@zenvia/logger 1.4.3 → 1.6.1

package/.github/workflows/node.js.yml

@@ -0,0 +1,38 @@
+# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
+
+name: Node.js CI
+
+on:
+  - push
+  - pull_request
+
+jobs:
+  test:
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [18.x]
+        # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v3
+      with:
+        node-version: ${{ matrix.node-version }}
+        cache: 'npm'
+    - name: Install dependencies
+      run: npm ci
+    - name: Run lint
+      run: npm run lint
+    - name: Run test
+      run: npm test
+    - name: Coveralls
+      uses: coverallsapp/github-action@v2
+      with:
+        github-token: ${{ secrets.GITHUB_TOKEN }}
+        path-to-lcov: ${{ github.workspace }}/coverage/lcov.info

package/.github/workflows/npm-publish.yml

@@ -0,0 +1,42 @@
+# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
+# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
+
+name: Node.js Package
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+      - name: Install dependencies
+        run: npm ci
+      - name: Run lint
+        run: npm run lint
+      - name: Run test
+        run: npm test
+      - name: Coveralls
+        uses: coverallsapp/github-action@v2
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          path-to-lcov: ${{ github.workspace }}/coverage/lcov.info
+
+  publish-npm:
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          registry-url: https://registry.npmjs.org/
+      - run: npm ci
+      - run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

package/README.md

@@ -1,13 +1,13 @@
 # Zenvia Logger for Node.js
 
-A wrapper for [Winston](https://github.com/winstonjs/winston) Logging [Node.js](https://nodejs.org/) library that formats the output on STDOUT as [Logstash](https://www.elastic.co/logstash) JSON format.
+A wrapper for [Winston](https://github.com/winstonjs/winston) Logging [Node.js](https://nodejs.org/) library that formats the output on STDOUT as [Logstash](https://www.elastic.co/logstash) JSON format. Since version 1.5.0 it is possible to use log tracking. Zenvia Logger uses the [cls-trace](https://www.npmjs.com/package/cls-rtracer) to perform the tracking
 
 [![License](https://img.shields.io/github/license/zenvia/zenvia-logger-node.svg)](LICENSE.md)
 [![Build Status](https://travis-ci.com/zenvia/zenvia-logger-node.svg?branch=master)](https://travis-ci.com/zenvia/zenvia-logger-node)
 [![Coverage Status](https://coveralls.io/repos/github/zenvia/zenvia-logger-node/badge.svg?branch=master)](https://coveralls.io/github/zenvia/zenvia-logger-node?branch=master)
 [![Dependencies](https://img.shields.io/david/zenvia/zenvia-logger-node.svg)](https://david-dm.org/zenvia/zenvia-logger-node)
 
-[![Twitter Follow](https://img.shields.io/twitter/follow/ZenviaMobile.svg?style=social)](https://twitter.com/intent/follow?screen_name=ZenviaMobile)
+[![Twitter Follow](https://img.shields.io/twitter/follow/ZENVIA_.svg?style=social)](https://twitter.com/intent/follow?screen_name=ZENVIA_)
 
 
 
@@ -28,17 +28,62 @@ The following environment variables can be used for increase the log information
 - **HOST** or **HOSTNAME**: value to filled the "host" field in the output JSON.
 - **LOGGING_LEVEL**: set the level of messages that the logger should log. Default to `DEBUG`.
 - **LOGGING_FORMATTER_DISABLED** *(version 1.1.0 and above)*: When `true`, the output logging will not be formatted to JSON. Useful during development time. Default to `false`.
+- **LOGGING_FRAMEWORK_MIDDLEWARE** *(version 1.5.0 and above)*: Value that defines which middleware will be used. It is possible to choose between the middlewares: EXPRESS, FASTIFY, HAPI and KOA. If empty, the middleware default is `EXPRESS`.
+- **LOGGING_TRACE_HEADER** *(version 1.5.0 and above)*: Value indicating the header name that must be obtained from the traceId value in the request. Default is `X-TraceId`.
 
 
+## Basic Usage (Express users)
 
-## Basic Usage
+```js
+// ES6 or Typescript
+import express from 'express';
+import logger, { traceMiddleware } from '@zenvia/logger';
+
+const app = express();
+app.use(traceMiddleware);
+
+logger.info('some message');
+```
+## Basic Usage (FASTIFY users)
+
+```js
+// ES6 or Typescript
+import fastify from 'fastify'
+import logger, { traceMiddleware } from '@zenvia/logger';
+
+fastify.register(traceMiddleware);
+
+logger.info('some message');
+```
+## Basic Usage (KOA users)
 
 ```js
-// ES5
-const logger = require('@zenvia/logger');
+// ES6 or Typescript
+import Koa from 'koa';
+import logger, { traceMiddleware } from '@zenvia/logger';
+
+const app = new Koa();
+app.use(traceMiddleware);
 
+logger.info('some message');
+```
+## Basic Usage (HAPI users)
+
+```js
 // ES6 or Typescript
-import * as logger from '@zenvia/logger';
+import Koa from 'koa';
+import logger, { traceMiddleware } from '@zenvia/logger';
+
+const init = async () => {
+  const server = Hapi.server({
+    port: 3000,
+    host: 'localhost'
+  });
+
+  await server.register({
+    plugin: traceMiddleware
+  });
+}
 
 logger.info('some message');
 ```
@@ -51,7 +96,8 @@ Output:
   "@version": 1,
   "application": "application-name",
   "message": "some message",
-  "level": "INFO"
+  "level": "INFO",
+  "traceID": "123e4567-e32b-12d3-a432-626614174888"
 }
 ```
 
@@ -111,7 +157,7 @@ Output:
 Due to limitations of winston lib, when a text, an error and extra key/value fields are logged at once, the output message field will contain the text message, the error message and the full stack trace as shown.
 
 ```js
-logger.fatal('Ops!', new Error('Something goes wrong'), { keyA: 'value A', keyB: 'value B' });
+logger.fatal('Ops!', { new Error('Something goes wrong'), { keyA: 'value A', keyB: 'value B' } });
 ```
 
 Output:
@@ -128,7 +174,49 @@ Output:
 }
 ```
 
+### Using trace logs
+From version 1.5.0 it is possible to track logs. To do traceability, the cls-rTrace package is used. To use it, just add the middleware in the framework you are using. In this way it is possible to propagate the traceId received in a request to the logs throughout your project. If no traceId is passed in the request, Zenvia Logger generates a random traceId for the request being processed.
 
+**Request example sending traceId:**
+```bash
+curl 'http://localhost/your-application' \
+--header 'X-TraceId: dbcdd40e-10cd-40a7-b912-1b0a17483d67' \
+```
+Log
+```javascript
+logger.info('message with traceID');
+```
+Log Output
+```json
+{
+  "@timestamp": "2018-06-05T18:20:42.345Z",
+  "@version": 1,
+  "application": "application-name",
+  "message": "message with traceID",
+  "level": "INFO",
+  "traceID": "dbcdd40e-10cd-40a7-b912-1b0a17483d67'"
+}
+```
+
+**Request example without sending traceId:**
+```bash
+curl 'http://localhost/your-application'
+```
+Log
+```javascript
+logger.info('message without traceID');
+```
+Log Output
+```json
+{
+  "@timestamp": "2018-06-05T18:20:42.345Z",
+  "@version": 1,
+  "application": "application-name",
+  "message": "message with traceID",
+  "level": "INFO",
+  "traceID": "912c029c-c38f-49e7-9968-e575c5108178'"
+}
+```
 
 ## License
 

package/package.json

@@ -1,9 +1,9 @@
 {
   "name": "@zenvia/logger",
-  "version": "1.4.3",
+  "version": "1.6.1",
   "description": "A wrapper for Winston Logging Node.js library that formats the output on STDOUT as Logstash JSON format.",
   "license": "MIT",
-  "main": "./src/lib/logger",
+  "main": "./src/index",
   "private": false,
   "publishConfig": {
     "access": "public"
@@ -33,18 +33,19 @@
   ],
   "dependencies": {
     "app-root-dir": "^1.0.2",
-    "winston": "^3.3.3"
+    "cls-rtracer": "^2.6.3",
+    "winston": "^3.11.0"
   },
   "devDependencies": {
     "chai": "^4.2.0",
     "chai-as-promised": "^7.1.1",
     "coveralls": "^3.1.0",
-    "eslint": "^7.6.0",
+    "eslint": "^7.10.0",
     "eslint-config-airbnb-base": "^14.2.0",
-    "eslint-plugin-import": "^2.22.0",
-    "mocha": "^8.1.0",
+    "eslint-plugin-import": "^2.22.1",
+    "mocha": "^8.1.3",
     "nyc": "^15.1.0",
-    "sinon": "^9.0.2",
+    "sinon": "^9.2.0",
     "sinon-chai": "^3.5.0",
     "std-mocks": "^1.0.1"
   },

package/src/index.d.ts

@@ -0,0 +1,2 @@
+export { default } from './lib/logger';
+export { default as traceMiddleware } from './middleware/trace';

package/src/index.js

@@ -0,0 +1,9 @@
+Object.defineProperty(exports, '__esModule', {
+  value: true,
+});
+
+const logger = require('./lib/logger');
+const traceMiddleware = require('./middleware/trace');
+
+exports.default = logger;
+exports.traceMiddleware = traceMiddleware();

package/src/lib/logger.d.ts

@@ -1,11 +1,9 @@
-declare module '@zenvia/logger' {
-  import { Logger, LeveledLogMethod } from 'winston';
+import { Logger, LeveledLogMethod } from 'winston';
 
-  interface ZenviaLogger extends Logger {
-    fatal: LeveledLogMethod;
-    isFatalEnabled(): boolean;
-  }
-
-  const logger: ZenviaLogger;
-  export = logger;
+interface ZenviaLogger extends Logger {
+  fatal: LeveledLogMethod;
+  isFatalEnabled(): boolean;
 }
+
+declare const logger: ZenviaLogger;
+export default logger;

package/src/lib/logger.js

@@ -6,10 +6,29 @@
 const winston = require('winston');
 const path = require('path');
 const appRootDir = require('app-root-dir').get();
+const rTrace = require('cls-rtracer');
 
 const appPackage = require(path.join(appRootDir, 'package'));
 
+const sanitizeInfo = (info) => {
+  const sanitizeCRLFInjection = (str) => str
+    .replace(/\n|\r/g, (x) => (x === '\n' ? '#n' : '#r'));
+
+  Object.keys(info).forEach((key) => {
+    if (typeof info[key] === 'string') {
+      info[key] = sanitizeCRLFInjection(info[key]);
+      return;
+    }
+
+    if (info[key] instanceof Function) {
+      delete info[key];
+    }
+  });
+};
+
 const customFormatJson = winston.format((info) => {
+  sanitizeInfo(info);
+
   let stack;
 
   if (info.stack) {
@@ -27,12 +46,14 @@ const customFormatJson = winston.format((info) => {
     message: info.message || '',
     level: ['verbose', 'silly'].includes(info.level) ? 'DEBUG' : info.level.toUpperCase(),
     stack_trace: stack,
+    traceId: rTrace.id(),
   };
 
   return info;
 });
 
 const customCombineJson = winston.format.combine(
+  winston.format.splat(),
   customFormatJson(),
   winston.format.json(),
 );

package/src/middleware/trace.d.ts

@@ -0,0 +1,9 @@
+import rTracer from 'cls-rtracer';
+
+declare const traceMiddleware: () =>
+  ReturnType<typeof rTracer.expressMiddleware> |
+  ReturnType<typeof rTracer.fastifyPlugin> |
+  typeof rTracer.hapiPlugin |
+  ReturnType<typeof rTracer.koaMiddleware>;
+
+export default traceMiddleware;

package/src/middleware/trace.js

@@ -0,0 +1,25 @@
+const rTracer = require('cls-rtracer');
+
+module.exports = () => {
+  const frameworkMiddleware = process.env.LOGGING_FRAMEWORK_MIDDLEWARE;
+
+  const RTRACER_OPTIONS = {
+    useHeader: true,
+    headerName: process.env.LOGGING_TRACE_HEADER || 'X-TraceId',
+    echoHeader: true,
+  };
+
+  const middleware = {
+    EXPRESS: rTracer.expressMiddleware(RTRACER_OPTIONS),
+    FASTIFY: rTracer.fastifyPlugin,
+    HAPI: rTracer.hapiPlugin,
+    KOA: rTracer.koaMiddleware(RTRACER_OPTIONS),
+  };
+
+  // eslint-disable-next-line no-prototype-builtins
+  if (frameworkMiddleware && !middleware.hasOwnProperty(frameworkMiddleware)) {
+    throw new Error(`Invalid framework middleware value. Please check environment variable "LOGGING_FRAMEWORK_MIDDLEWARE". Allowed values: [${Object.keys(middleware)}]`);
+  }
+
+  return middleware[frameworkMiddleware || 'EXPRESS'];
+};

package/test/index.spec.js

@@ -0,0 +1,9 @@
+const { assert } = require('chai');
+const { default: logger, traceMiddleware } = require('../src');
+
+describe('Logger test', () => {
+  it('should load correct module', () => {
+    assert.isNotNull(logger);
+    assert.isNotNull(traceMiddleware);
+  });
+});

package/test/lib/logger.spec.js

@@ -241,6 +241,50 @@ describe('Logger test', () => {
   });
 
   describe('Logging format', () => {
+    it('should replace LF characters from log (POSIX systems)', () => {
+      logger.debug(`some message
+other CRLF injection message`);
+      const expectedOutput = {
+        '@timestamp': '2018-06-05T18:20:42.345Z',
+        '@version': 1,
+        application: 'application-name',
+        host: os.hostname(),
+        message: 'some message#nother CRLF injection message',
+        level: 'DEBUG',
+      };
+
+      const actualOutput = stdMocks.flush().stdout[0];
+      JSON.parse(actualOutput).should.be.deep.equal(expectedOutput);
+
+      logger.debug('some\n CRLF\n injection\n message');
+      const expectedOutput2 = {
+        '@timestamp': '2018-06-05T18:20:42.345Z',
+        '@version': 1,
+        application: 'application-name',
+        host: os.hostname(),
+        message: 'some#n CRLF#n injection#n message',
+        level: 'DEBUG',
+      };
+
+      const actualOutput2 = stdMocks.flush().stdout[0];
+      JSON.parse(actualOutput2).should.be.deep.equal(expectedOutput2);
+    });
+
+    it('should replace CRLF characters from log (Windows systems)', () => {
+      logger.debug('some\r\n CRLF\r\n injection\r\n message');
+      const expectedOutput = {
+        '@timestamp': '2018-06-05T18:20:42.345Z',
+        '@version': 1,
+        application: 'application-name',
+        host: os.hostname(),
+        message: 'some#r#n CRLF#r#n injection#r#n message',
+        level: 'DEBUG',
+      };
+
+      const actualOutput = stdMocks.flush().stdout[0];
+      JSON.parse(actualOutput).should.be.deep.equal(expectedOutput);
+    });
+
     it('should get not format when LOGGING_FORMATTER_DISABLED environment is true', () => {
       delete require.cache[require.resolve('../../src/lib/logger')];
       process.env.LOGGING_FORMATTER_DISABLED = 'true';

package/test/middleware/trace.spec.js

@@ -0,0 +1,117 @@
+const stdMocks = require('std-mocks');
+const rTrace = require('cls-rtracer');
+const { assert } = require('chai');
+const sinon = require('sinon');
+const traceMiddleware = require('../../src/middleware/trace');
+
+const DEFAULT_HEADER_NAME = 'X-TraceId';
+
+describe('Trace middleware test', () => {
+  let rTraceSpy;
+
+  before(() => {
+    stdMocks.use({ print: true });
+    rTraceSpy = {
+      EXPRESS: sinon.spy(rTrace, 'expressMiddleware'),
+      KOA: sinon.spy(rTrace, 'koaMiddleware'),
+    };
+  });
+
+  beforeEach(() => {
+    stdMocks.flush();
+  });
+
+  afterEach(() => {
+    stdMocks.restore();
+    delete process.env.LOGGING_FRAMEWORK_MIDDLEWARE;
+    delete process.env.LOGGING_TRACE_HEADER;
+  });
+
+  describe('Return correct middleware', () => {
+    it('should return correct middlware EXPRESS when it is use default values', () => {
+      const RTRACER_OPTIONS = {
+        useHeader: true,
+        headerName: DEFAULT_HEADER_NAME,
+        echoHeader: true,
+      };
+      const middleware = traceMiddleware();
+
+      assert.isFunction(middleware);
+      assert.isTrue(rTraceSpy.EXPRESS.calledWith(RTRACER_OPTIONS));
+      assert.equal(rTrace.expressMiddleware(RTRACER_OPTIONS).toString(), middleware.toString());
+    });
+
+    it('should return correct KOA middleware when environment is set to KOA', () => {
+      process.env.LOGGING_FRAMEWORK_MIDDLEWARE = 'KOA';
+      const RTRACER_OPTIONS = {
+        useHeader: true,
+        headerName: DEFAULT_HEADER_NAME,
+        echoHeader: true,
+      };
+      const middleware = traceMiddleware();
+
+      assert.isFunction(middleware);
+      assert.isTrue(rTraceSpy.KOA.calledWith(RTRACER_OPTIONS));
+      assert.equal(rTrace.koaMiddleware(RTRACER_OPTIONS).toString(), middleware.toString());
+    });
+
+    it('should return correct FASTIFY middleware when environment is set to FASTIFY', () => {
+      process.env.LOGGING_FRAMEWORK_MIDDLEWARE = 'FASTIFY';
+      const middleware = traceMiddleware();
+
+      assert.isFunction(middleware);
+      assert.equal(rTrace.fastifyPlugin.toString(), middleware.toString());
+    });
+
+    it('should return correct HAPI middleware when environment is set to HAPI', () => {
+      process.env.LOGGING_FRAMEWORK_MIDDLEWARE = 'HAPI';
+      const middleware = traceMiddleware();
+
+      assert.isNotNull(middleware);
+      assert.equal(rTrace.hapiPlugin, middleware);
+    });
+
+    it('should throw error "Invalid framework middleware value" when is set invalid value in LOGGING_FRAMEWORK_MIDDLEWARE environment variable', () => {
+      process.env.LOGGING_FRAMEWORK_MIDDLEWARE = 'INVALID_VALUE';
+      try {
+        traceMiddleware();
+      } catch (error) {
+        assert.equal(
+          error.message,
+          'Invalid framework middleware value. Please check environment variable "LOGGING_FRAMEWORK_MIDDLEWARE". Allowed values: [EXPRESS,FASTIFY,HAPI,KOA]',
+        );
+      }
+    });
+  });
+
+  describe('Use correct rTracer options', () => {
+    it('should use default header name when is not set LOGGING_TRACE_HEADER', () => {
+      process.env.LOGGING_FRAMEWORK_MIDDLEWARE = 'EXPRESS';
+      const RTRACER_OPTIONS = {
+        useHeader: true,
+        headerName: DEFAULT_HEADER_NAME,
+        echoHeader: true,
+      };
+      const middleware = traceMiddleware();
+
+      assert.isFunction(middleware);
+      assert.isTrue(rTraceSpy.EXPRESS.calledWith(RTRACER_OPTIONS));
+    });
+
+    it('should use correct header name when is set LOGGING_TRACE_HEADER', () => {
+      const headerName = 'newHeaderName';
+      process.env.LOGGING_FRAMEWORK_MIDDLEWARE = 'EXPRESS';
+      process.env.LOGGING_TRACE_HEADER = headerName;
+      const RTRACER_OPTIONS = {
+        useHeader: true,
+        headerName,
+        echoHeader: true,
+      };
+      const middleware = traceMiddleware();
+
+      assert.isFunction(middleware);
+      assert.isTrue(rTraceSpy.EXPRESS.calledWith(RTRACER_OPTIONS));
+      assert.equal(rTrace.expressMiddleware(RTRACER_OPTIONS).toString(), middleware.toString());
+    });
+  });
+});

package/.travis.yml

@@ -1,27 +0,0 @@
-language: node_js
-
-node_js:
-  - 12
-
-before_script:
-  - npm ci
-
-script:
-  - npm run lint
-  - npm test
-
-after_success:
-  - npm run test:coveralls
-
-deploy:
-  provider: npm
-  email: $NPM_EMAIL
-  api_key: $NPM_TOKEN
-  skip_cleanup: true
-  on:
-    tags: true
-
-notifications:
-  email:
-    recipients:
-    - apisupport@zenvia.com