npm - observe-node - Versions diffs - 1.0.2 → 1.0.3 - Mend

observe-node 1.0.2 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/src/http/express.js +57 -64

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "observe-node",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "Structured logs + Prometheus metrics SDK for Node.js (Loki/Grafana ready)",
   "main": "src/index.js",
   "type": "commonjs",

package/src/http/express.js CHANGED Viewed

@@ -1,7 +1,11 @@
 // src/http/express.js
-const { runWithContext } = require("../utils/context");
-const { newId } = require("../utils/ids");
+function safeJsonSizeBytes(obj) {
+  try {
+    return Buffer.byteLength(JSON.stringify(obj), "utf8");
+  } catch {
+    return null;
+  }
+}
 function redact(obj, keys = ["password","token","authorization","jwt","otp","secret","accessToken","refreshToken"]) {
   if (!obj || typeof obj !== "object") return obj;
@@ -14,73 +18,62 @@ function redact(obj, keys = ["password","token","authorization","jwt","otp","sec
   return out;
 }
-function getRoutePath(req) {
-    // Prefer express route pattern if available (best for metrics + grouping)
-    if (req.route && req.route.path) {
-        const base = req.baseUrl || "";
-        return `${base}${req.route.path}`;
-    }
-    // Fallback: originalUrl without querystring
-    const raw = req.originalUrl || req.url || "";
-    return raw.split("?")[0] || raw;
+function pickResponseBody(body, maxBytes = 20_000) {
+  // limit response size (avoid huge payloads / images)
+  const redacted = redact(body);
+  const bytes = safeJsonSizeBytes(redacted);
+  if (bytes == null) return { truncated: true, bytes: null };
+  if (bytes > maxBytes) return { truncated: true, bytes };
+  return { body: redacted, truncated: false, bytes };
 }
-function expressMiddleware(observe) {
-    const config = observe.__config;
-    return function observeExpress(req, res, next) {
-        const requestId =
-            req.headers["x-request-id"] ||
-            req.headers["x-correlation-id"] ||
-            newId();
-        // expose id to downstream services
-        res.setHeader("x-request-id", String(requestId));
+function expressMiddleware(observe, opts = {}) {
+  const maxResponseBytes = Number(opts.maxResponseBytes || 20_000);
-        const start = process.hrtime.bigint();
+  return function (req, res, next) {
+    const start = Date.now();
-        runWithContext({ request_id: String(requestId) }, () => {
-            res.on("finish", () => {
-                const end = process.hrtime.bigint();
-                const durationMs = Number(end - start) / 1_000_000;
-                const status = res.statusCode;
-                const level = status >= 500 ? "error" : status >= 400 ? "warn" : "info";
-                const path = getRoutePath(req);
-                config.emitEvent({
-                    event_name: "http.request",
-                    level,
-                    message: `${req.method} ${path} -> ${status} (${Math.round(durationMs)}ms)`,
-                    http: {
-                        method: req.method,
-                        path,
-                        original_url: (req.originalUrl || req.url || "").split("?")[0],
-                        status,
-                        duration_ms: Math.round(durationMs),
-                        ip: req.ip,
-                        user_agent: req.headers["user-agent"],
-                    },
-                    request: {
-                        query: req.query,
-                        params: req.params,
-                        // ⚠️ body is optional (see below)
-                       body: redact(req.body),
-                    },
-                });
-                // metrics hook (if enabled)
-                if (typeof config._observeHttpMetric === "function") {
-                    config._observeHttpMetric(req.method, path, status, durationMs);
-                }
-            });
+    // ✅ capture response body
+    let capturedResponse;
+    const _json = res.json.bind(res);
+    res.json = (body) => {
+      capturedResponse = pickResponseBody(body, maxResponseBytes);
+      return _json(body);
+    };
-            next();
-        });
+    const _send = res.send.bind(res);
+    res.send = (body) => {
+      // if body is string/buffer, avoid logging full
+      capturedResponse = { truncated: true, bytes: Buffer.isBuffer(body) ? body.length : (typeof body === "string" ? Buffer.byteLength(body) : null) };
+      return _send(body);
     };
+    res.on("finish", () => {
+      const duration_ms = Date.now() - start;
+      observe.emit({
+        event_name: "http.response",
+        level: res.statusCode >= 500 ? "error" : res.statusCode >= 400 ? "warn" : "info",
+        message: `${req.method} ${req.originalUrl} -> ${res.statusCode} (${duration_ms}ms)`,
+        http: {
+          method: req.method,
+          path: (req.originalUrl || req.url || "").split("?")[0],
+          status: res.statusCode,
+          duration_ms,
+        },
+        request: {
+          query: req.query,
+          params: req.params,
+        },
+        response: {
+          status: res.statusCode,
+          ...capturedResponse, // { body?, truncated, bytes }
+        },
+      });
+    });
+    next();
+  };
 }
 module.exports = { expressMiddleware };