securenow 7.6.6 → 7.6.8

package/examples/README.md

@@ -1,265 +0,0 @@
-# SecureNow Next.js Examples
-
-This folder contains example files to help you integrate SecureNow with your Next.js application.
-
----
-
-## 📁 Files
-
-### 1. `nextjs-instrumentation.ts`
-**TypeScript setup (recommended for TS projects)**
-
-Basic Next.js instrumentation setup using TypeScript.
-
-**Usage:**
-1. Copy this file to your project root as `instrumentation.ts`
-2. Set environment variables in `.env.local`
-3. Run your Next.js app
-
----
-
-### 2. `nextjs-instrumentation.js`
-**JavaScript setup (for JS projects)**
-
-Basic Next.js instrumentation setup using JavaScript.
-
-**Usage:**
-1. Copy this file to your project root as `instrumentation.js`
-2. Set environment variables in `.env.local`
-3. Run your Next.js app
-
----
-
-### 3. `nextjs-with-options.ts`
-**Advanced configuration with programmatic options**
-
-Shows how to pass configuration options directly to `registerSecureNow()` instead of using only environment variables.
-
-**Usage:**
-1. Copy to project root as `instrumentation.ts`
-2. Customize the options object
-3. Set sensitive values (API keys) via environment variables
-
-**Good for:**
-- Complex configurations
-- Multiple environments
-- Custom headers
-- Selective instrumentation
-
----
-
-### 4. `nextjs-env-example.txt`
-**Complete environment variables reference**
-
-Lists all available environment variables with explanations.
-
-**Usage:**
-1. Copy contents to your `.env.local` file
-2. Uncomment and set the variables you need
-3. Remove or comment out unused variables
-
----
-
-### 5. `test-nextjs-setup.js`
-**Test script to verify your setup**
-
-A standalone script to test SecureNow configuration before integrating with Next.js.
-
-**Usage:**
-```bash
-# Test with environment variables
-SECURENOW_APPID=test-app \
-SECURENOW_INSTANCE=http://localhost:4318 \
-node examples/test-nextjs-setup.js
-
-# Or set them in .env first
-node examples/test-nextjs-setup.js
-```
-
-**What it tests:**
-- ✅ Package installation
-- ✅ SDK registration
-- ✅ Span creation
-- ✅ Configuration loading
-- ✅ Export functionality
-
----
-
-## 🚀 Quick Start Guide
-
-### Step 1: Choose Your Setup
-
-**TypeScript project?** → Use `nextjs-instrumentation.ts`  
-**JavaScript project?** → Use `nextjs-instrumentation.js`  
-**Need advanced config?** → Use `nextjs-with-options.ts`
-
-### Step 2: Copy File
-
-```bash
-# From your project root
-cp node_modules/securenow/examples/nextjs-instrumentation.ts instrumentation.ts
-# or
-cp node_modules/securenow/examples/nextjs-instrumentation.js instrumentation.js
-```
-
-### Step 3: Configure Environment
-
-```bash
-# Copy environment variables template
-cp node_modules/securenow/examples/nextjs-env-example.txt .env.local
-# Edit .env.local with your values
-```
-
-### Step 4: Test (Optional)
-
-```bash
-# Verify setup works
-node node_modules/securenow/examples/test-nextjs-setup.js
-```
-
-### Step 5: Run Your App
-
-```bash
-npm run dev
-```
-
----
-
-## 📚 Documentation
-
-- **[Quick Start](../NEXTJS-QUICKSTART.md)** - 30-second setup
-- **[Complete Guide](../NEXTJS-GUIDE.md)** - Full documentation
-- **[Customer Guide](../CUSTOMER-GUIDE.md)** - User-friendly guide
-- **[Architecture](../ARCHITECTURE.md)** - Technical details
-
----
-
-## 💡 Tips
-
-### For Development
-```bash
-# Use simpler service names
-SECURENOW_NO_UUID=1
-SECURENOW_APPID=my-app-dev
-
-# Enable debug logging
-OTEL_LOG_LEVEL=debug
-```
-
-### For Production
-```bash
-# Use descriptive names with UUID
-SECURENOW_APPID=my-app-prod
-# UUID is auto-appended
-
-# Use info or warn level
-OTEL_LOG_LEVEL=info
-```
-
-### For Vercel
-```bash
-# Set in Vercel dashboard:
-SECURENOW_APPID=my-app
-SECURENOW_INSTANCE=http://your-collector-host:4318
-OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-key"
-```
-
----
-
-## 🆘 Troubleshooting
-
-### "Cannot find module 'securenow/nextjs'"
-
-Make sure you're on the latest version:
-```bash
-npm install securenow@latest
-```
-
-### Traces not appearing
-
-1. Check console for `[securenow] ✅ OpenTelemetry started`
-2. Enable debug mode: `OTEL_LOG_LEVEL=debug`
-3. Run test script: `node examples/test-nextjs-setup.js`
-4. Verify OTLP collector accessibility: `curl http://your-collector-host:4318/v1/traces`
-
-### Too many spans
-
-Disable noisy instrumentations:
-```bash
-SECURENOW_DISABLE_INSTRUMENTATIONS=fs,dns
-```
-
----
-
-## 📝 Customization
-
-### Disable Specific Instrumentations
-
-```typescript
-registerSecureNow({
-  disableInstrumentations: ['fs', 'dns', 'net'],
-});
-```
-
-### Add Custom Headers
-
-```typescript
-registerSecureNow({
-  headers: {
-    'x-api-key': process.env.SECURENOW_API_KEY,
-    'x-environment': process.env.NODE_ENV,
-  },
-});
-```
-
-### Use Different Service Name
-
-```typescript
-registerSecureNow({
-  serviceName: 'my-custom-app-name',
-  noUuid: false, // Still append UUID
-});
-```
-
----
-
-## 🎯 Next Steps
-
-After setting up:
-
-1. **Run your app** and verify traces appear
-2. **Test key user flows** to see end-to-end tracing
-3. **Check SecureNow dashboard** for service map and traces
-4. **Adjust configuration** based on your needs
-5. **Deploy to production** with proper environment variables
-
----
-
-## 🌟 Success Looks Like
-
-```bash
-$ npm run dev
-
-[securenow] Next.js integration loading (pid=12345)
-[securenow] 🚀 Next.js App → service.name=my-app-abc123
-[securenow] ✅ OpenTelemetry started for Next.js → http://your-collector-host:4318/v1/traces
-
-✓ Ready in 1.2s
-```
-
-Then in SecureNow:
-- ✅ See your service in service map
-- ✅ View traces for requests
-- ✅ Analyze performance metrics
-- ✅ Debug issues with distributed tracing
-
----
-
-**Happy tracing! 🎉**
-
-
-
-
-
-
-

package/examples/express-with-logging.js

@@ -1,137 +0,0 @@
-/**
- * Express.js Example with SecureNow Tracing and Logging
- * 
- * This example demonstrates:
- * - Automatic tracing of HTTP requests
- * - Automatic logging via console instrumentation
- * - Structured logging with context
- * 
- * Setup:
- * 1. npm install securenow express
- * 2. export SECURENOW_LOGGING_ENABLED=1
- * 3. export SECURENOW_APPID=express-demo
- * 4. export SECURENOW_INSTANCE=http://localhost:4318
- * 5. node examples/express-with-logging.js
- */
-
-// Initialize SecureNow (must be first!)
-require('securenow/register');
-require('securenow/console-instrumentation');
-
-const express = require('express');
-const app = express();
-
-app.use(express.json());
-
-// Logging middleware
-app.use((req, res, next) => {
-  console.info('Incoming request', {
-    method: req.method,
-    path: req.path,
-    query: req.query,
-    ip: req.ip,
-    userAgent: req.get('user-agent'),
-  });
-  next();
-});
-
-// Routes
-app.get('/', (req, res) => {
-  console.log('Home page accessed');
-  res.json({
-    message: 'Express with SecureNow Logging',
-    timestamp: new Date().toISOString(),
-  });
-});
-
-app.get('/users', (req, res) => {
-  console.log('Fetching users list');
-  
-  // Simulate user data
-  const users = [
-    { id: 1, name: 'John Doe' },
-    { id: 2, name: 'Jane Smith' },
-  ];
-  
-  console.info('Users fetched successfully', {
-    count: users.length,
-    requestId: req.get('x-request-id'),
-  });
-  
-  res.json(users);
-});
-
-app.post('/users', (req, res) => {
-  console.info('Creating new user', {
-    userData: req.body,
-  });
-  
-  try {
-    // Simulate validation
-    if (!req.body.name || !req.body.email) {
-      console.warn('User creation validation failed', {
-        body: req.body,
-        missing: !req.body.name ? 'name' : 'email',
-      });
-      return res.status(400).json({ error: 'Name and email required' });
-    }
-    
-    // Simulate user creation
-    const newUser = {
-      id: Math.floor(Math.random() * 1000),
-      ...req.body,
-      createdAt: new Date().toISOString(),
-    };
-    
-    console.log('User created successfully', {
-      userId: newUser.id,
-      email: newUser.email,
-    });
-    
-    res.status(201).json(newUser);
-  } catch (error) {
-    console.error('Failed to create user', {
-      error: error.message,
-      stack: error.stack,
-      body: req.body,
-    });
-    res.status(500).json({ error: 'Internal server error' });
-  }
-});
-
-app.get('/error', (req, res) => {
-  console.warn('Error endpoint accessed - will throw error');
-  throw new Error('Intentional error for testing');
-});
-
-// Error handler
-app.use((err, req, res, next) => {
-  console.error('Express error handler', {
-    error: err.message,
-    stack: err.stack,
-    path: req.path,
-    method: req.method,
-  });
-  
-  res.status(500).json({
-    error: 'Internal server error',
-    message: err.message,
-  });
-});
-
-// Start server
-const PORT = process.env.PORT || 3000;
-app.listen(PORT, () => {
-  console.log('Express server started', {
-    port: PORT,
-    nodeVersion: process.version,
-    env: process.env.NODE_ENV || 'development',
-  });
-  
-  console.info('Available endpoints:', {
-    home: `http://localhost:${PORT}/`,
-    users: `http://localhost:${PORT}/users`,
-    createUser: `POST http://localhost:${PORT}/users`,
-    error: `http://localhost:${PORT}/error`,
-  });
-});

package/examples/instrumentation-with-auto-capture.ts

@@ -1,41 +0,0 @@
-/**
- * Next.js Instrumentation with Automatic Body Capture
- * 
- * This is the EASIEST way to enable body capture - just one import line!
- * No code changes needed in your handlers.
- */
-
-import { registerSecureNow } from 'securenow/nextjs';
-import 'securenow/nextjs-auto-capture'; // ← Add this line for auto body capture!
-
-export function register() {
-  registerSecureNow();
-}
-
-/**
- * That's it! Now ALL your API routes automatically capture bodies:
- * 
- * app/api/login/route.ts:
- *   export async function POST(request: Request) {
- *     const body = await request.json(); // ← Auto-captured!
- *     return Response.json({ success: true });
- *   }
- * 
- * Benefits:
- * - ✅ Zero code changes in handlers
- * - ✅ No wrapping needed
- * - ✅ No middleware conflicts
- * - ✅ Automatic sensitive data redaction
- * - ✅ Works with NextAuth
- * 
- * Configuration in .env.local:
- *   SECURENOW_APPID=my-app
- *   SECURENOW_INSTANCE=http://localhost:4318
- *   SECURENOW_CAPTURE_BODY=1
- *   SECURENOW_MAX_BODY_SIZE=10240
- *   SECURENOW_SENSITIVE_FIELDS=custom_field
- */
-
-
-
-

package/examples/next.config.js

@@ -1,37 +0,0 @@
-/**
- * Example Next.js configuration for SecureNow
- * 
- * This configuration suppresses OpenTelemetry instrumentation warnings
- */
-
-const { getSecureNowWebpackConfig } = require('securenow/nextjs-webpack-config');
-
-/** @type {import('next').NextConfig} */
-const nextConfig = {
-  // Next.js 15+ doesn't need this
-  // For Next.js 14 and below, uncomment:
-  // experimental: {
-  //   instrumentationHook: true,
-  // },
-  
-  // Suppress OpenTelemetry bundling warnings
-  webpack: (config, options) => {
-    return getSecureNowWebpackConfig(config, options);
-  },
-  
-  // Optional: Tell Next.js not to bundle OpenTelemetry packages
-  serverExternalPackages: [
-    '@opentelemetry/sdk-node',
-    '@opentelemetry/auto-instrumentations-node',
-    '@opentelemetry/instrumentation',
-  ],
-};
-
-module.exports = nextConfig;
-
-
-
-
-
-
-

package/examples/nextjs-api-route-with-body-capture.ts

@@ -1,54 +0,0 @@
-/**
- * Example: Next.js API Route with Body Capture
- * 
- * This approach is SAFE and NON-INVASIVE:
- * - No middleware conflicts
- * - No blocking
- * - Runs inside your handler
- * - Optional per route
- */
-
-import { withSecureNow } from 'securenow/nextjs-wrapper';
-
-// Option 1: Wrap the entire handler (recommended)
-export const POST = withSecureNow(async (request: Request) => {
-  // Your normal handler code
-  const body = await request.json();
-  
-  // Do your logic
-  const result = await processLogin(body);
-  
-  return Response.json({ success: true, result });
-});
-
-// Option 2: Selective wrapping - only certain routes
-export const PUT = withSecureNow(async (request: Request) => {
-  const body = await request.json();
-  return Response.json({ updated: true });
-});
-
-// Option 3: Don't wrap - no body capture for this route
-export async function GET(request: Request) {
-  // This route won't capture bodies (but still traced!)
-  return Response.json({ data: 'hello' });
-}
-
-/**
- * Benefits of this approach:
- * 
- * ✅ No middleware conflicts (doesn't run before routing)
- * ✅ No blocking (captures in background)
- * ✅ Per-route control (wrap only what you need)
- * ✅ Works with NextAuth, other middleware
- * ✅ Never interferes with request flow
- * ✅ Automatic sensitive data redaction
- * 
- * Setup:
- * 1. Set SECURENOW_CAPTURE_BODY=1 in .env.local
- * 2. Wrap handlers with withSecureNow()
- * 3. Done! Bodies captured with redaction
- */
-
-
-
-

package/examples/nextjs-env-example.txt

@@ -1,32 +0,0 @@
-# SecureNow Configuration for Next.js
-#
-# ============================================================
-# For local dev you do NOT need this file.
-# Instead run:
-#   npx securenow login
-# That writes .securenow/credentials.json and the SDK reads it.
-# ============================================================
-#
-# This template is for CI / Docker / Vercel — places where you
-# can't run the interactive login. Env vars always take
-# precedence over .securenow/credentials.json.
-
-# App routing key (UUID). From: npx securenow apps
-SECURENOW_APPID=your-app-key-uuid
-
-# OTLP collector endpoint. Default is the Free Trial.
-SECURENOW_INSTANCE=https://freetrial.securenow.ai:4318
-
-# Optional — defaults are already sensible. Flip to 0 to disable.
-# SECURENOW_LOGGING_ENABLED=0      # forward console.* as OTLP logs
-# SECURENOW_CAPTURE_BODY=0         # capture POST/PUT/PATCH JSON + form bodies
-# SECURENOW_CAPTURE_MULTIPART=0    # capture multipart field / file metadata
-# SECURENOW_MAX_BODY_SIZE=10240    # bytes (default 10KB)
-
-# Optional — OTel tuning
-# OTEL_LOG_LEVEL=info
-# SECURENOW_DISABLE_INSTRUMENTATIONS=fs,dns
-# SECURENOW_NO_UUID=1              # use bare APPID as service.name (no UUID suffix)
-
-# Authentication (auto-set when SECURENOW_APPID is present)
-# OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-api-key-here"

package/examples/nextjs-instrumentation.js

@@ -1,36 +0,0 @@
-/**
- * Next.js Instrumentation with SecureNow (JavaScript version)
- * 
- * Place this file at the root of your Next.js project as: instrumentation.js
- * (or in the src/ folder if you're using it)
- * 
- * For Next.js 14 and below, also add to next.config.js:
- *   experimental: { instrumentationHook: true }
- */
-
-const { registerSecureNow } = require('securenow/nextjs');
-
-export function register() {
-  registerSecureNow();
-}
-
-/**
- * Configuration via Environment Variables (.env.local):
- * 
- * Required:
- *   SECURENOW_APPID=my-nextjs-app
- * 
- * Optional:
- *   SECURENOW_INSTANCE=http://your-otlp-collector:4318
- *   SECURENOW_NO_UUID=1                    # Don't append UUID to service name
- *   OTEL_LOG_LEVEL=info                    # debug|info|warn|error
- *   SECURENOW_DISABLE_INSTRUMENTATIONS=fs  # Comma-separated list
- *   SECURENOW_TEST_SPAN=1                  # Create test span on startup
- */
-
-
-
-
-
-
-

package/examples/nextjs-instrumentation.ts

@@ -1,36 +0,0 @@
-/**
- * Next.js Instrumentation with SecureNow
- * 
- * Place this file at the root of your Next.js project as: instrumentation.ts
- * (or in the src/ folder if you're using it)
- * 
- * For Next.js 14 and below, also add to next.config.js:
- *   experimental: { instrumentationHook: true }
- */
-
-import { registerSecureNow } from 'securenow/nextjs';
-
-export function register() {
-  registerSecureNow();
-}
-
-/**
- * Configuration via Environment Variables (.env.local):
- * 
- * Required:
- *   SECURENOW_APPID=my-nextjs-app
- * 
- * Optional:
- *   SECURENOW_INSTANCE=http://your-otlp-collector:4318
- *   SECURENOW_NO_UUID=1                    # Don't append UUID to service name
- *   OTEL_LOG_LEVEL=info                    # debug|info|warn|error
- *   SECURENOW_DISABLE_INSTRUMENTATIONS=fs  # Comma-separated list
- *   SECURENOW_TEST_SPAN=1                  # Create test span on startup
- */
-
-
-
-
-
-
-

package/examples/nextjs-middleware.js

@@ -1,37 +0,0 @@
-/**
- * Next.js Middleware with SecureNow Body Capture (JavaScript version)
- * 
- * Place this file as: middleware.js (in your project root or src/)
- * 
- * This single line enables automatic body capture for all API routes!
- */
-
-// Just export the middleware from securenow - that's it!
-export { middleware } from 'securenow/nextjs-middleware';
-
-// Optional: Configure which routes to apply to
-export const config = {
-  matcher: '/api/:path*',  // Apply to all API routes
-  
-  // Or be more specific:
-  // matcher: ['/api/login', '/api/register', '/api/graphql'],
-  
-  // Or apply to everything:
-  // matcher: '/((?!_next/static|_next/image|favicon.ico).*)',
-};
-
-/**
- * That's it! Request bodies are now automatically captured with:
- * - Sensitive fields redacted (passwords, tokens, cards, etc.)
- * - Size limits enforced
- * - All content types supported (JSON, GraphQL, Form)
- * - Zero impact on request processing
- * 
- * Configure via environment variables:
- *   SECURENOW_MAX_BODY_SIZE=20480
- *   SECURENOW_SENSITIVE_FIELDS=email,phone,address
- */
-
-
-
-