dbdock 1.1.3 → 1.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +120 -25
- package/dist/alerts/alert.service.d.ts +2 -0
- package/dist/alerts/alert.service.js +50 -0
- package/dist/alerts/alert.service.js.map +1 -1
- package/dist/backup/backup.service.js +7 -6
- package/dist/backup/backup.service.js.map +1 -1
- package/dist/cli/commands/init.js +124 -21
- package/dist/cli/commands/init.js.map +1 -1
- package/dist/cli/commands/migrate-config.d.ts +1 -0
- package/dist/cli/commands/migrate-config.js +164 -0
- package/dist/cli/commands/migrate-config.js.map +1 -0
- package/dist/cli/commands/restore.js +1 -1
- package/dist/cli/commands/restore.js.map +1 -1
- package/dist/cli/index.js +10 -1
- package/dist/cli/index.js.map +1 -1
- package/dist/config/config.module.js +1 -1
- package/dist/config/config.module.js.map +1 -1
- package/dist/config/config.schema.d.ts +6 -1
- package/dist/config/config.schema.js +31 -0
- package/dist/config/config.schema.js.map +1 -1
- package/dist/config/config.service.d.ts +2 -0
- package/dist/config/config.service.js +63 -5
- package/dist/config/config.service.js.map +1 -1
- package/dist/config/permissions.checker.d.ts +10 -0
- package/dist/config/permissions.checker.js +137 -0
- package/dist/config/permissions.checker.js.map +1 -0
- package/dist/config/pgpass.helper.d.ts +15 -0
- package/dist/config/pgpass.helper.js +184 -0
- package/dist/config/pgpass.helper.js.map +1 -0
- package/dist/config/secrets.validator.d.ts +17 -0
- package/dist/config/secrets.validator.js +208 -0
- package/dist/config/secrets.validator.js.map +1 -0
- package/dist/utils/logger.d.ts +6 -0
- package/dist/utils/logger.js +35 -0
- package/dist/utils/logger.js.map +1 -1
- package/package.json +2 -1
|
@@ -0,0 +1,208 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.ENV_VAR_MAPPING = exports.SENSITIVE_FIELDS = void 0;
|
|
37
|
+
exports.maskSecretValue = maskSecretValue;
|
|
38
|
+
exports.getNestedValue = getNestedValue;
|
|
39
|
+
exports.setNestedValue = setNestedValue;
|
|
40
|
+
exports.hasSecretsInConfig = hasSecretsInConfig;
|
|
41
|
+
exports.loadSecretsFromEnv = loadSecretsFromEnv;
|
|
42
|
+
exports.mergeSecretsIntoConfig = mergeSecretsIntoConfig;
|
|
43
|
+
exports.validateSecrets = validateSecrets;
|
|
44
|
+
exports.formatMigrationInstructions = formatMigrationInstructions;
|
|
45
|
+
const path = __importStar(require("path"));
|
|
46
|
+
const dotenv = __importStar(require("dotenv"));
|
|
47
|
+
dotenv.config({ path: path.join(process.cwd(), '.env') });
|
|
48
|
+
dotenv.config({ path: path.join(process.cwd(), '.env.local'), override: true });
|
|
49
|
+
exports.SENSITIVE_FIELDS = [
|
|
50
|
+
'postgres.password',
|
|
51
|
+
'storage.accessKeyId',
|
|
52
|
+
'storage.secretAccessKey',
|
|
53
|
+
'storage.cloudinaryApiKey',
|
|
54
|
+
'storage.cloudinaryApiSecret',
|
|
55
|
+
'encryption.secret',
|
|
56
|
+
'alerts.smtpUser',
|
|
57
|
+
'alerts.smtpPass',
|
|
58
|
+
'alerts.slackWebhook',
|
|
59
|
+
'alerts.customWebhook',
|
|
60
|
+
];
|
|
61
|
+
exports.ENV_VAR_MAPPING = {
|
|
62
|
+
'postgres.password': 'DBDOCK_DB_PASSWORD',
|
|
63
|
+
'storage.accessKeyId': 'DBDOCK_STORAGE_ACCESS_KEY',
|
|
64
|
+
'storage.secretAccessKey': 'DBDOCK_STORAGE_SECRET_KEY',
|
|
65
|
+
'storage.cloudinaryApiKey': 'DBDOCK_CLOUDINARY_API_KEY',
|
|
66
|
+
'storage.cloudinaryApiSecret': 'DBDOCK_CLOUDINARY_API_SECRET',
|
|
67
|
+
'encryption.secret': 'DBDOCK_ENCRYPTION_SECRET',
|
|
68
|
+
'alerts.smtpUser': 'DBDOCK_SMTP_USER',
|
|
69
|
+
'alerts.smtpPass': 'DBDOCK_SMTP_PASS',
|
|
70
|
+
'alerts.slackWebhook': 'DBDOCK_SLACK_WEBHOOK',
|
|
71
|
+
'alerts.customWebhook': 'DBDOCK_CUSTOM_WEBHOOK',
|
|
72
|
+
};
|
|
73
|
+
function maskSecretValue(value) {
|
|
74
|
+
if (!value)
|
|
75
|
+
return '********';
|
|
76
|
+
if (value.length <= 4)
|
|
77
|
+
return '****';
|
|
78
|
+
return value.slice(0, 2) + '****' + value.slice(-2);
|
|
79
|
+
}
|
|
80
|
+
function getNestedValue(obj, path) {
|
|
81
|
+
const keys = path.split('.');
|
|
82
|
+
let current = obj;
|
|
83
|
+
for (const key of keys) {
|
|
84
|
+
if (current === null || current === undefined || typeof current !== 'object') {
|
|
85
|
+
return undefined;
|
|
86
|
+
}
|
|
87
|
+
current = current[key];
|
|
88
|
+
}
|
|
89
|
+
return current;
|
|
90
|
+
}
|
|
91
|
+
function setNestedValue(obj, path, value) {
|
|
92
|
+
const keys = path.split('.');
|
|
93
|
+
let current = obj;
|
|
94
|
+
for (let i = 0; i < keys.length - 1; i++) {
|
|
95
|
+
const key = keys[i];
|
|
96
|
+
if (!(key in current) || typeof current[key] !== 'object') {
|
|
97
|
+
current[key] = {};
|
|
98
|
+
}
|
|
99
|
+
current = current[key];
|
|
100
|
+
}
|
|
101
|
+
current[keys[keys.length - 1]] = value;
|
|
102
|
+
}
|
|
103
|
+
function hasSecretsInConfig(config) {
|
|
104
|
+
const foundSecrets = [];
|
|
105
|
+
for (const field of exports.SENSITIVE_FIELDS) {
|
|
106
|
+
const value = getNestedValue(config, field);
|
|
107
|
+
if (value !== undefined && value !== null && value !== '') {
|
|
108
|
+
foundSecrets.push(field);
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
return foundSecrets;
|
|
112
|
+
}
|
|
113
|
+
function loadSecretsFromEnv() {
|
|
114
|
+
const secrets = {};
|
|
115
|
+
for (const [fieldPath, envVar] of Object.entries(exports.ENV_VAR_MAPPING)) {
|
|
116
|
+
const value = process.env[envVar];
|
|
117
|
+
if (value !== undefined && value !== '') {
|
|
118
|
+
secrets[fieldPath] = value;
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
return secrets;
|
|
122
|
+
}
|
|
123
|
+
function mergeSecretsIntoConfig(config, secrets) {
|
|
124
|
+
const merged = JSON.parse(JSON.stringify(config));
|
|
125
|
+
for (const [fieldPath, value] of Object.entries(secrets)) {
|
|
126
|
+
if (value !== undefined) {
|
|
127
|
+
setNestedValue(merged, fieldPath, value);
|
|
128
|
+
}
|
|
129
|
+
}
|
|
130
|
+
return merged;
|
|
131
|
+
}
|
|
132
|
+
function validateSecrets(config, requireEnvOnly = false) {
|
|
133
|
+
const result = {
|
|
134
|
+
valid: true,
|
|
135
|
+
missingSecrets: [],
|
|
136
|
+
warnings: [],
|
|
137
|
+
mode: requireEnvOnly ? 'strict' : 'legacy',
|
|
138
|
+
};
|
|
139
|
+
const secretsInConfig = hasSecretsInConfig(config);
|
|
140
|
+
const envSecrets = loadSecretsFromEnv();
|
|
141
|
+
if (requireEnvOnly && secretsInConfig.length > 0) {
|
|
142
|
+
result.valid = false;
|
|
143
|
+
result.warnings.push('Strict mode enabled: secrets must be provided via environment variables only.');
|
|
144
|
+
for (const field of secretsInConfig) {
|
|
145
|
+
const envVar = exports.ENV_VAR_MAPPING[field];
|
|
146
|
+
result.warnings.push(` - ${field} found in config, use ${envVar} instead`);
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
else if (secretsInConfig.length > 0) {
|
|
150
|
+
result.warnings.push('⚠️ Security Warning: Secrets detected in configuration file.');
|
|
151
|
+
result.warnings.push(' Consider moving them to environment variables for better security:');
|
|
152
|
+
for (const field of secretsInConfig) {
|
|
153
|
+
const envVar = exports.ENV_VAR_MAPPING[field];
|
|
154
|
+
result.warnings.push(` - ${field} → ${envVar}`);
|
|
155
|
+
}
|
|
156
|
+
result.warnings.push('');
|
|
157
|
+
result.warnings.push(' Run "npx dbdock migrate-config" to migrate automatically.');
|
|
158
|
+
}
|
|
159
|
+
const requiredSecrets = getRequiredSecrets(config);
|
|
160
|
+
for (const field of requiredSecrets) {
|
|
161
|
+
const configValue = getNestedValue(config, field);
|
|
162
|
+
const envValue = envSecrets[field];
|
|
163
|
+
if (!configValue && !envValue) {
|
|
164
|
+
result.valid = false;
|
|
165
|
+
const envVar = exports.ENV_VAR_MAPPING[field];
|
|
166
|
+
result.missingSecrets.push(`${field} (set via ${envVar})`);
|
|
167
|
+
}
|
|
168
|
+
}
|
|
169
|
+
return result;
|
|
170
|
+
}
|
|
171
|
+
function getRequiredSecrets(config) {
|
|
172
|
+
const required = [];
|
|
173
|
+
required.push('postgres.password');
|
|
174
|
+
const storageProvider = getNestedValue(config, 'storage.provider');
|
|
175
|
+
if (storageProvider === 's3' || storageProvider === 'r2') {
|
|
176
|
+
required.push('storage.accessKeyId');
|
|
177
|
+
required.push('storage.secretAccessKey');
|
|
178
|
+
}
|
|
179
|
+
else if (storageProvider === 'cloudinary') {
|
|
180
|
+
required.push('storage.cloudinaryApiKey');
|
|
181
|
+
required.push('storage.cloudinaryApiSecret');
|
|
182
|
+
}
|
|
183
|
+
const encryptionEnabled = getNestedValue(config, 'encryption.enabled');
|
|
184
|
+
if (encryptionEnabled) {
|
|
185
|
+
required.push('encryption.secret');
|
|
186
|
+
}
|
|
187
|
+
return required;
|
|
188
|
+
}
|
|
189
|
+
function formatMigrationInstructions(secretsInConfig) {
|
|
190
|
+
const lines = [
|
|
191
|
+
'',
|
|
192
|
+
'╔════════════════════════════════════════════════════════════════╗',
|
|
193
|
+
'║ SECURITY RECOMMENDATION ║',
|
|
194
|
+
'╠════════════════════════════════════════════════════════════════╣',
|
|
195
|
+
'║ Move these secrets from config file to environment variables: ║',
|
|
196
|
+
'╠════════════════════════════════════════════════════════════════╣',
|
|
197
|
+
];
|
|
198
|
+
for (const field of secretsInConfig) {
|
|
199
|
+
const envVar = exports.ENV_VAR_MAPPING[field];
|
|
200
|
+
lines.push(`║ ${field.padEnd(25)} → ${envVar.padEnd(30)} ║`);
|
|
201
|
+
}
|
|
202
|
+
lines.push('╠════════════════════════════════════════════════════════════════╣');
|
|
203
|
+
lines.push('║ Run: npx dbdock migrate-config ║');
|
|
204
|
+
lines.push('╚════════════════════════════════════════════════════════════════╝');
|
|
205
|
+
lines.push('');
|
|
206
|
+
return lines.join('\n');
|
|
207
|
+
}
|
|
208
|
+
//# sourceMappingURL=secrets.validator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secrets.validator.js","sourceRoot":"","sources":["../../src/config/secrets.validator.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmCA,0CAIC;AAED,wCAYC;AAED,wCAaC;AAED,gDAWC;AAED,gDAWC;AAED,wDAaC;AASD,0CAmDC;AAwBD,kEAqBC;AArND,2CAA6B;AAC7B,+CAAiC;AAEjC,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;AAC1D,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,YAAY,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;AAEnE,QAAA,gBAAgB,GAAG;IAC9B,mBAAmB;IACnB,qBAAqB;IACrB,yBAAyB;IACzB,0BAA0B;IAC1B,6BAA6B;IAC7B,mBAAmB;IACnB,iBAAiB;IACjB,iBAAiB;IACjB,qBAAqB;IACrB,sBAAsB;CACd,CAAC;AAEE,QAAA,eAAe,GAA2B;IACrD,mBAAmB,EAAE,oBAAoB;IACzC,qBAAqB,EAAE,2BAA2B;IAClD,yBAAyB,EAAE,2BAA2B;IACtD,0BAA0B,EAAE,2BAA2B;IACvD,6BAA6B,EAAE,8BAA8B;IAC7D,mBAAmB,EAAE,0BAA0B;IAC/C,iBAAiB,EAAE,kBAAkB;IACrC,iBAAiB,EAAE,kBAAkB;IACrC,qBAAqB,EAAE,sBAAsB;IAC7C,sBAAsB,EAAE,uBAAuB;CAChD,CAAC;AAIF,SAAgB,eAAe,CAAC,KAAyB;IACvD,IAAI,CAAC,KAAK;QAAE,OAAO,UAAU,CAAC;IAC9B,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC;QAAE,OAAO,MAAM,CAAC;IACrC,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;AACtD,CAAC;AAED,SAAgB,cAAc,CAAC,GAA4B,EAAE,IAAY;IACvE,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,OAAO,GAAY,GAAG,CAAC;IAE3B,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,KAAK,SAAS,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC7E,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,GAAI,OAAmC,CAAC,GAAG,CAAC,CAAC;IACtD,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAgB,cAAc,CAAC,GAA4B,EAAE,IAAY,EAAE,KAAc;IACvF,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,OAAO,GAAG,GAAG,CAAC;IAElB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,CAAC,GAAG,IAAI,OAAO,CAAC,IAAI,OAAO,OAAO,CAAC,GAAG,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC1D,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QACpB,CAAC;QACD,OAAO,GAAG,OAAO,CAAC,GAAG,CAA4B,CAAC;IACpD,CAAC;IAED,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;AACzC,CAAC;AAED,SAAgB,kBAAkB,CAAC,MAA+B;IAChE,MAAM,YAAY,GAAa,EAAE,CAAC;IAElC,KAAK,MAAM,KAAK,IAAI,wBAAgB,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAC5C,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,EAAE,EAAE,CAAC;YAC1D,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAgB,kBAAkB;IAChC,MAAM,OAAO,GAAuC,EAAE,CAAC;IAEvD,KAAK,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,uBAAe,CAAC,EAAE,CAAC;QAClE,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAClC,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,EAAE,EAAE,CAAC;YACxC,OAAO,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAgB,sBAAsB,CACpC,MAA+B,EAC/B,OAA2C;IAE3C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IAElD,KAAK,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACzD,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,cAAc,CAAC,MAAM,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AASD,SAAgB,eAAe,CAC7B,MAA+B,EAC/B,iBAA0B,KAAK;IAE/B,MAAM,MAAM,GAA4B;QACtC,KAAK,EAAE,IAAI;QACX,cAAc,EAAE,EAAE;QAClB,QAAQ,EAAE,EAAE;QACZ,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ;KAC3C,CAAC;IAEF,MAAM,eAAe,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,kBAAkB,EAAE,CAAC;IAExC,IAAI,cAAc,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjD,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC;QACrB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,+EAA+E,CAChF,CAAC;QACF,KAAK,MAAM,KAAK,IAAI,eAAe,EAAE,CAAC;YACpC,MAAM,MAAM,GAAG,uBAAe,CAAC,KAAK,CAAC,CAAC;YACtC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,KAAK,yBAAyB,MAAM,UAAU,CAAC,CAAC;QAC9E,CAAC;IACH,CAAC;SAAM,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,+DAA+D,CAChE,CAAC;QACF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,uEAAuE,CACxE,CAAC;QACF,KAAK,MAAM,KAAK,IAAI,eAAe,EAAE,CAAC;YACpC,MAAM,MAAM,GAAG,uBAAe,CAAC,KAAK,CAAC,CAAC;YACtC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,KAAK,MAAM,MAAM,EAAE,CAAC,CAAC;QACtD,CAAC;QACD,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACzB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,8DAA8D,CAAC,CAAC;IACvF,CAAC;IAED,MAAM,eAAe,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;IACnD,KAAK,MAAM,KAAK,IAAI,eAAe,EAAE,CAAC;QACpC,MAAM,WAAW,GAAG,cAAc,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAClD,MAAM,QAAQ,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;QAEnC,IAAI,CAAC,WAAW,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC9B,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC;YACrB,MAAM,MAAM,GAAG,uBAAe,CAAC,KAAK,CAAC,CAAC;YACtC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,KAAK,aAAa,MAAM,GAAG,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,kBAAkB,CAAC,MAA+B;IACzD,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,QAAQ,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAEnC,MAAM,eAAe,GAAG,cAAc,CAAC,MAAM,EAAE,kBAAkB,CAAW,CAAC;IAC7E,IAAI,eAAe,KAAK,IAAI,IAAI,eAAe,KAAK,IAAI,EAAE,CAAC;QACzD,QAAQ,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACrC,QAAQ,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IAC3C,CAAC;SAAM,IAAI,eAAe,KAAK,YAAY,EAAE,CAAC;QAC5C,QAAQ,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,iBAAiB,GAAG,cAAc,CAAC,MAAM,EAAE,oBAAoB,CAAY,CAAC;IAClF,IAAI,iBAAiB,EAAE,CAAC;QACtB,QAAQ,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACrC,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAgB,2BAA2B,CAAC,eAAyB;IACnE,MAAM,KAAK,GAAG;QACZ,EAAE;QACF,oEAAoE;QACpE,qEAAqE;QACrE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;KACrE,CAAC;IAEF,KAAK,MAAM,KAAK,IAAI,eAAe,EAAE,CAAC;QACpC,MAAM,MAAM,GAAG,uBAAe,CAAC,KAAK,CAAC,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;IAChE,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;IACjF,KAAK,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;IACjF,KAAK,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;IACjF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
|
package/dist/utils/logger.d.ts
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
import { Logger as NestLogger } from '@nestjs/common';
|
|
2
|
+
export declare function maskCredentials(message: string): string;
|
|
2
3
|
export declare class DBDockLogger extends NestLogger {
|
|
4
|
+
log(message: string, ...optionalParams: unknown[]): void;
|
|
5
|
+
error(message: string, ...optionalParams: unknown[]): void;
|
|
6
|
+
warn(message: string, ...optionalParams: unknown[]): void;
|
|
7
|
+
debug(message: string, ...optionalParams: unknown[]): void;
|
|
8
|
+
verbose(message: string, ...optionalParams: unknown[]): void;
|
|
3
9
|
logBackupStart(backupId: string, type: string): void;
|
|
4
10
|
logBackupComplete(backupId: string, duration: number, size: number): void;
|
|
5
11
|
logBackupError(backupId: string, error: Error): void;
|
package/dist/utils/logger.js
CHANGED
|
@@ -1,8 +1,43 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.DBDockLogger = void 0;
|
|
4
|
+
exports.maskCredentials = maskCredentials;
|
|
4
5
|
const common_1 = require("@nestjs/common");
|
|
6
|
+
const SENSITIVE_PATTERNS = [
|
|
7
|
+
{ pattern: /password['":\s]*['"]?([^'"}\s,]+)/gi, replacement: 'password: ********' },
|
|
8
|
+
{ pattern: /secret['":\s]*['"]?([^'"}\s,]+)/gi, replacement: 'secret: ********' },
|
|
9
|
+
{ pattern: /accesskey['":\s]*['"]?([^'"}\s,]+)/gi, replacement: 'accessKey: ********' },
|
|
10
|
+
{ pattern: /secretkey['":\s]*['"]?([^'"}\s,]+)/gi, replacement: 'secretKey: ********' },
|
|
11
|
+
{ pattern: /apikey['":\s]*['"]?([^'"}\s,]+)/gi, replacement: 'apiKey: ********' },
|
|
12
|
+
{ pattern: /apisecret['":\s]*['"]?([^'"}\s,]+)/gi, replacement: 'apiSecret: ********' },
|
|
13
|
+
{ pattern: /webhook['":\s]*['"]?(https?:\/\/[^'"}\s,]+)/gi, replacement: 'webhook: ********' },
|
|
14
|
+
{ pattern: /PGPASSWORD=([^\s]+)/gi, replacement: 'PGPASSWORD=********' },
|
|
15
|
+
{ pattern: /Bearer\s+([A-Za-z0-9\-._~+/]+=*)/gi, replacement: 'Bearer ********' },
|
|
16
|
+
{ pattern: /Basic\s+([A-Za-z0-9+/]+=*)/gi, replacement: 'Basic ********' },
|
|
17
|
+
];
|
|
18
|
+
function maskCredentials(message) {
|
|
19
|
+
let masked = message;
|
|
20
|
+
for (const { pattern, replacement } of SENSITIVE_PATTERNS) {
|
|
21
|
+
masked = masked.replace(pattern, replacement);
|
|
22
|
+
}
|
|
23
|
+
return masked;
|
|
24
|
+
}
|
|
5
25
|
class DBDockLogger extends common_1.Logger {
|
|
26
|
+
log(message, ...optionalParams) {
|
|
27
|
+
super.log(maskCredentials(message), ...optionalParams);
|
|
28
|
+
}
|
|
29
|
+
error(message, ...optionalParams) {
|
|
30
|
+
super.error(maskCredentials(message), ...optionalParams);
|
|
31
|
+
}
|
|
32
|
+
warn(message, ...optionalParams) {
|
|
33
|
+
super.warn(maskCredentials(message), ...optionalParams);
|
|
34
|
+
}
|
|
35
|
+
debug(message, ...optionalParams) {
|
|
36
|
+
super.debug(maskCredentials(message), ...optionalParams);
|
|
37
|
+
}
|
|
38
|
+
verbose(message, ...optionalParams) {
|
|
39
|
+
super.verbose(maskCredentials(message), ...optionalParams);
|
|
40
|
+
}
|
|
6
41
|
logBackupStart(backupId, type) {
|
|
7
42
|
this.log(`Backup started: ${backupId} (type: ${type})`);
|
|
8
43
|
}
|
package/dist/utils/logger.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logger.js","sourceRoot":"","sources":["../../src/utils/logger.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"logger.js","sourceRoot":"","sources":["../../src/utils/logger.ts"],"names":[],"mappings":";;;AAeA,0CAMC;AArBD,2CAAsD;AAEtD,MAAM,kBAAkB,GAAoD;IAC1E,EAAE,OAAO,EAAE,qCAAqC,EAAE,WAAW,EAAE,oBAAoB,EAAE;IACrF,EAAE,OAAO,EAAE,mCAAmC,EAAE,WAAW,EAAE,kBAAkB,EAAE;IACjF,EAAE,OAAO,EAAE,sCAAsC,EAAE,WAAW,EAAE,qBAAqB,EAAE;IACvF,EAAE,OAAO,EAAE,sCAAsC,EAAE,WAAW,EAAE,qBAAqB,EAAE;IACvF,EAAE,OAAO,EAAE,mCAAmC,EAAE,WAAW,EAAE,kBAAkB,EAAE;IACjF,EAAE,OAAO,EAAE,sCAAsC,EAAE,WAAW,EAAE,qBAAqB,EAAE;IACvF,EAAE,OAAO,EAAE,+CAA+C,EAAE,WAAW,EAAE,mBAAmB,EAAE;IAC9F,EAAE,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,qBAAqB,EAAE;IACxE,EAAE,OAAO,EAAE,oCAAoC,EAAE,WAAW,EAAE,iBAAiB,EAAE;IACjF,EAAE,OAAO,EAAE,8BAA8B,EAAE,WAAW,EAAE,gBAAgB,EAAE;CAC3E,CAAC;AAEF,SAAgB,eAAe,CAAC,OAAe;IAC7C,IAAI,MAAM,GAAG,OAAO,CAAC;IACrB,KAAK,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,kBAAkB,EAAE,CAAC;QAC1D,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAa,YAAa,SAAQ,eAAU;IAC1C,GAAG,CAAC,OAAe,EAAE,GAAG,cAAyB;QAC/C,KAAK,CAAC,GAAG,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,GAAG,cAAc,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,OAAe,EAAE,GAAG,cAAyB;QACjD,KAAK,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,GAAG,cAAc,CAAC,CAAC;IAC3D,CAAC;IAED,IAAI,CAAC,OAAe,EAAE,GAAG,cAAyB;QAChD,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,GAAG,cAAc,CAAC,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,OAAe,EAAE,GAAG,cAAyB;QACjD,KAAK,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,GAAG,cAAc,CAAC,CAAC;IAC3D,CAAC;IAED,OAAO,CAAC,OAAe,EAAE,GAAG,cAAyB;QACnD,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,GAAG,cAAc,CAAC,CAAC;IAC7D,CAAC;IACD,cAAc,CAAC,QAAgB,EAAE,IAAY;QAC3C,IAAI,CAAC,GAAG,CAAC,mBAAmB,QAAQ,WAAW,IAAI,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,iBAAiB,CAAC,QAAgB,EAAE,QAAgB,EAAE,IAAY;QAChE,IAAI,CAAC,GAAG,CACN,qBAAqB,QAAQ,eAAe,QAAQ,aAAa,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAC3F,CAAC;IACJ,CAAC;IAED,cAAc,CAAC,QAAgB,EAAE,KAAY;QAC3C,IAAI,CAAC,KAAK,CAAC,kBAAkB,QAAQ,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,eAAe,CAAC,QAAgB,EAAE,UAAmB;QACnD,MAAM,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,aAAa,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,IAAI,CAAC,GAAG,CAAC,oBAAoB,QAAQ,GAAG,QAAQ,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,kBAAkB,CAAC,QAAgB,EAAE,QAAgB;QACnD,IAAI,CAAC,GAAG,CAAC,sBAAsB,QAAQ,eAAe,QAAQ,KAAK,CAAC,CAAC;IACvE,CAAC;IAED,eAAe,CAAC,QAAgB,EAAE,KAAY;QAC5C,IAAI,CAAC,KAAK,CAAC,mBAAmB,QAAQ,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/D,CAAC;IAED,aAAa,CAAC,OAAe;QAC3B,IAAI,CAAC,GAAG,CAAC,iBAAiB,OAAO,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,kBAAkB,CAAC,OAAe,EAAE,KAAY;QAC9C,IAAI,CAAC,KAAK,CAAC,uBAAuB,OAAO,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAClE,CAAC;IAEO,WAAW,CAAC,KAAa;QAC/B,IAAI,KAAK,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QAE9B,MAAM,CAAC,GAAG,IAAI,CAAC;QACf,MAAM,KAAK,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAEpD,OAAO,GAAG,UAAU,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1E,CAAC;CACF;AAhED,oCAgEC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "dbdock",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.5",
|
|
4
4
|
"description": "Enterprise-grade PostgreSQL backup and restore in under 60 seconds. CLI-first tool with encryption, compression, and multi-cloud storage.",
|
|
5
5
|
"author": "Naheem Olaide <naheemolaide@gmail.com>",
|
|
6
6
|
"private": false,
|
|
@@ -90,6 +90,7 @@
|
|
|
90
90
|
"cli-progress": "^3.12.0",
|
|
91
91
|
"cloudinary": "^2.8.0",
|
|
92
92
|
"commander": "^14.0.2",
|
|
93
|
+
"dotenv": "^17.2.3",
|
|
93
94
|
"inquirer": "^9.3.8",
|
|
94
95
|
"node-fetch": "^3.3.2",
|
|
95
96
|
"nodemailer": "^7.0.10",
|