securenow 5.17.1 → 6.0.0

package/nextjs.js

@@ -5,39 +5,21 @@
  * 
  * Usage in Next.js app:
  * 
- * 1. Add serverExternalPackages to next.config.js (REQUIRED to avoid webpack bundling issues):
- * 
- *    const nextConfig = {
- *      serverExternalPackages: [
- *        "securenow",
- *        "@opentelemetry/sdk-node",
- *        "@opentelemetry/auto-instrumentations-node",
- *        "@opentelemetry/instrumentation-http",
- *        "@opentelemetry/exporter-trace-otlp-http",
- *        "@opentelemetry/exporter-logs-otlp-http",
- *        "@opentelemetry/sdk-logs",
- *        "@opentelemetry/instrumentation",
- *        "@opentelemetry/resources",
- *        "@opentelemetry/semantic-conventions",
- *        "@opentelemetry/api",
- *        "@opentelemetry/api-logs",
- *        "@vercel/otel",
- *      ],
- *    };
- * 
- * 2. Create instrumentation.ts (or .js) in your project root:
+ * 1. Create instrumentation.ts (or .js) in your project root:
  * 
  *    import { registerSecureNow } from 'securenow/nextjs';
  *    export function register() {
  *      registerSecureNow();
  *    }
  * 
- * 3. Set environment variables:
+ * 2. Set environment variables:
  *    SECURENOW_APPID=my-nextjs-app
- *    SECURENOW_INSTANCE=http://your-otlp-backend:4318
+ *    SECURENOW_INSTANCE=http://your-signoz-host:4318
+ * 
+ * That's it! 🎉 No webpack warnings!
  */
 
-const { randomUUID } = require('crypto');
+const { v4: uuidv4 } = require('uuid');
 
 const env = k => process.env[k] ?? process.env[k.toUpperCase()] ?? process.env[k.toLowerCase()];
 
@@ -68,9 +50,10 @@ function redactSensitiveData(obj, sensitiveFields = DEFAULT_SENSITIVE_FIELDS) {
   
   const redacted = Array.isArray(obj) ? [...obj] : { ...obj };
   
-  for (const key of Object.keys(redacted)) {
+  for (const key in redacted) {
     const lowerKey = key.toLowerCase();
     
+    // Check if field is sensitive
     if (sensitiveFields.some(field => lowerKey.includes(field.toLowerCase()))) {
       redacted[key] = '[REDACTED]';
     } else if (typeof redacted[key] === 'object' && redacted[key] !== null) {
@@ -82,10 +65,6 @@ function redactSensitiveData(obj, sensitiveFields = DEFAULT_SENSITIVE_FIELDS) {
   return redacted;
 }
 
-function escapeRegex(str) {
-  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
-}
-
 /**
  * Redact sensitive data from GraphQL query strings
  */
@@ -97,10 +76,10 @@ function redactGraphQLQuery(query, sensitiveFields = DEFAULT_SENSITIVE_FIELDS) {
   // Redact sensitive fields in GraphQL arguments and variables
   // Matches patterns like: password: "value" or password:"value" or password:'value'
   sensitiveFields.forEach(field => {
-    const escaped = escapeRegex(field);
+    // Match field: "value" or field: 'value' or field:"value" (with optional spaces)
     const patterns = [
-      new RegExp(`(${escaped}\\s*:\\s*["'])([^"']+)(["'])`, 'gi'),
-      new RegExp(`(${escaped}\\s*:\\s*)([^\\s,})\n]+)`, 'gi'),
+      new RegExp(`(${field}\\s*:\\s*["'])([^"']+)(["'])`, 'gi'),
+      new RegExp(`(${field}\\s*:\\s*)([^\\s,})\n]+)`, 'gi'),
     ];
     
     patterns.forEach(pattern => {
@@ -117,6 +96,115 @@ function redactGraphQLQuery(query, sensitiveFields = DEFAULT_SENSITIVE_FIELDS) {
   return redacted;
 }
 
+/**
+ * Parse and capture request body safely
+ */
+async function captureRequestBody(request, maxSize = 10240) {
+  try {
+    const contentType = request.headers['content-type'] || '';
+    let body = '';
+    
+    // Collect body chunks
+    const chunks = [];
+    let size = 0;
+    
+    return new Promise((resolve) => {
+      request.on('data', (chunk) => {
+        size += chunk.length;
+        if (size <= maxSize) {
+          chunks.push(chunk);
+        }
+      });
+      
+      request.on('end', () => {
+        if (size > maxSize) {
+          resolve({ 
+            captured: false, 
+            reason: `Body too large (${size} bytes > ${maxSize} bytes)`,
+            size 
+          });
+          return;
+        }
+        
+        body = Buffer.concat(chunks).toString('utf8');
+        
+        // Parse based on content type
+        if (contentType.includes('application/json')) {
+          try {
+            const parsed = JSON.parse(body);
+            resolve({ 
+              captured: true, 
+              type: 'json', 
+              body: parsed,
+              size 
+            });
+          } catch (e) {
+            resolve({ 
+              captured: true, 
+              type: 'json', 
+              body: body.substring(0, 1000),
+              parseError: true,
+              size 
+            });
+          }
+        } else if (contentType.includes('application/graphql')) {
+          // GraphQL queries need redaction too!
+          resolve({ 
+            captured: true, 
+            type: 'graphql', 
+            body: body,  // Will be redacted later
+            size 
+          });
+        } else if (contentType.includes('multipart/form-data')) {
+          // Multipart is NOT captured (files can be huge)
+          resolve({ 
+            captured: false, 
+            type: 'multipart', 
+            reason: 'Multipart data not captured (file uploads)',
+            size 
+          });
+        } else if (contentType.includes('application/x-www-form-urlencoded')) {
+          try {
+            const params = new URLSearchParams(body);
+            const parsed = Object.fromEntries(params);
+            resolve({ 
+              captured: true, 
+              type: 'form', 
+              body: parsed,
+              size 
+            });
+          } catch (e) {
+            resolve({ 
+              captured: true, 
+              type: 'form', 
+              body: body.substring(0, 1000),
+              size 
+            });
+          }
+        } else {
+          resolve({ 
+            captured: true, 
+            type: 'text', 
+            body: body.substring(0, 1000),
+            size 
+          });
+        }
+      });
+      
+      request.on('error', () => {
+        resolve({ captured: false, reason: 'Stream error' });
+      });
+      
+      // Timeout after 100ms
+      setTimeout(() => {
+        resolve({ captured: false, reason: 'Timeout' });
+      }, 100);
+    });
+  } catch (error) {
+    return { captured: false, reason: error.message };
+  }
+}
+
 /**
  * Register SecureNow OpenTelemetry for Next.js using @vercel/otel
  * @param {Object} options - Optional configuration
@@ -157,9 +245,9 @@ function registerSecureNow(options = {}) {
     // service.name
     let serviceName;
     if (baseName) {
-      serviceName = noUuid ? baseName : `${baseName}-${randomUUID()}`;
+      serviceName = noUuid ? baseName : `${baseName}-${uuidv4()}`;
     } else {
-      serviceName = `nextjs-app-${randomUUID()}`;
+      serviceName = `nextjs-app-${uuidv4()}`;
       console.warn('[securenow] ⚠️  No SECURENOW_APPID or OTEL_SERVICE_NAME provided. Using fallback: %s', serviceName);
       console.warn('[securenow] 💡 Set SECURENOW_APPID=your-app-name in .env.local for better tracking');
     }
@@ -173,11 +261,11 @@ function registerSecureNow(options = {}) {
     ).replace(/\/$/, '');
     
     const tracesUrl = env('OTEL_EXPORTER_OTLP_TRACES_ENDPOINT') || `${endpointBase}/v1/traces`;
-    const logsUrl = env('OTEL_EXPORTER_OTLP_LOGS_ENDPOINT') || `${endpointBase}/v1/logs`;
 
-    if (!process.env.OTEL_SERVICE_NAME) process.env.OTEL_SERVICE_NAME = serviceName;
-    if (!process.env.OTEL_EXPORTER_OTLP_ENDPOINT) process.env.OTEL_EXPORTER_OTLP_ENDPOINT = endpointBase;
-    if (!process.env.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT) process.env.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT = tracesUrl;
+    // Set environment variables for @vercel/otel to pick up
+    process.env.OTEL_SERVICE_NAME = serviceName;
+    process.env.OTEL_EXPORTER_OTLP_ENDPOINT = endpointBase;
+    process.env.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT = tracesUrl;
 
     console.log('[securenow] 🚀 Next.js App → service.name=%s', serviceName);
 
@@ -185,7 +273,7 @@ function registerSecureNow(options = {}) {
     const captureBody = String(env('SECURENOW_CAPTURE_BODY')) === '1' || 
                        String(env('SECURENOW_CAPTURE_BODY')).toLowerCase() === 'true' ||
                        options.captureBody === true;
-    const maxBodySize = Math.max(1024, parseInt(env('SECURENOW_MAX_BODY_SIZE'), 10) || 10240);
+    const maxBodySize = parseInt(env('SECURENOW_MAX_BODY_SIZE') || '10240'); // 10KB default
     const customSensitiveFields = (env('SECURENOW_SENSITIVE_FIELDS') || '').split(',').map(s => s.trim()).filter(Boolean);
     const allSensitiveFields = [...DEFAULT_SENSITIVE_FIELDS, ...customSensitiveFields];
 
@@ -219,19 +307,14 @@ function registerSecureNow(options = {}) {
           const clientIp = headers['x-client-ip'];
           const socketIp = request.socket?.remoteAddress;
           
-          const PRIVATE_RE = /^(127\.|::1$|::ffff:127\.|10\.|172\.(1[6-9]|2\d|3[01])\.|192\.168\.|f[cd][0-9a-f]{2}:)/;
-          const isProxied = socketIp && PRIVATE_RE.test(socketIp);
-          let primaryIp = socketIp || 'unknown';
-          if (isProxied) {
-            if (forwardedFor) {
-              const chain = forwardedFor.split(',').map(s => s.trim()).filter(Boolean);
-              for (let i = chain.length - 1; i >= 0; i--) {
-                if (!PRIVATE_RE.test(chain[i])) { primaryIp = chain[i]; break; }
-              }
-            } else {
-              primaryIp = realIp || cfConnectingIp || clientIp || primaryIp;
-            }
-          }
+          // Primary IP (first in chain is the real client)
+          const primaryIp = 
+            (forwardedFor ? forwardedFor.split(',')[0]?.trim() : null) ||
+            realIp ||
+            cfConnectingIp ||
+            clientIp ||
+            socketIp ||
+            'unknown';
           
           // ======== PROTOCOL & CONNECTION ========
           const scheme = headers['x-forwarded-proto'] || 
@@ -421,126 +504,9 @@ function registerSecureNow(options = {}) {
       
       sdk.start();
       console.log('[securenow] 🎯 Vanilla SDK initialized for self-hosted environment');
-
-      // -------- Logging (self-hosted only) --------
-      const loggingEnabled = String(env('SECURENOW_LOGGING_ENABLED')) === '1' || String(env('SECURENOW_LOGGING_ENABLED')).toLowerCase() === 'true';
-      if (loggingEnabled) {
-        try {
-          const { OTLPLogExporter } = require('@opentelemetry/exporter-logs-otlp-http');
-          const { LoggerProvider, BatchLogRecordProcessor } = require('@opentelemetry/sdk-logs');
-
-          const logExporter = new OTLPLogExporter({
-            url: logsUrl,
-            headers: parseHeaders(env('OTEL_EXPORTER_OTLP_HEADERS')),
-          });
-
-          const loggerProvider = new LoggerProvider({
-            resource: new Resource({
-              [SemanticResourceAttributes.SERVICE_NAME]: serviceName,
-              [SemanticResourceAttributes.DEPLOYMENT_ENVIRONMENT]: env('NODE_ENV') || 'production',
-            }),
-          });
-          loggerProvider.addLogRecordProcessor(new BatchLogRecordProcessor(logExporter));
-
-          // Patch console to forward logs as OTLP log records
-          const logger = loggerProvider.getLogger('console', '1.0.0');
-          const SeverityNumber = { INFO: 9, WARN: 13, ERROR: 17 };
-          const origLog = console.log;
-          const origWarn = console.warn;
-          const origError = console.error;
-
-          const { context: otelContext, trace: otelTrace } = require('@opentelemetry/api');
-          function _emitLog(sn, st, args) {
-            try {
-              const activeCtx = otelContext.active();
-              const spanCtx = otelTrace.getSpanContext(activeCtx);
-              logger.emit({
-                severityNumber: sn,
-                severityText: st,
-                body: args.map(String).join(' '),
-                ...(spanCtx && { context: activeCtx }),
-              });
-            } catch (_) {}
-          }
-          console.log = (...args) => {
-            origLog.apply(console, args);
-            _emitLog(SeverityNumber.INFO, 'INFO', args);
-          };
-          console.warn = (...args) => {
-            origWarn.apply(console, args);
-            _emitLog(SeverityNumber.WARN, 'WARN', args);
-          };
-          console.error = (...args) => {
-            origError.apply(console, args);
-            _emitLog(SeverityNumber.ERROR, 'ERROR', args);
-          };
-
-          console.log('[securenow] 📋 Logging: ENABLED → %s', logsUrl);
-
-          // Auto-log every incoming HTTP request/response
-          try {
-            const http = require('http');
-            const originalEmit = http.Server.prototype.emit;
-            http.Server.prototype.emit = function (event, req, res) {
-              if (event === 'request' && req && res) {
-                const start = Date.now();
-                const method = req.method;
-                const url = req.url;
-                res.on('finish', () => {
-                  const reqCtx = otelContext.active();
-                  const reqSpanCtx = otelTrace.getSpanContext(reqCtx);
-                  const duration = Date.now() - start;
-                  const status = res.statusCode;
-                  const ip = req.headers['x-forwarded-for'] || req.headers['x-real-ip'] || req.socket?.remoteAddress || '-';
-                  const ua = req.headers['user-agent'] || '-';
-                  const body = `${method} ${url} ${status} ${duration}ms ip=${ip} ua=${ua}`;
-                  const severity = status >= 500 ? SeverityNumber.ERROR : status >= 400 ? SeverityNumber.WARN : SeverityNumber.INFO;
-                  const severityText = status >= 500 ? 'ERROR' : status >= 400 ? 'WARN' : 'INFO';
-                  origLog.call(console, '[securenow] %s %s %d %dms', method, url, status, duration);
-                  try {
-                    logger.emit({
-                      severityNumber: severity,
-                      severityText,
-                      body,
-                      attributes: {
-                        'http.method': method,
-                        'http.url': url,
-                        'http.status_code': status,
-                        'http.duration_ms': duration,
-                        'http.client_ip': String(ip).split(',')[0].trim(),
-                        'http.user_agent': ua,
-                      },
-                      ...(reqSpanCtx && { context: reqCtx }),
-                    });
-                  } catch (_) {}
-                });
-              }
-              return originalEmit.apply(this, arguments);
-            };
-            console.log('[securenow] 📋 HTTP request logging: ENABLED');
-          } catch (_) {}
-
-          // Graceful shutdown for logs
-          process.on('SIGTERM', async () => { try { await loggerProvider.shutdown(); } catch (_) {} try { require('./firewall').shutdown(); } catch (_) {} });
-          process.on('SIGINT', async () => { try { await loggerProvider.shutdown(); } catch (_) {} try { require('./firewall').shutdown(); } catch (_) {} });
-        } catch (e) {
-          console.warn('[securenow] ⚠️  Logging setup failed (missing @opentelemetry/exporter-logs-otlp-http or @opentelemetry/sdk-logs):', e.message);
-        }
-      } else {
-        console.log('[securenow] 📋 Logging: DISABLED (set SECURENOW_LOGGING_ENABLED=1 to enable)');
-      }
     }
 
     isRegistered = true;
-
-    // Free trial banner (optional — may not be bundled in standalone builds)
-    try {
-      const { isFreeTrial, patchHttpForBanner } = require('./free-trial-banner');
-      if (isFreeTrial(endpointBase) && String(env('SECURENOW_HIDE_BANNER')) !== '1') {
-        patchHttpForBanner();
-      }
-    } catch (_) {}
-
     console.log('[securenow] ✅ OpenTelemetry started for Next.js → %s', tracesUrl);
     console.log('[securenow] 📊 Auto-capturing comprehensive request metadata:');
     console.log('[securenow]    • IP addresses (x-forwarded-for, x-real-ip, socket)');
@@ -572,27 +538,6 @@ function registerSecureNow(options = {}) {
       console.error('[securenow] Make sure OpenTelemetry dependencies are installed');
     }
   }
-
-  // Firewall — runs independently from OTel so it works even if tracing fails
-  const firewallApiKey = env('SECURENOW_API_KEY');
-  if (firewallApiKey && env('SECURENOW_FIREWALL_ENABLED') !== '0') {
-    try {
-      require('./firewall').init({
-        apiKey: firewallApiKey,
-        apiUrl: env('SECURENOW_API_URL') || 'https://api.securenow.ai',
-        versionCheckInterval: parseInt(env('SECURENOW_FIREWALL_VERSION_INTERVAL'), 10) || 10,
-        syncInterval: parseInt(env('SECURENOW_FIREWALL_SYNC_INTERVAL'), 10) || 300,
-        failMode: env('SECURENOW_FIREWALL_FAIL_MODE') || 'open',
-        statusCode: parseInt(env('SECURENOW_FIREWALL_STATUS_CODE'), 10) || 403,
-        log: env('SECURENOW_FIREWALL_LOG') !== '0',
-        tcp: env('SECURENOW_FIREWALL_TCP') === '1',
-        iptables: env('SECURENOW_FIREWALL_IPTABLES') === '1',
-        cloud: env('SECURENOW_FIREWALL_CLOUD') || null,
-      });
-    } catch (e) {
-      console.warn('[securenow] Firewall init failed:', e.message);
-    }
-  }
 }
 
 module.exports = {

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "securenow",
-  "version": "5.17.1",
-  "description": "OpenTelemetry instrumentation for Node.js, Next.js, and Nuxt - Send traces and logs to any OTLP-compatible backend",
+  "version": "6.0.0",
+  "description": "OpenTelemetry instrumentation for Node.js and Next.js - Send traces and logs to SigNoz or any OTLP backend",
   "type": "commonjs",
   "main": "register.js",
   "types": "register.d.ts",
@@ -11,6 +11,16 @@
   "scripts": {
     "postinstall": "node postinstall.js || exit 0"
   },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/securenow/securenow-npm.git"
+  },
+  "homepage": "https://securenow.ai",
+  "bugs": {
+    "url": "https://github.com/securenow/securenow-npm/issues",
+    "email": "support@securenow.ai"
+  },
+  "author": "SecureNow <support@securenow.ai> (https://securenow.ai)",
   "keywords": [
     "opentelemetry",
     "otel",
@@ -20,24 +30,16 @@
     "observability",
     "apm",
     "monitoring",
-    "cli",
     "nextjs",
     "next.js",
+    "signoz",
     "instrumentation",
     "telemetry",
     "distributed-tracing",
     "node",
     "express",
     "fastify",
-    "nestjs",
-    "nuxt",
-    "nuxt3",
-    "nitro",
-    "vue",
-    "firewall",
-    "ip-blocking",
-    "waf",
-    "security"
+    "nestjs"
   ],
   "exports": {
     ".": {
@@ -72,24 +74,6 @@
       "default": "./nextjs-wrapper.js"
     },
     "./nextjs-webpack-config": "./nextjs-webpack-config.js",
-    "./package.json": "./package.json",
-    "./nuxt": {
-      "types": "./nuxt.d.ts",
-      "import": "./nuxt.mjs",
-      "default": "./nuxt.mjs"
-    },
-    "./firewall": {
-      "default": "./firewall.js"
-    },
-    "./firewall-only": {
-      "default": "./firewall-only.js"
-    },
-    "./cidr": {
-      "default": "./cidr.js"
-    },
-    "./resolve-ip": {
-      "default": "./resolve-ip.js"
-    },
     "./register-vite": "./register-vite.js",
     "./web-vite": {
       "import": "./web-vite.mjs",
@@ -111,45 +95,52 @@
     "nextjs-wrapper.js",
     "nextjs-wrapper.d.ts",
     "nextjs-webpack-config.js",
-    "nuxt.mjs",
-    "nuxt.d.ts",
-    "nuxt-server-plugin.mjs",
     "cli.js",
-    "cli/",
-    "free-trial-banner.js",
-    "resolve-ip.js",
-    "cidr.js",
-    "firewall.js",
-    "firewall-only.js",
-    "firewall-tcp.js",
-    "firewall-iptables.js",
-    "firewall-cloud.js",
     "postinstall.js",
     "register-vite.js",
     "web-vite.mjs",
     "examples/",
-    "docs/",
+    "docs/ALL-FRAMEWORKS-QUICKSTART.md",
+    "docs/ARCHITECTURE.md",
+    "docs/AUTO-BODY-CAPTURE.md",
+    "docs/CHANGELOG-NEXTJS.md",
+    "docs/NEXTJS-WEBPACK-WARNINGS.md",
+    "docs/AUTO-SETUP.md",
+    "docs/AUTOMATIC-IP-CAPTURE.md",
+    "docs/BODY-CAPTURE-QUICKSTART.md",
+    "docs/CUSTOMER-GUIDE.md",
+    "docs/EASIEST-SETUP.md",
+    "docs/ENVIRONMENT-VARIABLES.md",
+    "docs/EXPRESS-BODY-CAPTURE.md",
+    "docs/EXPRESS-SETUP-GUIDE.md",
+    "docs/INDEX.md",
+    "docs/LOGGING-GUIDE.md",
+    "docs/LOGGING-QUICKSTART.md",
+    "docs/NEXTJS-BODY-CAPTURE.md",
+    "docs/NEXTJS-GUIDE.md",
+    "docs/NEXTJS-QUICKSTART.md",
+    "docs/NEXTJS-WRAPPER-APPROACH.md",
+    "docs/QUICKSTART-BODY-CAPTURE.md",
+    "docs/REDACTION-EXAMPLES.md",
+    "docs/REQUEST-BODY-CAPTURE.md",
+    "docs/VERCEL-OTEL-MIGRATION.md",
     "README.md",
-    "NPM_README.md",
-    "CONSUMING-APPS-GUIDE.md",
-    "SKILL-CLI.md",
-    "SKILL-API.md"
+    "LICENSE"
   ],
   "dependencies": {
     "@opentelemetry/api": "1.7.0",
-    "@opentelemetry/api-logs": "0.47.0",
+    "@opentelemetry/api-logs": "^0.47.0",
     "@opentelemetry/auto-instrumentations-node": "0.47.0",
-    "@opentelemetry/exporter-logs-otlp-http": "0.47.0",
+    "@opentelemetry/exporter-logs-otlp-http": "^0.47.0",
     "@opentelemetry/exporter-trace-otlp-http": "0.47.0",
     "@opentelemetry/instrumentation": "0.47.0",
     "@opentelemetry/instrumentation-document-load": "0.47.0",
     "@opentelemetry/instrumentation-fetch": "0.47.0",
-    "@opentelemetry/instrumentation-http": "0.47.0",
-    "@opentelemetry/instrumentation-mongodb": "0.46.0",
+    "@opentelemetry/instrumentation-http": "^0.208.0",
     "@opentelemetry/instrumentation-user-interaction": "0.47.0",
     "@opentelemetry/instrumentation-xml-http-request": "0.47.0",
     "@opentelemetry/resources": "1.20.0",
-    "@opentelemetry/sdk-logs": "0.47.0",
+    "@opentelemetry/sdk-logs": "^0.47.0",
     "@opentelemetry/sdk-node": "0.47.0",
     "@opentelemetry/sdk-trace-web": "1.20.0",
     "@opentelemetry/semantic-conventions": "1.20.0",
@@ -158,28 +149,15 @@
     "uuid": "^9.0.0"
   },
   "peerDependencies": {
-    "next": ">=13.0.0",
-    "nuxt": ">=3.0.0",
-    "@aws-sdk/client-wafv2": ">=3.0.0",
-    "@google-cloud/compute": ">=4.0.0"
+    "next": ">=13.0.0"
   },
   "peerDependenciesMeta": {
     "next": {
       "optional": true
-    },
-    "nuxt": {
-      "optional": true
-    },
-    "@aws-sdk/client-wafv2": {
-      "optional": true
-    },
-    "@google-cloud/compute": {
-      "optional": true
     }
   },
   "overrides": {
-    "@opentelemetry/api": "1.7.0",
-    "@opentelemetry/api-logs": "0.47.0"
+    "@opentelemetry/api": "1.7.0"
   },
   "sideEffects": true,
   "license": "ISC"

package/postinstall.js

@@ -53,7 +53,7 @@ export function register() {
  *   SECURENOW_APPID=my-nextjs-app
  * 
  * Optional:
- *   SECURENOW_INSTANCE=http://your-otlp-backend:4318
+ *   SECURENOW_INSTANCE=http://your-signoz-server:4318
  *   OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-key"
  *   OTEL_LOG_LEVEL=info
  */
@@ -77,7 +77,7 @@ export function register() {
  *   SECURENOW_APPID=my-nextjs-app
  * 
  * Optional:
- *   SECURENOW_INSTANCE=http://your-otlp-backend:4318
+ *   SECURENOW_INSTANCE=http://your-signoz-server:4318
  *   OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-key"
  *   OTEL_LOG_LEVEL=info
  *   
@@ -150,9 +150,9 @@ function createEnvTemplate(targetPath) {
 # Required: Your application identifier
 SECURENOW_APPID=my-nextjs-app
 
-# Optional: Your OTLP-compatible backend / collector endpoint
+# Optional: Your SigNoz/OpenTelemetry collector endpoint
 # Default: https://freetrial.securenow.ai:4318
-SECURENOW_INSTANCE=http://your-otlp-backend:4318
+SECURENOW_INSTANCE=http://your-signoz-server:4318
 
 # Optional: API key or authentication headers
 # OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-api-key-here"
@@ -270,14 +270,14 @@ async function setup() {
         console.log('│                                                 │');
         console.log('│  1. Edit .env.local and set:                   │');
         console.log('│     SECURENOW_APPID=your-app-name              │');
-        console.log('│     SECURENOW_INSTANCE=http://your-otlp-backend:4318 │');
+        console.log('│     SECURENOW_INSTANCE=http://signoz:4318      │');
         if (shouldCreateMiddleware) {
           console.log('│     SECURENOW_CAPTURE_BODY=1                   │');
         }
         console.log('│                                                 │');
         console.log('│  2. Run your app: npm run dev                  │');
         console.log('│                                                 │');
-        console.log('│  3. Check SecureNow for traces!                │');
+        console.log('│  3. Check SigNoz for traces!                   │');
         console.log('│                                                 │');
         if (shouldCreateMiddleware) {
           console.log('│  📝 Body capture enabled with auto-redaction   │');

package/register.d.ts

@@ -56,7 +56,7 @@ export {};
  *     node_args: '-r securenow/register',
  *     env: {
  *       SECURENOW_APPID: 'my-app',
- *       SECURENOW_INSTANCE: 'http://your-otlp-backend:4318',
+ *       SECURENOW_INSTANCE: 'http://signoz:4318',
  *       SECURENOW_CAPTURE_BODY: '1',
  *     }
  *   }]