securenow 5.10.0 → 5.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/nextjs-auto-capture.js +1 -1
  2. package/nextjs-middleware.js +2 -2
  3. package/nextjs-wrapper.js +1 -1
  4. package/package.json +1 -1
package/nextjs-auto-capture.js CHANGED
@@ -54,7 +54,7 @@ async function safeBodyCapture(request, span) {
54
54
 
55
55
  try {
56
56
  const contentType = request.headers.get('content-type') || '';
57
- const maxBodySize = parseInt(process.env.SECURENOW_MAX_BODY_SIZE || '10240');
57
+ const maxBodySize = Math.max(1024, parseInt(process.env.SECURENOW_MAX_BODY_SIZE, 10) || 10240);
58
58
  const customSensitiveFields = (process.env.SECURENOW_SENSITIVE_FIELDS || '').split(',').map(s => s.trim()).filter(Boolean);
59
59
  const allSensitiveFields = [...DEFAULT_SENSITIVE_FIELDS, ...customSensitiveFields];
60
60
 
package/nextjs-middleware.js CHANGED
@@ -99,7 +99,7 @@ async function middleware(request) {
99
99
 
100
100
  try {
101
101
  const contentType = request.headers.get('content-type') || '';
102
- const maxBodySize = parseInt(process.env.SECURENOW_MAX_BODY_SIZE || '10240');
102
+ const maxBodySize = Math.max(1024, parseInt(process.env.SECURENOW_MAX_BODY_SIZE, 10) || 10240);
103
103
  const customSensitiveFields = (process.env.SECURENOW_SENSITIVE_FIELDS || '').split(',').map(s => s.trim()).filter(Boolean);
104
104
  const allSensitiveFields = [...DEFAULT_SENSITIVE_FIELDS, ...customSensitiveFields];
105
105
 
@@ -124,7 +124,7 @@ async function middleware(request) {
124
124
  const redacted = redactSensitiveData(parsed, allSensitiveFields);
125
125
  redactedBody = JSON.stringify(redacted);
126
126
  } catch (e) {
127
- redactedBody = bodyText; // Keep as-is if parse fails
127
+ redactedBody = '[UNPARSEABLE - REDACTED FOR SAFETY]';
128
128
  }
129
129
  }
130
130
 
package/nextjs-wrapper.js CHANGED
@@ -60,7 +60,7 @@ async function captureRequestBody(request) {
60
60
 
61
61
  try {
62
62
  const contentType = request.headers.get('content-type') || '';
63
- const maxBodySize = parseInt(process.env.SECURENOW_MAX_BODY_SIZE || '10240');
63
+ const maxBodySize = Math.max(1024, parseInt(process.env.SECURENOW_MAX_BODY_SIZE, 10) || 10240);
64
64
  const customSensitiveFields = (process.env.SECURENOW_SENSITIVE_FIELDS || '').split(',').map(s => s.trim()).filter(Boolean);
65
65
  const allSensitiveFields = [...DEFAULT_SENSITIVE_FIELDS, ...customSensitiveFields];
66
66
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "securenow",
3
- "version": "5.10.0",
3
+ "version": "5.10.1",
4
4
  "description": "OpenTelemetry instrumentation for Node.js, Next.js, and Nuxt - Send traces and logs to any OTLP-compatible backend",
5
5
  "type": "commonjs",
6
6
  "main": "register.js",