securenow 6.0.2 → 6.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (87) hide show
  1. package/CONSUMING-APPS-GUIDE.md +455 -0
  2. package/NPM_README.md +2029 -0
  3. package/README.md +297 -40
  4. package/SKILL-API.md +634 -0
  5. package/SKILL-CLI.md +454 -0
  6. package/cidr.js +83 -0
  7. package/cli/apps.js +585 -0
  8. package/cli/auth.js +280 -0
  9. package/cli/client.js +115 -0
  10. package/cli/config.js +173 -0
  11. package/cli/diagnostics.js +387 -0
  12. package/cli/firewall.js +100 -0
  13. package/cli/fp.js +638 -0
  14. package/cli/init.js +201 -0
  15. package/cli/monitor.js +440 -0
  16. package/cli/run.js +148 -0
  17. package/cli/security.js +980 -0
  18. package/cli/ui.js +386 -0
  19. package/cli/utils.js +127 -0
  20. package/cli.js +466 -455
  21. package/console-instrumentation.js +147 -136
  22. package/docs/ALL-FRAMEWORKS-QUICKSTART.md +1377 -455
  23. package/docs/API-KEYS-GUIDE.md +233 -0
  24. package/docs/ARCHITECTURE.md +3 -3
  25. package/docs/AUTO-BODY-CAPTURE.md +1 -1
  26. package/docs/AUTO-SETUP-SUMMARY.md +331 -0
  27. package/docs/AUTO-SETUP.md +4 -4
  28. package/docs/AUTOMATIC-IP-CAPTURE.md +5 -5
  29. package/docs/BODY-CAPTURE-FIX.md +261 -0
  30. package/docs/BODY-CAPTURE-QUICKSTART.md +2 -2
  31. package/docs/CHANGELOG-NEXTJS.md +1 -35
  32. package/docs/COMPLETION-REPORT.md +408 -0
  33. package/docs/CUSTOMER-GUIDE.md +16 -16
  34. package/docs/EASIEST-SETUP.md +5 -5
  35. package/docs/ENVIRONMENT-VARIABLES.md +880 -652
  36. package/docs/EXPRESS-BODY-CAPTURE.md +13 -12
  37. package/docs/EXPRESS-SETUP-GUIDE.md +719 -720
  38. package/docs/FINAL-SOLUTION.md +335 -0
  39. package/docs/FIREWALL-GUIDE.md +426 -0
  40. package/docs/IMPLEMENTATION-SUMMARY.md +410 -0
  41. package/docs/INDEX.md +22 -4
  42. package/docs/LOGGING-GUIDE.md +701 -708
  43. package/docs/LOGGING-QUICKSTART.md +234 -255
  44. package/docs/NEXTJS-BODY-CAPTURE-COMPARISON.md +323 -0
  45. package/docs/NEXTJS-BODY-CAPTURE.md +2 -2
  46. package/docs/NEXTJS-GUIDE.md +14 -14
  47. package/docs/NEXTJS-QUICKSTART.md +1 -1
  48. package/docs/NEXTJS-SETUP-COMPLETE.md +795 -0
  49. package/docs/NEXTJS-WRAPPER-APPROACH.md +1 -1
  50. package/docs/NUXT-GUIDE.md +166 -0
  51. package/docs/QUICKSTART-BODY-CAPTURE.md +2 -2
  52. package/docs/REDACTION-EXAMPLES.md +1 -1
  53. package/docs/REQUEST-BODY-CAPTURE.md +19 -10
  54. package/docs/SOLUTION-SUMMARY.md +312 -0
  55. package/docs/VERCEL-OTEL-MIGRATION.md +3 -3
  56. package/examples/README.md +6 -6
  57. package/examples/instrumentation-with-auto-capture.ts +1 -1
  58. package/examples/nextjs-env-example.txt +2 -2
  59. package/examples/nextjs-instrumentation.js +1 -1
  60. package/examples/nextjs-instrumentation.ts +1 -1
  61. package/examples/nextjs-with-logging-example.md +6 -6
  62. package/examples/nextjs-with-options.ts +1 -1
  63. package/examples/test-nextjs-setup.js +1 -1
  64. package/firewall-cloud.js +212 -0
  65. package/firewall-iptables.js +139 -0
  66. package/firewall-only.js +38 -0
  67. package/firewall-tcp.js +74 -0
  68. package/firewall.js +720 -0
  69. package/free-trial-banner.js +174 -0
  70. package/nextjs-auto-capture.js +199 -207
  71. package/nextjs-middleware.js +186 -181
  72. package/nextjs-webpack-config.js +88 -53
  73. package/nextjs-wrapper.js +158 -158
  74. package/nextjs.d.ts +1 -1
  75. package/nextjs.js +639 -647
  76. package/nuxt-server-plugin.mjs +423 -0
  77. package/nuxt.d.ts +60 -0
  78. package/nuxt.mjs +75 -0
  79. package/package.json +186 -164
  80. package/postinstall.js +6 -6
  81. package/register.d.ts +1 -1
  82. package/register.js +39 -4
  83. package/resolve-ip.js +77 -0
  84. package/tracing.d.ts +2 -1
  85. package/tracing.js +295 -34
  86. package/web-vite.mjs +239 -156
  87. package/LICENSE +0 -15
package/console-instrumentation.js CHANGED
@@ -1,136 +1,147 @@
1
- 'use strict';
2
-
3
- /**
4
- * Console instrumentation helper for securenow
5
- *
6
- * This module wraps the default console methods (log, info, warn, error, debug)
7
- * to automatically send logs to OpenTelemetry/SigNoz.
8
- *
9
- * Usage:
10
- * 1. Enable logging: SECURENOW_LOGGING_ENABLED=1
11
- * 2. Import this file AFTER securenow is initialized
12
- * 3. Use console.log/info/warn/error as normal
13
- *
14
- * Example:
15
- * // At the top of your app.js or index.js
16
- * require('securenow/register'); // or use NODE_OPTIONS
17
- * require('securenow/console-instrumentation');
18
- *
19
- * // Now all console calls are captured
20
- * console.log('Application started');
21
- * console.error('An error occurred');
22
- */
23
-
24
- const tracing = require('./tracing');
25
-
26
- if (!tracing.isLoggingEnabled()) {
27
- console.warn('[securenow] Console instrumentation loaded but logging is not enabled. Set SECURENOW_LOGGING_ENABLED=1 to enable.');
28
- }
29
-
30
- // Get a logger instance
31
- const logger = tracing.getLogger('console', '1.0.0');
32
-
33
- if (!logger) {
34
- console.warn('[securenow] Console instrumentation: No logger available. Logging will not work.');
35
- module.exports = {};
36
- return;
37
- }
38
-
39
- // Store original console methods
40
- const originalConsole = {
41
- log: console.log,
42
- info: console.info,
43
- warn: console.warn,
44
- error: console.error,
45
- debug: console.debug,
46
- };
47
-
48
- // Map severity levels (OpenTelemetry standard)
49
- const SeverityNumber = {
50
- DEBUG: 5,
51
- INFO: 9,
52
- WARN: 13,
53
- ERROR: 17,
54
- };
55
-
56
- /**
57
- * Format arguments into a log message
58
- */
59
- function formatMessage(args) {
60
- return args
61
- .map((arg) => {
62
- if (typeof arg === 'object' && arg !== null) {
63
- try {
64
- return JSON.stringify(arg);
65
- } catch (e) {
66
- return String(arg);
67
- }
68
- }
69
- return String(arg);
70
- })
71
- .join(' ');
72
- }
73
-
74
- /**
75
- * Emit a log record
76
- */
77
- function emitLog(severityNumber, severityText, args) {
78
- const message = formatMessage(args);
79
-
80
- try {
81
- logger.emit({
82
- severityNumber,
83
- severityText,
84
- body: message,
85
- attributes: {
86
- 'log.source': 'console',
87
- 'log.method': severityText.toLowerCase(),
88
- },
89
- });
90
- } catch (e) {
91
- // Silently fail to avoid breaking the application
92
- }
93
- }
94
-
95
- // Override console.log
96
- console.log = function (...args) {
97
- emitLog(SeverityNumber.INFO, 'INFO', args);
98
- originalConsole.log.apply(console, args);
99
- };
100
-
101
- // Override console.info
102
- console.info = function (...args) {
103
- emitLog(SeverityNumber.INFO, 'INFO', args);
104
- originalConsole.info.apply(console, args);
105
- };
106
-
107
- // Override console.warn
108
- console.warn = function (...args) {
109
- emitLog(SeverityNumber.WARN, 'WARN', args);
110
- originalConsole.warn.apply(console, args);
111
- };
112
-
113
- // Override console.error
114
- console.error = function (...args) {
115
- emitLog(SeverityNumber.ERROR, 'ERROR', args);
116
- originalConsole.error.apply(console, args);
117
- };
118
-
119
- // Override console.debug
120
- console.debug = function (...args) {
121
- emitLog(SeverityNumber.DEBUG, 'DEBUG', args);
122
- originalConsole.debug.apply(console, args);
123
- };
124
-
125
- console.log('[securenow] Console instrumentation installed - all console logs will be sent to SigNoz');
126
-
127
- module.exports = {
128
- originalConsole,
129
- restoreConsole: () => {
130
- console.log = originalConsole.log;
131
- console.info = originalConsole.info;
132
- console.warn = originalConsole.warn;
133
- console.error = originalConsole.error;
134
- console.debug = originalConsole.debug;
135
- },
136
- };
1
+ 'use strict';
2
+
3
+ /**
4
+ * Console instrumentation helper for securenow
5
+ *
6
+ * This module wraps the default console methods (log, info, warn, error, debug)
7
+ * to automatically send logs to OpenTelemetry / any OTLP-compatible backend.
8
+ *
9
+ * Usage:
10
+ * 1. Enable logging: SECURENOW_LOGGING_ENABLED=1
11
+ * 2. Import this file AFTER securenow is initialized
12
+ * 3. Use console.log/info/warn/error as normal
13
+ *
14
+ * Example:
15
+ * // At the top of your app.js or index.js
16
+ * require('securenow/register'); // or use NODE_OPTIONS
17
+ * require('securenow/console-instrumentation');
18
+ *
19
+ * // Now all console calls are captured
20
+ * console.log('Application started');
21
+ * console.error('An error occurred');
22
+ */
23
+
24
+ const tracing = require('./tracing');
25
+
26
+ if (!tracing.isLoggingEnabled()) {
27
+ console.warn('[securenow] Console instrumentation loaded but logging is not enabled. Set SECURENOW_LOGGING_ENABLED=1 to enable.');
28
+ }
29
+
30
+ // Get a logger instance
31
+ const logger = tracing.getLogger('console', '1.0.0');
32
+
33
+ if (!logger) {
34
+ console.warn('[securenow] Console instrumentation: No logger available. Logging will not work.');
35
+ module.exports = {};
36
+ return;
37
+ }
38
+
39
+ if (console.__securenow_patched) {
40
+ console.warn('[securenow] Console already instrumented by tracing.js — skipping to avoid duplicate logs.');
41
+ module.exports = {};
42
+ return;
43
+ }
44
+
45
+ // Store original console methods
46
+ const originalConsole = {
47
+ log: console.log,
48
+ info: console.info,
49
+ warn: console.warn,
50
+ error: console.error,
51
+ debug: console.debug,
52
+ };
53
+
54
+ // Map severity levels (OpenTelemetry standard)
55
+ const SeverityNumber = {
56
+ DEBUG: 5,
57
+ INFO: 9,
58
+ WARN: 13,
59
+ ERROR: 17,
60
+ };
61
+
62
+ /**
63
+ * Format arguments into a log message
64
+ */
65
+ function formatMessage(args) {
66
+ return args
67
+ .map((arg) => {
68
+ if (typeof arg === 'object' && arg !== null) {
69
+ try {
70
+ return JSON.stringify(arg);
71
+ } catch (e) {
72
+ return String(arg);
73
+ }
74
+ }
75
+ return String(arg);
76
+ })
77
+ .join(' ');
78
+ }
79
+
80
+ const { context, trace } = require('@opentelemetry/api');
81
+
82
+ /**
83
+ * Emit a log record, correlating with the active trace/span when available
84
+ */
85
+ function emitLog(severityNumber, severityText, args) {
86
+ const message = formatMessage(args);
87
+
88
+ try {
89
+ const activeCtx = context.active();
90
+ const spanCtx = trace.getSpanContext(activeCtx);
91
+ logger.emit({
92
+ severityNumber,
93
+ severityText,
94
+ body: message,
95
+ attributes: {
96
+ 'log.source': 'console',
97
+ 'log.method': severityText.toLowerCase(),
98
+ },
99
+ ...(spanCtx && { context: activeCtx }),
100
+ });
101
+ } catch (e) {
102
+ // Silently fail to avoid breaking the application
103
+ }
104
+ }
105
+
106
+ // Override console.log
107
+ console.log = function (...args) {
108
+ emitLog(SeverityNumber.INFO, 'INFO', args);
109
+ originalConsole.log.apply(console, args);
110
+ };
111
+
112
+ // Override console.info
113
+ console.info = function (...args) {
114
+ emitLog(SeverityNumber.INFO, 'INFO', args);
115
+ originalConsole.info.apply(console, args);
116
+ };
117
+
118
+ // Override console.warn
119
+ console.warn = function (...args) {
120
+ emitLog(SeverityNumber.WARN, 'WARN', args);
121
+ originalConsole.warn.apply(console, args);
122
+ };
123
+
124
+ // Override console.error
125
+ console.error = function (...args) {
126
+ emitLog(SeverityNumber.ERROR, 'ERROR', args);
127
+ originalConsole.error.apply(console, args);
128
+ };
129
+
130
+ // Override console.debug
131
+ console.debug = function (...args) {
132
+ emitLog(SeverityNumber.DEBUG, 'DEBUG', args);
133
+ originalConsole.debug.apply(console, args);
134
+ };
135
+
136
+ console.log('[securenow] Console instrumentation installed - all console logs will be sent to any OTLP-compatible backend');
137
+
138
+ module.exports = {
139
+ originalConsole,
140
+ restoreConsole: () => {
141
+ console.log = originalConsole.log;
142
+ console.info = originalConsole.info;
143
+ console.warn = originalConsole.warn;
144
+ console.error = originalConsole.error;
145
+ console.debug = originalConsole.debug;
146
+ },
147
+ };