@tracelog/lib 0.5.4 → 0.6.0

package/dist/esm/utils/network/url.utils.js

@@ -1,30 +1,54 @@
-import { isValidUrl } from '../validations';
-import { debugLog } from '../logging';
+import { log } from '../logging.utils';
+/**
+ * Validates if a URL is valid and optionally allows HTTP URLs
+ * @param url - The URL to validate
+ * @param allowHttp - Whether to allow HTTP URLs (default: false)
+ * @returns True if the URL is valid, false otherwise
+ */
+const isValidUrl = (url, allowHttp = false) => {
+    try {
+        const parsed = new URL(url);
+        const isHttps = parsed.protocol === 'https:';
+        const isHttp = parsed.protocol === 'http:';
+        return isHttps || (allowHttp && isHttp);
+    }
+    catch {
+        return false;
+    }
+};
 /**
  * Generates an API URL based on project ID and current domain
  * @param id - The project ID
  * @returns The generated API URL
  */
-export const getApiUrl = (id, allowHttp = false) => {
-    const url = new URL(window.location.href);
-    const host = url.hostname;
-    const parts = host.split('.');
-    if (parts.length === 0) {
-        debugLog.clientError('URLUtils', 'Invalid hostname - no domain parts found', { hostname: host });
-        throw new Error('Invalid URL');
+export const getApiUrl = (config) => {
+    const allowHttp = config.allowHttp ?? false;
+    if (config.integrations?.tracelog?.projectId) {
+        const url = new URL(window.location.href);
+        const host = url.hostname;
+        const parts = host.split('.');
+        if (parts.length === 0) {
+            throw new Error('Invalid URL');
+        }
+        const projectId = config.integrations.tracelog.projectId;
+        const cleanDomain = parts.slice(-2).join('.');
+        const protocol = allowHttp && url.protocol === 'http:' ? 'http' : 'https';
+        const apiUrl = `${protocol}://${projectId}.${cleanDomain}`;
+        const isValid = isValidUrl(apiUrl, allowHttp);
+        if (!isValid) {
+            throw new Error('Invalid URL');
+        }
+        return apiUrl;
     }
-    const cleanDomain = parts.slice(-2).join('.');
-    const protocol = allowHttp && url.protocol === 'http:' ? 'http' : 'https';
-    const apiUrl = `${protocol}://${id}.${cleanDomain}`;
-    const isValid = isValidUrl(apiUrl, allowHttp);
-    if (!isValid) {
-        debugLog.clientError('URLUtils', 'Generated API URL failed validation', {
-            apiUrl,
-            allowHttp,
-        });
-        throw new Error('Invalid URL');
+    if (config.integrations?.custom?.apiUrl) {
+        const apiUrl = config.integrations.custom.apiUrl;
+        const isValid = isValidUrl(apiUrl, allowHttp);
+        if (!isValid) {
+            throw new Error('Invalid URL');
+        }
+        return apiUrl;
     }
-    return apiUrl;
+    return '';
 };
 /**
  * Normalizes a URL by removing sensitive query parameters
@@ -36,7 +60,6 @@ export const normalizeUrl = (url, sensitiveQueryParams = []) => {
     try {
         const urlObject = new URL(url);
         const searchParams = urlObject.searchParams;
-        const originalParamCount = Array.from(searchParams.keys()).length;
         let hasChanged = false;
         const removedParams = [];
         sensitiveQueryParams.forEach((param) => {
@@ -46,13 +69,6 @@ export const normalizeUrl = (url, sensitiveQueryParams = []) => {
                 removedParams.push(param);
             }
         });
-        if (hasChanged) {
-            debugLog.debug('URLUtils', 'Sensitive parameters removed from URL', {
-                removedParams,
-                originalParamCount,
-                finalParamCount: Array.from(searchParams.keys()).length,
-            });
-        }
         if (!hasChanged && url.includes('?')) {
             return url;
         }
@@ -61,66 +77,7 @@ export const normalizeUrl = (url, sensitiveQueryParams = []) => {
         return result;
     }
     catch (error) {
-        debugLog.warn('URLUtils', 'URL normalization failed, returning original', {
-            url: url.slice(0, 100),
-            error: error instanceof Error ? error.message : error,
-        });
+        log('warn', 'URL normalization failed, returning original', { error, data: { url: url.slice(0, 100) } });
         return url;
     }
 };
-/**
- * Checks if a URL path should be excluded from tracking
- * @param url - The URL to check
- * @param excludedPaths - Array of patterns to match against
- * @returns True if the URL should be excluded
- */
-export const isUrlPathExcluded = (url, excludedPaths = []) => {
-    if (excludedPaths.length === 0) {
-        return false;
-    }
-    let path;
-    try {
-        const parsedUrl = new URL(url, window.location.origin);
-        path = parsedUrl.pathname + (parsedUrl.hash ?? '');
-    }
-    catch (error) {
-        debugLog.warn('URLUtils', 'Failed to parse URL for path exclusion check', {
-            url: url.slice(0, 100),
-            error: error instanceof Error ? error.message : error,
-        });
-        return false;
-    }
-    const isRegularExpression = (value) => typeof value === 'object' && value !== undefined && typeof value.test === 'function';
-    const escapeRegexString = (string_) => string_.replaceAll(/[$()*+.?[\\\]^{|}]/g, '\\$&');
-    const wildcardToRegex = (string_) => new RegExp('^' +
-        string_
-            .split('*')
-            .map((element) => escapeRegexString(element))
-            .join('.+') +
-        '$');
-    const matchedPattern = excludedPaths.find((pattern) => {
-        try {
-            if (isRegularExpression(pattern)) {
-                const matches = pattern.test(path);
-                return matches;
-            }
-            if (pattern.includes('*')) {
-                const regex = wildcardToRegex(pattern);
-                const matches = regex.test(path);
-                return matches;
-            }
-            const matches = pattern === path;
-            return matches;
-        }
-        catch (error) {
-            debugLog.warn('URLUtils', 'Error testing exclusion pattern', {
-                pattern,
-                path,
-                error: error instanceof Error ? error.message : error,
-            });
-            return false;
-        }
-    });
-    const isExcluded = !!matchedPattern;
-    return isExcluded;
-};

package/dist/esm/utils/security/sanitize.utils.d.ts

@@ -1,22 +1,10 @@
-import { MetadataType, ApiConfig } from '../../types';
+import { MetadataType } from '../../types';
 /**
  * Sanitizes a string value to prevent XSS attacks
  * @param value - The string to sanitize
  * @returns The sanitized string
  */
 export declare const sanitizeString: (value: string) => string;
-/**
- * Sanitizes a path string for route exclusion checks
- * @param value - The path string to sanitize
- * @returns The sanitized path string
- */
-export declare const sanitizePathString: (value: string) => string;
-/**
- * Sanitizes API configuration data with strict validation
- * @param data - The API config data to sanitize
- * @returns The sanitized API config
- */
-export declare const sanitizeApiConfig: (data: unknown) => ApiConfig;
 /**
  * Sanitizes user metadata for custom events
  * @param metadata - The metadata to sanitize

package/dist/esm/utils/security/sanitize.utils.js

@@ -1,5 +1,5 @@
-import { ALLOWED_API_CONFIG_KEYS, MAX_ARRAY_LENGTH, MAX_OBJECT_DEPTH, MAX_STRING_LENGTH, XSS_PATTERNS, } from '../../constants';
-import { debugLog } from '../logging';
+import { MAX_ARRAY_LENGTH, MAX_OBJECT_DEPTH, MAX_STRING_LENGTH, XSS_PATTERNS } from '../../constants';
+import { log } from '../logging.utils';
 /**
  * Sanitizes a string value to prevent XSS attacks
  * @param value - The string to sanitize
@@ -7,19 +7,13 @@ import { debugLog } from '../logging';
  */
 export const sanitizeString = (value) => {
     if (!value || typeof value !== 'string' || value.trim().length === 0) {
-        debugLog.debug('Sanitize', 'String sanitization skipped - empty or invalid input', { value, type: typeof value });
         return '';
     }
-    const originalLength = value.length;
     let sanitized = value;
     // Limit string length
     if (value.length > MAX_STRING_LENGTH) {
         sanitized = value.slice(0, Math.max(0, MAX_STRING_LENGTH));
-        debugLog.warn('Sanitize', 'String truncated due to length limit', {
-            originalLength,
-            maxLength: MAX_STRING_LENGTH,
-            truncatedLength: sanitized.length,
-        });
+        // Silent truncation - this is expected behavior for long strings
     }
     // Remove potential XSS patterns
     let xssPatternMatches = 0;
@@ -31,9 +25,11 @@ export const sanitizeString = (value) => {
         }
     }
     if (xssPatternMatches > 0) {
-        debugLog.warn('Sanitize', 'XSS patterns detected and removed', {
-            patternMatches: xssPatternMatches,
-            originalValue: value.slice(0, 100), // Log first 100 chars for debugging
+        log('warn', 'XSS patterns detected and removed', {
+            data: {
+                patternMatches: xssPatternMatches,
+                originalValue: value.slice(0, 100),
+            },
         });
     }
     // Basic HTML entity encoding for critical characters
@@ -45,40 +41,8 @@ export const sanitizeString = (value) => {
         .replaceAll("'", ''')
         .replaceAll('/', '/');
     const result = sanitized.trim();
-    if (originalLength > 50 || xssPatternMatches > 0) {
-        debugLog.debug('Sanitize', 'String sanitization completed', {
-            originalLength,
-            sanitizedLength: result.length,
-            xssPatternMatches,
-            wasTruncated: originalLength > MAX_STRING_LENGTH,
-        });
-    }
     return result;
 };
-/**
- * Sanitizes a path string for route exclusion checks
- * @param value - The path string to sanitize
- * @returns The sanitized path string
- */
-export const sanitizePathString = (value) => {
-    if (typeof value !== 'string') {
-        return '';
-    }
-    if (value.length > MAX_STRING_LENGTH) {
-        value = value.slice(0, Math.max(0, MAX_STRING_LENGTH));
-    }
-    let sanitized = value;
-    for (const pattern of XSS_PATTERNS) {
-        sanitized = sanitized.replace(pattern, '');
-    }
-    sanitized = sanitized
-        .replaceAll('&', '&')
-        .replaceAll('<', '&lt;')
-        .replaceAll('>', '&gt;')
-        .replaceAll('"', '&quot;')
-        .replaceAll("'", '&#x27;');
-    return sanitized.trim();
-};
 /**
  * Sanitizes any value recursively with depth protection
  * @param value - The value to sanitize
@@ -88,10 +52,7 @@ export const sanitizePathString = (value) => {
 const sanitizeValue = (value, depth = 0) => {
     // Prevent infinite recursion
     if (depth > MAX_OBJECT_DEPTH) {
-        debugLog.warn('Sanitize', 'Maximum object depth exceeded during sanitization', {
-            depth,
-            maxDepth: MAX_OBJECT_DEPTH,
-        });
+        // Silent depth limit - prevents stack overflow
         return null;
     }
     if (value === null || value === undefined) {
@@ -102,7 +63,7 @@ const sanitizeValue = (value, depth = 0) => {
     }
     if (typeof value === 'number') {
         if (!Number.isFinite(value) || value < -Number.MAX_SAFE_INTEGER || value > Number.MAX_SAFE_INTEGER) {
-            debugLog.warn('Sanitize', 'Invalid number sanitized to 0', { value, isFinite: Number.isFinite(value) });
+            // Silent normalization - invalid numbers become 0
             return 0;
         }
         return value;
@@ -111,34 +72,17 @@ const sanitizeValue = (value, depth = 0) => {
         return value;
     }
     if (Array.isArray(value)) {
-        const originalLength = value.length;
         const limitedArray = value.slice(0, MAX_ARRAY_LENGTH);
-        if (originalLength > MAX_ARRAY_LENGTH) {
-            debugLog.warn('Sanitize', 'Array truncated due to length limit', {
-                originalLength,
-                maxLength: MAX_ARRAY_LENGTH,
-                depth,
-            });
-        }
+        // Silent array length limit
         const sanitizedArray = limitedArray.map((item) => sanitizeValue(item, depth + 1)).filter((item) => item !== null);
-        if (originalLength > 0 && sanitizedArray.length === 0) {
-            debugLog.warn('Sanitize', 'All array items were filtered out during sanitization', { originalLength, depth });
-        }
+        // Silent filter - empty arrays are valid results
         return sanitizedArray;
     }
     if (typeof value === 'object') {
         const sanitizedObject = {};
         const entries = Object.entries(value);
-        const originalKeysCount = entries.length;
         const limitedEntries = entries.slice(0, 20);
-        if (originalKeysCount > 20) {
-            debugLog.warn('Sanitize', 'Object keys truncated due to limit', {
-                originalKeys: originalKeysCount,
-                maxKeys: 20,
-                depth,
-            });
-        }
-        let filteredKeysCount = 0;
+        // Silent object keys limit
         for (const [key, value_] of limitedEntries) {
             const sanitizedKey = sanitizeString(key);
             if (sanitizedKey) {
@@ -146,133 +90,28 @@ const sanitizeValue = (value, depth = 0) => {
                 if (sanitizedValue !== null) {
                     sanitizedObject[sanitizedKey] = sanitizedValue;
                 }
-                else {
-                    filteredKeysCount++;
-                }
-            }
-            else {
-                filteredKeysCount++;
             }
         }
-        if (filteredKeysCount > 0) {
-            debugLog.debug('Sanitize', 'Object properties filtered during sanitization', {
-                filteredKeysCount,
-                remainingKeys: Object.keys(sanitizedObject).length,
-                depth,
-            });
-        }
         return sanitizedObject;
     }
-    debugLog.debug('Sanitize', 'Unknown value type sanitized to null', { type: typeof value, depth });
     return null;
 };
-/**
- * Sanitizes API configuration data with strict validation
- * @param data - The API config data to sanitize
- * @returns The sanitized API config
- */
-export const sanitizeApiConfig = (data) => {
-    debugLog.debug('Sanitize', 'Starting API config sanitization');
-    const safeData = {};
-    if (typeof data !== 'object' || data === null) {
-        debugLog.warn('Sanitize', 'API config data is not an object', { data, type: typeof data });
-        return safeData;
-    }
-    try {
-        const originalKeys = Object.keys(data);
-        let processedKeys = 0;
-        let filteredKeys = 0;
-        for (const key of originalKeys) {
-            if (ALLOWED_API_CONFIG_KEYS.has(key)) {
-                const value = data[key];
-                if (key === 'excludedUrlPaths') {
-                    const paths = Array.isArray(value) ? value : typeof value === 'string' ? [value] : [];
-                    const originalPathsCount = paths.length;
-                    safeData.excludedUrlPaths = paths.map((path) => sanitizePathString(String(path))).filter(Boolean);
-                    const filteredPathsCount = originalPathsCount - safeData.excludedUrlPaths.length;
-                    if (filteredPathsCount > 0) {
-                        debugLog.warn('Sanitize', 'Some excluded URL paths were filtered during sanitization', {
-                            originalCount: originalPathsCount,
-                            filteredCount: filteredPathsCount,
-                        });
-                    }
-                }
-                else if (key === 'tags') {
-                    if (Array.isArray(value)) {
-                        safeData.tags = value;
-                        debugLog.debug('Sanitize', 'Tags processed', { count: value.length });
-                    }
-                    else {
-                        debugLog.warn('Sanitize', 'Tags value is not an array', { value, type: typeof value });
-                    }
-                }
-                else if (key === 'samplingRate') {
-                    const sanitizedValue = sanitizeValue(value);
-                    if (typeof sanitizedValue === 'number') {
-                        safeData.samplingRate = sanitizedValue;
-                    }
-                }
-                else {
-                    const sanitizedValue = sanitizeValue(value);
-                    if (sanitizedValue !== null) {
-                        safeData[key] = sanitizedValue;
-                    }
-                    else {
-                        debugLog.warn('Sanitize', 'API config value sanitized to null', { key, originalValue: value });
-                    }
-                }
-                processedKeys++;
-            }
-            else {
-                filteredKeys++;
-                debugLog.debug('Sanitize', 'API config key not allowed', { key });
-            }
-        }
-        debugLog.info('Sanitize', 'API config sanitization completed', {
-            originalKeys: originalKeys.length,
-            processedKeys,
-            filteredKeys,
-            finalKeys: Object.keys(safeData).length,
-        });
-    }
-    catch (error) {
-        debugLog.error('Sanitize', 'API config sanitization failed', {
-            error: error instanceof Error ? error.message : error,
-        });
-        throw new Error(`API config sanitization failed: ${error instanceof Error ? error.message : 'Unknown error'}`);
-    }
-    return safeData;
-};
 /**
  * Sanitizes user metadata for custom events
  * @param metadata - The metadata to sanitize
  * @returns The sanitized metadata
  */
 export const sanitizeMetadata = (metadata) => {
-    debugLog.debug('Sanitize', 'Starting metadata sanitization', { hasMetadata: metadata != null });
     if (typeof metadata !== 'object' || metadata === null) {
-        debugLog.debug('Sanitize', 'Metadata is not an object, returning empty object', {
-            metadata,
-            type: typeof metadata,
-        });
         return {};
     }
     try {
-        const originalKeys = Object.keys(metadata).length;
         const sanitized = sanitizeValue(metadata);
         const result = typeof sanitized === 'object' && sanitized !== null ? sanitized : {};
-        const finalKeys = Object.keys(result).length;
-        debugLog.debug('Sanitize', 'Metadata sanitization completed', {
-            originalKeys,
-            finalKeys,
-            keysFiltered: originalKeys - finalKeys,
-        });
         return result;
     }
     catch (error) {
-        debugLog.error('Sanitize', 'Metadata sanitization failed', {
-            error: error instanceof Error ? error.message : error,
-        });
-        throw new Error(`Metadata sanitization failed: ${error instanceof Error ? error.message : 'Unknown error'}`);
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        throw new Error(`[TraceLog] Metadata sanitization failed: ${errorMessage}`);
     }
 };

package/dist/esm/utils/validations/config-validations.utils.d.ts

@@ -1,4 +1,4 @@
-import { AppConfig, ApiConfig } from '../../types';
+import { Config } from '../../types';
 /**
  * Validates the app configuration object (before normalization)
  * This validates the structure and basic types but allows for normalization afterward
@@ -6,7 +6,7 @@ import { AppConfig, ApiConfig } from '../../types';
  * @throws {ProjectIdValidationError} If project ID validation fails
  * @throws {AppConfigValidationError} If other configuration validation fails
  */
-export declare const validateAppConfig: (config: AppConfig) => void;
+export declare const validateAppConfig: (config: Config) => void;
 /**
  * Validates and normalizes the app configuration
  * This is the primary validation entry point that ensures consistent behavior
@@ -15,10 +15,4 @@ export declare const validateAppConfig: (config: AppConfig) => void;
  * @throws {ProjectIdValidationError} If project ID validation fails after normalization
  * @throws {AppConfigValidationError} If other configuration validation fails
  */
-export declare const validateAndNormalizeConfig: (config: AppConfig) => AppConfig;
-/**
- * Type guard to check if a JSON response is a valid API config
- * @param json - The JSON to validate
- * @returns True if the JSON is a valid API config
- */
-export declare const isValidConfigApiResponse: (json: unknown) => json is ApiConfig;
+export declare const validateAndNormalizeConfig: (config: Config) => Config;