securenow 4.0.12 → 5.0.1

package/tracing.d.ts

@@ -1,89 +1,182 @@
-/**
- * SecureNow Tracing Module TypeScript Declarations
- * 
- * Core tracing functionality for Node.js applications.
- * This is typically loaded via register.js, not imported directly.
- */
-
-/**
- * Default sensitive fields that are automatically redacted from request bodies
- */
-export const DEFAULT_SENSITIVE_FIELDS: readonly string[];
-
-/**
- * Redact sensitive fields from an object (recursively)
- * 
- * @param obj - Object to redact (can be nested)
- * @param sensitiveFields - Array of field names to redact (case-insensitive substring match)
- * @returns Redacted copy of the object
- * 
- * @example
- * ```typescript
- * import { redactSensitiveData } from 'securenow/tracing';
- * 
- * const data = {
- *   email: 'user@example.com',
- *   password: 'secret123',
- *   nested: {
- *     api_key: 'sk_live_abc123'
- *   }
- * };
- * 
- * const redacted = redactSensitiveData(data);
- * // Result: {
- * //   email: 'user@example.com',
- * //   password: '[REDACTED]',
- * //   nested: { api_key: '[REDACTED]' }
- * // }
- * ```
- */
-export function redactSensitiveData<T = any>(
-  obj: T,
-  sensitiveFields?: string[]
-): T;
-
-/**
- * Redact sensitive data from GraphQL query strings
- * 
- * @param query - GraphQL query string
- * @param sensitiveFields - Array of field names to redact
- * @returns Redacted query string
- * 
- * @example
- * ```typescript
- * import { redactGraphQLQuery } from 'securenow/tracing';
- * 
- * const query = `
- *   mutation {
- *     login(email: "user@example.com", password: "secret123") {
- *       token
- *     }
- *   }
- * `;
- * 
- * const redacted = redactGraphQLQuery(query);
- * // Result: mutation { login(email: "user@example.com", password: "[REDACTED]") { token } }
- * ```
- */
-export function redactGraphQLQuery(
-  query: string,
-  sensitiveFields?: string[]
-): string;
-
-/**
- * Environment Variables (same as register.js):
- * 
- * Required:
- * - SECURENOW_APPID=your-app-name
- * - SECURENOW_INSTANCE=http://host:4318
- * 
- * Optional:
- * - SECURENOW_NO_UUID=1
- * - SECURENOW_STRICT=1
- * - SECURENOW_CAPTURE_BODY=1
- * - SECURENOW_MAX_BODY_SIZE=10240
- * - SECURENOW_SENSITIVE_FIELDS=field1,field2
- * - SECURENOW_DISABLE_INSTRUMENTATIONS=pkg1,pkg2
- * - OTEL_LOG_LEVEL=info|debug
- * - SECURENOW_TEST_SPAN=1
- */
+/**
+ * SecureNow Tracing Module TypeScript Declarations
+ * 
+ * Core tracing functionality for Node.js applications.
+ * This is typically loaded via register.js, not imported directly.
+ */
+
+/**
+ * Default sensitive fields that are automatically redacted from request bodies
+ */
+export const DEFAULT_SENSITIVE_FIELDS: readonly string[];
+
+/**
+ * Redact sensitive fields from an object (recursively)
+ * 
+ * @param obj - Object to redact (can be nested)
+ * @param sensitiveFields - Array of field names to redact (case-insensitive substring match)
+ * @returns Redacted copy of the object
+ * 
+ * @example
+ * ```typescript
+ * import { redactSensitiveData } from 'securenow/tracing';
+ * 
+ * const data = {
+ *   email: 'user@example.com',
+ *   password: 'secret123',
+ *   nested: {
+ *     api_key: 'sk_live_abc123'
+ *   }
+ * };
+ * 
+ * const redacted = redactSensitiveData(data);
+ * // Result: {
+ * //   email: 'user@example.com',
+ * //   password: '[REDACTED]',
+ * //   nested: { api_key: '[REDACTED]' }
+ * // }
+ * ```
+ */
+export function redactSensitiveData<T = any>(
+  obj: T,
+  sensitiveFields?: string[]
+): T;
+
+/**
+ * Redact sensitive data from GraphQL query strings
+ * 
+ * @param query - GraphQL query string
+ * @param sensitiveFields - Array of field names to redact
+ * @returns Redacted query string
+ * 
+ * @example
+ * ```typescript
+ * import { redactGraphQLQuery } from 'securenow/tracing';
+ * 
+ * const query = `
+ *   mutation {
+ *     login(email: "user@example.com", password: "secret123") {
+ *       token
+ *     }
+ *   }
+ * `;
+ * 
+ * const redacted = redactGraphQLQuery(query);
+ * // Result: mutation { login(email: "user@example.com", password: "[REDACTED]") { token } }
+ * ```
+ */
+export function redactGraphQLQuery(
+  query: string,
+  sensitiveFields?: string[]
+): string;
+
+/**
+ * OpenTelemetry Logger interface
+ */
+export interface Logger {
+  emit(logRecord: LogRecord): void;
+}
+
+/**
+ * OpenTelemetry LogRecord interface
+ */
+export interface LogRecord {
+  /**
+   * Severity number (OpenTelemetry standard)
+   * 5 = DEBUG, 9 = INFO, 13 = WARN, 17 = ERROR
+   */
+  severityNumber: number;
+  
+  /**
+   * Human-readable severity text
+   */
+  severityText: 'DEBUG' | 'INFO' | 'WARN' | 'ERROR' | string;
+  
+  /**
+   * Log message body
+   */
+  body: string;
+  
+  /**
+   * Structured attributes for filtering/searching
+   */
+  attributes?: Record<string, any>;
+}
+
+/**
+ * OpenTelemetry LoggerProvider interface
+ */
+export interface LoggerProvider {
+  getLogger(name: string, version?: string): Logger;
+  shutdown?(): Promise<void> | void;
+}
+
+/**
+ * Get a logger instance for sending structured logs to SigNoz
+ * 
+ * @param name - Logger name (e.g., 'my-service', 'auth-module')
+ * @param version - Logger version (optional, defaults to '1.0.0')
+ * @returns Logger instance or null if logging is not enabled
+ * 
+ * @example
+ * ```typescript
+ * import { getLogger } from 'securenow/tracing';
+ * 
+ * const logger = getLogger('my-service', '1.0.0');
+ * 
+ * if (logger) {
+ *   logger.emit({
+ *     severityNumber: 9,
+ *     severityText: 'INFO',
+ *     body: 'User logged in',
+ *     attributes: {
+ *       userId: 123,
+ *       username: 'john',
+ *     },
+ *   });
+ * }
+ * ```
+ */
+export function getLogger(name?: string, version?: string): Logger | null;
+
+/**
+ * Check if logging is enabled
+ * 
+ * @returns true if SECURENOW_LOGGING_ENABLED=1, false otherwise
+ * 
+ * @example
+ * ```typescript
+ * import { isLoggingEnabled } from 'securenow/tracing';
+ * 
+ * if (isLoggingEnabled()) {
+ *   console.log('Logging is enabled');
+ * }
+ * ```
+ */
+export function isLoggingEnabled(): boolean;
+
+/**
+ * The OpenTelemetry LoggerProvider instance (if logging is enabled)
+ * Use getLogger() instead of accessing this directly
+ */
+export const loggerProvider: LoggerProvider | null;
+
+/**
+ * Environment Variables (same as register.js):
+ * 
+ * Required:
+ * - SECURENOW_APPID=your-app-name
+ * - SECURENOW_INSTANCE=http://host:4318
+ * 
+ * Optional:
+ * - SECURENOW_LOGGING_ENABLED=1             # Enable logging (default: 1)
+ * - SECURENOW_NO_UUID=1
+ * - SECURENOW_STRICT=1
+ * - SECURENOW_CAPTURE_BODY=1
+ * - SECURENOW_MAX_BODY_SIZE=10240
+ * - SECURENOW_SENSITIVE_FIELDS=field1,field2
+ * - SECURENOW_DISABLE_INSTRUMENTATIONS=pkg1,pkg2
+ * - OTEL_LOG_LEVEL=info|debug
+ * - SECURENOW_TEST_SPAN=1
+ * - OTEL_EXPORTER_OTLP_LOGS_ENDPOINT=...    # Override logs endpoint
+ */

package/tracing.js

@@ -6,7 +6,7 @@
  * Env:
  *   SECURENOW_APPID=logical-name              # or OTEL_SERVICE_NAME=logical-name
  *   SECURENOW_NO_UUID=1                       # one service.name across all workers
- *   SECURENOW_INSTANCE=http://host:4318       # OTLP/HTTP base (default http://46.62.173.237:4318)
+ *   SECURENOW_INSTANCE=http://host:4318       # OTLP/HTTP base (default https://freetrial.securenow.ai:4318)
  *   OTEL_EXPORTER_OTLP_ENDPOINT=...           # alternative base
  *   OTEL_EXPORTER_OTLP_TRACES_ENDPOINT=...    # full traces URL
  *   OTEL_EXPORTER_OTLP_HEADERS="k=v,k2=v2"
@@ -21,6 +21,8 @@
 const { diag, DiagConsoleLogger, DiagLogLevel } = require('@opentelemetry/api');
 const { NodeSDK } = require('@opentelemetry/sdk-node');
 const { OTLPTraceExporter } = require('@opentelemetry/exporter-trace-otlp-http');
+const { OTLPLogExporter } = require('@opentelemetry/exporter-logs-otlp-http');
+const { LoggerProvider, BatchLogRecordProcessor } = require('@opentelemetry/sdk-logs');
 const { Resource } = require('@opentelemetry/resources');
 const { SemanticResourceAttributes } = require('@opentelemetry/semantic-conventions');
 const { getNodeAutoInstrumentations } = require('@opentelemetry/auto-instrumentations-node');
@@ -107,8 +109,9 @@ function redactGraphQLQuery(query, sensitiveFields = DEFAULT_SENSITIVE_FIELDS) {
 })();
 
 // -------- endpoints --------
-const endpointBase = (env('SECURENOW_INSTANCE') || env('OTEL_EXPORTER_OTLP_ENDPOINT') || 'http://46.62.173.237:4318').replace(/\/$/, '');
+const endpointBase = (env('SECURENOW_INSTANCE') || env('OTEL_EXPORTER_OTLP_ENDPOINT') || 'https://freetrial.securenow.ai:4318').replace(/\/$/, '');
 const tracesUrl = env('OTEL_EXPORTER_OTLP_TRACES_ENDPOINT') || `${endpointBase}/v1/traces`;
+const logsUrl = env('OTEL_EXPORTER_OTLP_LOGS_ENDPOINT') || `${endpointBase}/v1/logs`;
 const headers = parseHeaders(env('OTEL_EXPORTER_OTLP_HEADERS'));
 
 // -------- naming rules --------
@@ -241,6 +244,35 @@ const httpInstrumentation = new HttpInstrumentation({
   },
 });
 
+// -------- Logging Configuration --------
+const loggingEnabled = String(env('SECURENOW_LOGGING_ENABLED')) !== '0' && String(env('SECURENOW_LOGGING_ENABLED')).toLowerCase() !== 'false';
+
+// Create shared resource for both traces and logs
+const sharedResource = new Resource({
+  [SemanticResourceAttributes.SERVICE_NAME]: serviceName,
+  [SemanticResourceAttributes.SERVICE_INSTANCE_ID]: serviceInstanceId,
+  [SemanticResourceAttributes.DEPLOYMENT_ENVIRONMENT]: env('NODE_ENV') || 'production',
+  [SemanticResourceAttributes.SERVICE_VERSION]: process.env.npm_package_version || undefined,
+});
+
+// Initialize LoggerProvider if logging is enabled
+let loggerProvider = null;
+let globalLogger = null;
+
+if (loggingEnabled) {
+  const logExporter = new OTLPLogExporter({ 
+    url: logsUrl, 
+    headers 
+  });
+  
+  loggerProvider = new LoggerProvider({
+    resource: sharedResource,
+    processors: [new BatchLogRecordProcessor(logExporter)],
+  });
+  
+  globalLogger = loggerProvider.getLogger('securenow', '1.0.0');
+}
+
 // -------- SDK --------
 const traceExporter = new OTLPTraceExporter({ url: tracesUrl, headers });
 const sdk = new NodeSDK({
@@ -252,12 +284,7 @@ const sdk = new NodeSDK({
       '@opentelemetry/instrumentation-http': { enabled: false }, // We use our custom one above
     }),
   ],
-  resource: new Resource({
-    [SemanticResourceAttributes.SERVICE_NAME]: serviceName,
-    [SemanticResourceAttributes.SERVICE_INSTANCE_ID]: serviceInstanceId,
-    [SemanticResourceAttributes.DEPLOYMENT_ENVIRONMENT]: env('NODE_ENV') || 'production',
-    [SemanticResourceAttributes.SERVICE_VERSION]: process.env.npm_package_version || undefined,
-  }),
+  resource: sharedResource,
 });
 
 // -------- start / shutdown (sync/async safe) --------
@@ -265,6 +292,11 @@ const sdk = new NodeSDK({
   try {
     await Promise.resolve(sdk.start?.());
     console.log('[securenow] OTel SDK started → %s', tracesUrl);
+    if (loggingEnabled) {
+      console.log('[securenow] 📋 Logging: ENABLED → %s', logsUrl);
+    } else {
+      console.log('[securenow] 📋 Logging: DISABLED (set SECURENOW_LOGGING_ENABLED=1 to enable)');
+    }
     if (captureBody) {
       console.log('[securenow] 📝 Request body capture: ENABLED (max: %d bytes, redacting %d sensitive fields)', maxBodySize, allSensitiveFields.length);
     }
@@ -279,9 +311,28 @@ const sdk = new NodeSDK({
 })();
 
 async function safeShutdown(sig) {
-  try { await Promise.resolve(sdk.shutdown?.()); console.log(`[securenow] Tracing terminated on ${sig}`); }
-  catch (e) { console.error('[securenow] Tracing shutdown error:', e); }
+  try { 
+    await Promise.resolve(sdk.shutdown?.()); 
+    if (loggerProvider) {
+      await Promise.resolve(loggerProvider.shutdown?.());
+    }
+    console.log(`[securenow] Tracing and logging terminated on ${sig}`); 
+  }
+  catch (e) { console.error('[securenow] Shutdown error:', e); }
   finally { process.exit(0); }
 }
 process.on('SIGINT',  () => safeShutdown('SIGINT'));
 process.on('SIGTERM', () => safeShutdown('SIGTERM'));
+
+// -------- Export logger for consuming applications --------
+module.exports = {
+  loggerProvider,
+  getLogger: (name = 'default', version = '1.0.0') => {
+    if (!loggerProvider) {
+      console.warn('[securenow] Logging is not enabled. Set SECURENOW_LOGGING_ENABLED=1 to enable logging.');
+      return null;
+    }
+    return loggerProvider.getLogger(name, version);
+  },
+  isLoggingEnabled: () => loggingEnabled,
+};