+                    // eslint-disable-next-line @typescript-eslint/no-floating-promises
                     cb(messages.createError('genericKeychainInvalidPermsError', [secretFile], [secretFile, EXPECTED_OCTAL_PERM_VALUE]));
                 }
             }
@@ -473,8 +480,8 @@ exports.keyChainImpl = {
     generic_unix: new GenericUnixKeychainAccess(),
     // eslint-disable-next-line camelcase
     generic_windows: new GenericWindowsKeychainAccess(),
-    darwin: new KeychainAccess(_darwinImpl, nodeFs),
-    linux: new KeychainAccess(_linuxImpl, nodeFs),
+    darwin: new KeychainAccess(darwinImpl, nodeFs),
+    linux: new KeychainAccess(linuxImpl, nodeFs),
     validateProgram: _validateProgram,
 };
 //# sourceMappingURL=keyChainImpl.js.map

package/lib/deviceOauthService.js

@@ -81,7 +81,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
         const deviceFlowRequestUrl = this.getDeviceFlowRequestUrl();
         const pollingOptions = this.getPollingOptions(deviceFlowRequestUrl, loginData.device_code);
         const interval = kit_1.Duration.seconds(loginData.interval).milliseconds;
-        return await this.pollForDeviceApproval(pollingOptions, interval);
+        return this.pollForDeviceApproval(pollingOptions, interval);
     }
     /**
      * Creates and saves new AuthInfo
@@ -138,7 +138,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
             return await makeRequest(httpRequest);
         }
         catch (e) {
-            // eslint-disable-next-line @typescript-eslint/no-explicit-any
+            /* eslint-disable @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/restrict-template-expressions */
             const err = e.data;
             if (err.error && err.status === 400 && err.error === 'authorization_pending') {
                 // do nothing because we're still waiting
@@ -153,6 +153,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
                 }
                 throw err;
             }
+            /* eslint-enable @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/restrict-template-expressions */
         }
     }
     shouldContinuePolling() {
@@ -162,6 +163,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
         this.logger.debug('BEGIN POLLING FOR DEVICE APPROVAL');
         let result;
         while (this.shouldContinuePolling()) {
+            // eslint-disable-next-line no-await-in-loop
             result = await this.poll(httpRequest);
             if (result) {
                 this.logger.debug('POLLING FOR DEVICE APPROVAL SUCCESS');
@@ -169,6 +171,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
             }
             else {
                 this.logger.debug(`waiting ${interval} ms...`);
+                // eslint-disable-next-line no-await-in-loop
                 await wait(interval);
                 this.pollingCount += 1;
             }

package/lib/exported.js

@@ -7,7 +7,11 @@
  */
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/lib/global.js

@@ -104,5 +104,7 @@ Global.STATE_FOLDER = Global.SFDX_STATE_FOLDER;
 /**
  * The full system path to the global log file.
  */
+// member ordering conflicts with the TS use-before-declaration error
+// eslint-disable-next-line @typescript-eslint/member-ordering
 Global.LOG_FILE_PATH = path.join(Global.SF_DIR, 'sf.log');
 //# sourceMappingURL=global.js.map

package/lib/lifecycleEvents.js

@@ -10,6 +10,7 @@ exports.Lifecycle = void 0;
 const Debug = require("debug");
 const semver_1 = require("semver");
 // needed for TS to not put everything inside /lib/src
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
 // @ts-ignore
 const pjson = require("../package.json");
 /**
@@ -85,6 +86,7 @@ class Lifecycle {
     /**
      * return the package.json version of the sfdx-core library.
      */
+    // eslint-disable-next-line class-methods-use-this
     version() {
         return pjson.version;
     }
@@ -175,6 +177,7 @@ class Lifecycle {
         }
         else {
             for (const cb of listeners) {
+                // eslint-disable-next-line no-await-in-loop
                 await cb(data);
             }
         }

package/lib/logger.d.ts

@@ -62,7 +62,7 @@ export declare enum LoggerLevel {
     FATAL = 60
 }
 /**
- *  `Logger` format types.
+ * `Logger` format types.
  */
 export declare enum LoggerFormat {
     JSON = 0,
@@ -310,8 +310,7 @@ export declare class Logger {
     /**
      * Close the logger, including any streams, and remove all listeners.
      *
-     * @param fn A function with signature `(stream: LoggerStream) => void` to call for each stream with
-     *                        the stream as an arg.
+     * @param fn A function with signature `(stream: LoggerStream) => void` to call for each stream with the stream as an arg.
      */
     close(fn?: (stream: LoggerStream) => void): void;
     /**

package/lib/logger.js

@@ -35,7 +35,7 @@ var LoggerLevel;
     LoggerLevel[LoggerLevel["FATAL"] = 60] = "FATAL";
 })(LoggerLevel = exports.LoggerLevel || (exports.LoggerLevel = {}));
 /**
- *  `Logger` format types.
+ * `Logger` format types.
  */
 var LoggerFormat;
 (function (LoggerFormat) {
@@ -77,13 +77,13 @@ class Logger {
          * The default rotation period for logs. Example '1d' will rotate logs daily (at midnight).
          * See 'period' docs here: https://github.com/forcedotcom/node-bunyan#stream-type-rotating-file
          */
-        this.logRotationPeriod = new kit_1.Env().getString('SF_LOG_ROTATION_PERIOD') || '1d';
+        this.logRotationPeriod = new kit_1.Env().getString('SF_LOG_ROTATION_PERIOD') ?? '1d';
         /**
          * The number of backup rotated log files to keep.
          * Example: '3' will have the base sf.log file, and the past 3 (period) log files.
          * See 'count' docs here: https://github.com/forcedotcom/node-bunyan#stream-type-rotating-file
          */
-        this.logRotationCount = new kit_1.Env().getNumber('SF_LOG_ROTATION_COUNT') || 2;
+        this.logRotationCount = new kit_1.Env().getNumber('SF_LOG_ROTATION_COUNT') ?? 2;
         /**
          * Whether debug is enabled for this Logger.
          */
@@ -118,7 +118,7 @@ class Logger {
         }
         // Inspect format to know what logging format to use then delete from options to
         // ensure it doesn't conflict with Bunyan.
-        this.format = options.format || LoggerFormat.JSON;
+        this.format = options.format ?? LoggerFormat.JSON;
         delete options.format;
         // If the log format is LOGFMT, we need to convert any stream(s) into a LOGFMT type stream.
         if (this.format === LoggerFormat.LOGFMT && options.stream) {
@@ -139,7 +139,7 @@ class Logger {
             this.bunyan.streams = [];
         }
         // all SFDX loggers must filter sensitive data
-        this.addFilter((...args) => _filter(...args));
+        this.addFilter((...args) => filterSecrets(...args));
         if (global_1.Global.getEnvironmentMode() !== global_1.Mode.TEST) {
             Logger.lifecycle.on('uncaughtException', this.uncaughtExceptionHandler);
             Logger.lifecycle.on('exit', this.exitHandler);
@@ -363,7 +363,9 @@ class Logger {
     /**
      * Gets the underlying Bunyan logger.
      */
-    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
+    // leave this typed as any to keep if from trying to export the type from the untyped bunyan module
+    // this prevents consumers from getting node_modules/@salesforce/core/lib/logger.d.ts:281:24 - error TS2304: Cannot find name 'Bunyan'.
+    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types, @typescript-eslint/no-explicit-any
     getBunyanLogger() {
         return this.bunyan;
     }
@@ -420,6 +422,7 @@ class Logger {
             // eslint-disable-next-line @typescript-eslint/no-explicit-any
             this.bunyan.streams.forEach(async (stream) => {
                 if (stream.type === 'file') {
+                    // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
                     content += await fs.promises.readFile(stream.path, 'utf8');
                 }
             });
@@ -432,7 +435,6 @@ class Logger {
      * @param filter A function with signature `(...args: any[]) => any[]` that transforms log message arguments.
      */
     addFilter(filter) {
-        // eslint disable-line @typescript-eslint/no-explicit-any
         if (!this.bunyan.filters) {
             this.bunyan.filters = [];
         }
@@ -441,8 +443,7 @@ class Logger {
     /**
      * Close the logger, including any streams, and remove all listeners.
      *
-     * @param fn A function with signature `(stream: LoggerStream) => void` to call for each stream with
-     *                        the stream as an arg.
+     * @param fn A function with signature `(stream: LoggerStream) => void` to call for each stream with the stream as an arg.
      */
     close(fn) {
         if (this.bunyan.streams) {
@@ -500,6 +501,7 @@ class Logger {
      */
     // eslint-disable-next-line @typescript-eslint/no-explicit-any
     trace(...args) {
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
         this.bunyan.trace(this.applyFilters(LoggerLevel.TRACE, ...args));
         return this;
     }
@@ -581,6 +583,7 @@ class Logger {
                 stream: new stream_1.Writable({
                     write: (chunk, encoding, next) => {
                         try {
+                            // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
                             const json = (0, kit_1.parseJsonMap)(chunk.toString());
                             const logLevel = (0, ts_types_1.ensureNumber)(json.level);
                             if (this.getLevel() <= logLevel) {
@@ -615,11 +618,14 @@ class Logger {
         }
         return args && args.length === 1 ? args[0] : args;
     }
+    // eslint-disable-next-line class-methods-use-this
     createLogFmtFormatterStream(loggerStream) {
         const logFmtWriteableStream = new stream_1.Writable({
             write: (chunk, enc, cb) => {
                 try {
+                    // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
                     const parsedJSON = JSON.parse(chunk.toString());
+                    // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
                     const keys = Object.keys(parsedJSON);
                     let logEntry = '';
                     keys.forEach((key) => {
@@ -682,50 +688,48 @@ const FILTERED_KEYS = [
     { name: 'sfdxauthurl', regex: 'sfdx[^\'"]*auth[^\'"]*url' },
 ];
 // SFDX code and plugins should never show tokens or connect app information in the logs
-const _filter = (...args) => {
-    return args.map((arg) => {
-        if ((0, ts_types_1.isArray)(arg)) {
-            return _filter(...arg);
-        }
-        if (arg) {
-            let _arg;
-            // Normalize all objects into a string. This include errors.
-            if (arg instanceof Buffer) {
-                _arg = '<Buffer>';
-            }
-            else if ((0, ts_types_1.isObject)(arg)) {
-                _arg = JSON.stringify(arg);
-            }
-            else if ((0, ts_types_1.isString)(arg)) {
-                _arg = arg;
-            }
-            else {
-                _arg = '';
-            }
-            const HIDDEN = 'HIDDEN';
-            FILTERED_KEYS.forEach((key) => {
-                let expElement = key;
-                let expName = key;
-                // Filtered keys can be strings or objects containing regular expression components.
-                if ((0, ts_types_1.isPlainObject)(key)) {
-                    expElement = key.regex;
-                    expName = key.name;
-                }
-                const hiddenAttrMessage = `"<${expName} - ${HIDDEN}>"`;
-                // Match all json attribute values case insensitive: ex. {" Access*^&(*()^* Token " : " 45143075913458901348905 \n\t" ...}
-                const regexTokens = new RegExp(`(['"][^'"]*${expElement}[^'"]*['"]\\s*:\\s*)['"][^'"]*['"]`, 'gi');
-                _arg = _arg.replace(regexTokens, `$1${hiddenAttrMessage}`);
-                // Match all key value attribute case insensitive: ex. {" key\t"    : ' access_token  ' , " value " : "  dsafgasr431 " ....}
-                const keyRegex = new RegExp(`(['"]\\s*key\\s*['"]\\s*:)\\s*['"]\\s*${expElement}\\s*['"]\\s*.\\s*['"]\\s*value\\s*['"]\\s*:\\s*['"]\\s*[^'"]*['"]`, 'gi');
-                _arg = _arg.replace(keyRegex, `$1${hiddenAttrMessage}`);
-            });
-            _arg = _arg.replace(/(00D\w{12,15})![.\w]*/, `<${HIDDEN}>`);
-            // return an object if an object was logged; otherwise return the filtered string.
-            return (0, ts_types_1.isObject)(arg) ? (0, kit_1.parseJson)(_arg) : _arg;
+const filterSecrets = (...args) => args.map((arg) => {
+    if ((0, ts_types_1.isArray)(arg)) {
+        return filterSecrets(...arg);
+    }
+    if (arg) {
+        let mutableArg;
+        // Normalize all objects into a string. This include errors.
+        if (arg instanceof Buffer) {
+            mutableArg = '<Buffer>';
         }
-        else {
-            return arg;
+        else if ((0, ts_types_1.isObject)(arg)) {
+            mutableArg = JSON.stringify(arg);
+        }
+        else if ((0, ts_types_1.isString)(arg)) {
+            mutableArg = arg;
         }
-    });
-};
+        else {
+            mutableArg = '';
+        }
+        const HIDDEN = 'HIDDEN';
+        FILTERED_KEYS.forEach((key) => {
+            let expElement = key;
+            let expName = key;
+            // Filtered keys can be strings or objects containing regular expression components.
+            if ((0, ts_types_1.isPlainObject)(key)) {
+                expElement = key.regex;
+                expName = key.name;
+            }
+            const hiddenAttrMessage = `"<${expName} - ${HIDDEN}>"`;
+            // Match all json attribute values case insensitive: ex. {" Access*^&(*()^* Token " : " 45143075913458901348905 \n\t" ...}
+            const regexTokens = new RegExp(`(['"][^'"]*${expElement}[^'"]*['"]\\s*:\\s*)['"][^'"]*['"]`, 'gi');
+            mutableArg = mutableArg.replace(regexTokens, `$1${hiddenAttrMessage}`);
+            // Match all key value attribute case insensitive: ex. {" key\t"    : ' access_token  ' , " value " : "  dsafgasr431 " ....}
+            const keyRegex = new RegExp(`(['"]\\s*key\\s*['"]\\s*:)\\s*['"]\\s*${expElement}\\s*['"]\\s*.\\s*['"]\\s*value\\s*['"]\\s*:\\s*['"]\\s*[^'"]*['"]`, 'gi');
+            mutableArg = mutableArg.replace(keyRegex, `$1${hiddenAttrMessage}`);
+        });
+        mutableArg = mutableArg.replace(/(00D\w{12,15})![.\w]*/, `<${HIDDEN}>`);
+        // return an object if an object was logged; otherwise return the filtered string.
+        return (0, ts_types_1.isObject)(arg) ? (0, kit_1.parseJson)(mutableArg) : mutableArg;
+    }
+    else {
+        return arg;
+    }
+});
 //# sourceMappingURL=logger.js.map

package/lib/messages.js

@@ -539,7 +539,6 @@ Messages.bundles = new Map();
  * @param filePath read file target.
  * @ignore
  */
-Messages.readFile = (filePath) => {
-    return require(filePath);
-};
+// eslint-disable-next-line @typescript-eslint/no-unsafe-return
+Messages.readFile = (filePath) => require(filePath);
 //# sourceMappingURL=messages.js.map