npm - ag-common - Versions diffs - 0.0.752 → 0.0.754 - Mend

ag-common 0.0.752 → 0.0.754

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/api/helpers/dynamo/get.js +3 -1
package/dist/api/helpers/dynamo/types.d.ts +3 -0
package/dist/api/types/index.d.ts +0 -22
package/dist/common/helpers/log.js +11 -1
package/dist/common/helpers/string/redact.js +39 -1
package/package.json +1 -1

package/dist/api/helpers/dynamo/get.js CHANGED Viewed

@@ -279,7 +279,9 @@ const executePartiQLQuery = (params) => __awaiter(void 0, void 0, void 0, functi
                 Limit: params.limit,
                 NextToken: nextToken,
             };
-            const result = yield (0, withRetry_1.withRetry)(() => _1.dynamoDb.send(new lib_dynamodb_1.ExecuteStatementCommand(executeParams)), 'batchQueryDynamo');
+            const result = yield (0, withRetry_1.withRetry)(() => _1.dynamoDb.send(new lib_dynamodb_1.ExecuteStatementCommand(executeParams)), 'batchQueryDynamo', {
+                maxRetries: params.maxRetries === undefined ? 3 : params.maxRetries,
+            });
             if (result.Items) {
                 allItems.push(...result.Items);
             }

package/dist/api/helpers/dynamo/types.d.ts CHANGED Viewed

@@ -37,6 +37,7 @@ export interface DynamoQueryParams {
     limit?: number;
     filter?: DynamoFilter;
     sortAscending?: boolean;
+    /** default 3, set to null to disable retries */
     maxRetries?: number | null;
 }
 export interface DynamoBatchQueryParams {
@@ -46,5 +47,7 @@ export interface DynamoBatchQueryParams {
     indexName?: string;
     limit?: number;
     filter?: DynamoFilter;
+    /** default 3, set to null to disable retries */
+    maxRetries?: number | null;
 }
 export declare const isError: <T>(result: DynamoDBResult<T>) => result is DynamoDBError;

package/dist/api/types/index.d.ts CHANGED Viewed

@@ -46,26 +46,4 @@ export interface ILambdaConfig {
 export type ILambdaConfigs = Partial<Record<string, ILambdaConfig & {
     default?: ILambdaConfig;
 }>>;
-export type TSkOperator = 'BETWEEN' | '<' | '<=' | '=' | '>=' | '>' | '<>' | 'BEGINS_WITH';
-export interface IQueryDynamo {
-    pkName: string;
-    pkValue: string | number;
-    /** default, = */
-    pkOperator?: string;
-    skName?: string;
-    skValue?: string | number | string[] | number[];
-    /** default, = */
-    skOperator?: TSkOperator;
-    tableName: string;
-    indexName?: string;
-    /** default 1000. if null will not apply */
-    limit?: number | null;
-    startKey?: Key;
-    filterName?: string;
-    filterValue?: string | number | boolean;
-    /** default, = */
-    filterOperator?: string;
-    /** default = true */
-    sortAscending?: boolean;
-}
 export type * from './aws';

package/dist/common/helpers/log.js CHANGED Viewed

@@ -36,7 +36,17 @@ function logprocess(type, args) {
     const log = [
         `[${datetime}]`,
         type,
-        ...args.filter(array_1.notEmpty).map((s) => (0, redact_1.redactObject)(s)),
+        ...args.filter(array_1.notEmpty).map((s) => {
+            // Handle Error instances specially to preserve their message
+            if (s instanceof Error) {
+                return (0, redact_1.redactObject)({
+                    message: s.message,
+                    name: s.name,
+                    stack: s.stack,
+                });
+            }
+            return (0, redact_1.redactObject)(s);
+        }),
     ];
     if (logShim) {
         logShim(...log);

package/dist/common/helpers/string/redact.js CHANGED Viewed

@@ -6,10 +6,48 @@ function redactString(str) {
     let ret = str;
     ret = ret || '';
     const repl = '$1<redacted>$2';
+    // OAuth and authentication tokens
     ret = ret.replace(/(\b)grant_type.+?(\b)/gm, repl);
     ret = ret.replace(/(\b)Bearer .+?(\b)/gm, repl);
-    //jwt (base64 with .s)
+    // JWT tokens (base64 with dots)
     ret = ret.replace(/(eyJ[\w-_.]*\.[\w-_.]*\.[\w-_.]*)/gim, '<redacted>');
+    // API Keys (various formats)
+    ret = ret.replace(/(\b)(sk_live_|sk_test_|pk_live_|pk_test_)[\w-]+/gi, '$1<redacted>'); // Stripe
+    ret = ret.replace(/(\b)(AKIA[0-9A-Z]{16})/gi, '$1<redacted>'); // AWS Access Key ID
+    ret = ret.replace(/(aws_secret_access_key["\s]*[:=]["\s]*)([0-9a-zA-Z/+]{40})/gi, '$1<redacted>'); // AWS Secret Access Key pattern
+    ret = ret.replace(/(\b)(AIza[0-9A-Za-z\\-_]{35})/gi, '$1<redacted>'); // Google API Key
+    ret = ret.replace(/(\b)(ya29\.[0-9A-Za-z\\-_]+)/gi, '$1<redacted>'); // Google OAuth Access Token
+    ret = ret.replace(/(\b)(glpat-[a-zA-Z0-9\\-_]{20})/gi, '$1<redacted>'); // GitLab Personal Access Token
+    ret = ret.replace(/(\b)(ghp_[a-zA-Z0-9]{36})/gi, '$1<redacted>'); // GitHub Personal Access Token
+    ret = ret.replace(/(\b)(github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59})/gi, '$1<redacted>'); // GitHub Fine-grained PAT
+    // Password patterns in key-value pairs
+    ret = ret.replace(/(password["\s]*[:=]["\s]*)([^",\s}]+)/gi, '$1<redacted>');
+    ret = ret.replace(/(passwd["\s]*[:=]["\s]*)([^",\s}]+)/gi, '$1<redacted>');
+    ret = ret.replace(/(pwd["\s]*[:=]["\s]*)([^",\s}]+)/gi, '$1<redacted>');
+    ret = ret.replace(/(secret["\s]*[:=]["\s]*)([^",\s}]+)/gi, '$1<redacted>');
+    ret = ret.replace(/(token["\s]*[:=]["\s]*)([^",\s}]+)/gi, '$1<redacted>');
+    ret = ret.replace(/(^|[^a-zA-Z])(api_?key|private_?key|secret_?key)["\s]*[:=]["\s]*([^",\s}]+)/gi, '$1$2<redacted>');
+    ret = ret.replace(/(auth["\s]*[:=]["\s]*)([^",\s}]+)/gi, '$1<redacted>');
+    // Database connection strings
+    ret = ret.replace(/(mongodb:\/\/[^:]+:)([^@]+)(@)/gi, '$1<redacted>$3');
+    ret = ret.replace(/(mysql:\/\/[^:]+:)([^@]+)(@)/gi, '$1<redacted>$3');
+    ret = ret.replace(/(postgresql:\/\/[^:]+:)([^@]+)(@)/gi, '$1<redacted>$3');
+    ret = ret.replace(/(redis:\/\/[^:]+:)([^@]+)(@)/gi, '$1<redacted>$3');
+    // Credit card numbers (basic pattern)
+    ret = ret.replace(/(\b)([3-6]\d{3}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{3,4})(\b)/g, '$1<redacted>$3');
+    // Social Security Numbers (US format)
+    ret = ret.replace(/(\b)(\d{3}[-\s]?\d{2}[-\s]?\d{4})(\b)/g, '$1<redacted>$3');
+    // Private keys
+    ret = ret.replace(/(-----BEGIN [A-Z\s]+PRIVATE KEY-----)([\s\S]*?)(-----END [A-Z\s]+PRIVATE KEY-----)/gi, '$1\n<redacted>\n$3');
+    // Session IDs and UUIDs in headers/cookies
+    ret = ret.replace(/(sessionid["\s]*[:=]["\s]*)([a-zA-Z0-9]{32,})/gi, '$1<redacted>');
+    ret = ret.replace(/(session["\s]*[:=]["\s]*)([a-zA-Z0-9]{32,})/gi, '$1<redacted>');
+    ret = ret.replace(/(csrftoken["\s]*[:=]["\s]*)([a-zA-Z0-9]{32,})/gi, '$1<redacted>');
+    // Common environment variable patterns
+    ret = ret.replace(/(DATABASE_URL["\s]*[:=]["\s]*)([^",\s}]+)/gi, '$1<redacted>');
+    ret = ret.replace(/(REDIS_URL["\s]*[:=]["\s]*)([^",\s}]+)/gi, '$1<redacted>');
+    ret = ret.replace(/(SMTP_PASSWORD["\s]*[:=]["\s]*)([^",\s}]+)/gi, '$1<redacted>');
+    ret = ret.replace(/(ENCRYPTION_KEY["\s]*[:=]["\s]*)([^",\s}]+)/gi, '$1<redacted>');
     return ret;
 }
 function redactObject(ob) {

package/package.json CHANGED Viewed

@@ -1,5 +1,5 @@
 {
-  "version": "0.0.752",
+  "version": "0.0.754",
   "name": "ag-common",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",