syntropylog 0.9.11 → 0.9.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +36 -5
- package/CONTRIBUTING.md +10 -0
- package/README.md +3 -1
- package/dist/config/loadLoggerConfig.js +9 -2
- package/dist/config/loadLoggerConfig.js.map +1 -1
- package/dist/core/LifecycleManager.js +2 -0
- package/dist/core/LifecycleManager.js.map +1 -1
- package/dist/index.cjs +55 -9
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts +15 -1
- package/dist/index.mjs +55 -9
- package/dist/index.mjs.map +1 -1
- package/dist/masking/MaskingEngine.js +44 -9
- package/dist/masking/MaskingEngine.js.map +1 -1
- package/dist/redis/RedisConnectionManager.js +7 -0
- package/dist/redis/RedisConnectionManager.js.map +1 -1
- package/dist/redis/RedisManager.js +2 -0
- package/dist/redis/RedisManager.js.map +1 -1
- package/dist/testing/index.d.ts +15 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config/loadLoggerConfig.d.ts +5 -0
- package/dist/types/masking/MaskingEngine.d.ts +15 -1
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,41 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.9.13
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- a1498cb: - **MaskingEngine**: On masking failure (timeout/error), return a safe fallback payload with `_maskingFailed` and allowed keys only (`level`, `timestamp`, `message`, `service`) instead of raw metadata to avoid leaking sensitive data.
|
|
8
|
+
- **RedisConnectionManager**: Call `removeAllListeners()` when client was never open in `disconnect()` to avoid listener leaks.
|
|
9
|
+
- **RedisManager**: Clear `instances` and `defaultInstance` in `shutdown()` after closing connections.
|
|
10
|
+
- eca5f56: **Fix: ~3–6s delay per log call (logger.info/warn/error)**
|
|
11
|
+
- **Cause**: `MaskingEngine` used the `regex-test` package for every key×rule check. That package runs each test in a child-process worker with a single queue, so many sequential IPC round-trips added up to several seconds per log.
|
|
12
|
+
- **Change**: Built-in default rules (password, email, token, credit_card, SSN, phone) now use synchronous `RegExp.test()` in-process; they use safe, known patterns with no ReDoS risk. Custom rules added via `masking.rules` still use `regex-test` with timeout for safety.
|
|
13
|
+
- **Result**: Log calls complete in milliseconds again. README documents the behavior under "Data Masking → Performance".
|
|
14
|
+
|
|
15
|
+
All notable changes to this project will be documented in this file.
|
|
16
|
+
|
|
17
|
+
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
18
|
+
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
19
|
+
|
|
20
|
+
## [Unreleased]
|
|
21
|
+
|
|
22
|
+
_Nothing at the moment._
|
|
23
|
+
|
|
24
|
+
## [0.9.12] - 2026-03-07
|
|
25
|
+
|
|
26
|
+
### Security
|
|
27
|
+
|
|
28
|
+
- **loadLoggerConfig**: Use js-yaml's `JSON_SCHEMA` when parsing YAML files to avoid prototype pollution and dangerous types. Use only with configuration files under deployment team control.
|
|
29
|
+
|
|
30
|
+
### Fixed
|
|
31
|
+
|
|
32
|
+
- **LifecycleManager**: `MaskingEngine.shutdown()` is now invoked during framework shutdown so the regex-test worker is cleaned up and process leaks are avoided. Defensive optional chaining used when the manager is not in READY state.
|
|
33
|
+
- **RedisConnectionManager**: Call `removeAllListeners()` on the Redis client before `quit()` in `disconnect()` for clean teardown and to avoid retaining listener references.
|
|
34
|
+
|
|
35
|
+
### Documentation
|
|
36
|
+
|
|
37
|
+
- **Audit reports**: Added `INFORME_TECH_LEAD_AUDITORIA_LIBRERIA.md` with full audit for enterprise adoption (security, memory, performance, dependencies). Complements existing `INFORME_AUDITORIA_SEGURIDAD_RENDIMIENTO.md`.
|
|
38
|
+
|
|
3
39
|
## 0.9.11
|
|
4
40
|
|
|
5
41
|
### Patch Changes
|
|
@@ -42,11 +78,6 @@
|
|
|
42
78
|
- Security: Removed example IPs and URLs (e.g. 192.168.1.1, example.com) from source code, tests, and documentation to resolve Socket.dev supply chain security warnings.
|
|
43
79
|
Docs: Updated test coverage badge to 92.48%.
|
|
44
80
|
|
|
45
|
-
All notable changes to this project will be documented in this file.
|
|
46
|
-
|
|
47
|
-
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
48
|
-
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
49
|
-
|
|
50
81
|
## [0.9.5] - 2026-03-07
|
|
51
82
|
|
|
52
83
|
### 🔧 Maintenance
|
package/CONTRIBUTING.md
CHANGED
|
@@ -86,6 +86,16 @@ We welcome code contributions! To contribute code, please follow these steps:
|
|
|
86
86
|
- Keep API documentation current
|
|
87
87
|
- Include usage examples
|
|
88
88
|
|
|
89
|
+
## Release process (maintainers)
|
|
90
|
+
|
|
91
|
+
Releases use [Changesets](https://github.com/changesets/changesets) and GitHub Actions:
|
|
92
|
+
|
|
93
|
+
1. **Add a changeset** when changing the library: `pnpm changeset` (choose version type and describe the change).
|
|
94
|
+
2. **Push to `main`** (or merge a PR that includes the changeset). The Release workflow runs and:
|
|
95
|
+
- Creates a **"Version Packages"** PR with the version bump (e.g. 0.9.12 → 0.9.13) and CHANGELOG updates.
|
|
96
|
+
- **Publishes to npm** from that same run (so npm may already have the new version).
|
|
97
|
+
3. **Merge the "Version Packages" PR** into `main`. This step is required so that `main` has the same `package.json` version and CHANGELOG as what was published to npm. If you skip it, `main` will stay on the old version while npm has the new one.
|
|
98
|
+
|
|
89
99
|
## Getting Help
|
|
90
100
|
|
|
91
101
|
If you need help with your contribution, please:
|
package/README.md
CHANGED
|
@@ -17,7 +17,7 @@
|
|
|
17
17
|
<a href="https://github.com/Syntropysoft/SyntropyLog/blob/main/LICENSE"><img src="https://img.shields.io/npm/l/syntropylog.svg" alt="License"></a>
|
|
18
18
|
<a href="https://github.com/Syntropysoft/SyntropyLog/actions/workflows/ci.yaml"><img src="https://github.com/Syntropysoft/SyntropyLog/actions/workflows/ci.yaml/badge.svg" alt="CI Status"></a>
|
|
19
19
|
<a href="#"><img src="https://img.shields.io/badge/coverage-92.47%25-brightgreen" alt="Test Coverage"></a>
|
|
20
|
-
<a href="#"><img src="https://img.shields.io/badge/status-v0.9.
|
|
20
|
+
<a href="#"><img src="https://img.shields.io/badge/status-v0.9.12-brightgreen.svg" alt="Version 0.9.12"></a>
|
|
21
21
|
<a href="https://socket.dev/npm/package/syntropylog"><img src="https://socket.dev/api/badge/npm/package/syntropylog" alt="Socket Badge"></a>
|
|
22
22
|
</p>
|
|
23
23
|
|
|
@@ -446,6 +446,8 @@ await syntropyLog.init({
|
|
|
446
446
|
|
|
447
447
|
> **Silent Observer guarantee**: if the masking engine fails for any reason, it returns the original object and the application keeps running — it never throws.
|
|
448
448
|
|
|
449
|
+
**Performance**: Built-in rules use synchronous regex matching (safe, known patterns). Custom rules you add still use the timeout-protected `regex-test` worker to guard against ReDoS. This avoids the ~3–6s delay per log that occurred when every key was tested via the worker queue.
|
|
450
|
+
|
|
449
451
|
---
|
|
450
452
|
|
|
451
453
|
## 💾 Universal Persistence — Log to Any Database
|
|
@@ -10,6 +10,11 @@ import path from 'path';
|
|
|
10
10
|
*
|
|
11
11
|
* It does NOT read environment variables directly; all state must be passed via `opts`.
|
|
12
12
|
* If no file is found, it returns an empty object, making the config file optional.
|
|
13
|
+
*
|
|
14
|
+
* **Security:** A restricted schema (JSON_SCHEMA) is used to avoid prototype pollution
|
|
15
|
+
* and dangerous types. Only use with configuration files under deployment team
|
|
16
|
+
* control (controlled paths and permissions).
|
|
17
|
+
*
|
|
13
18
|
* @param opts - Options to customize the loading behavior.
|
|
14
19
|
* @returns A partial `LoggerOptions` object, or an empty object if no file is found.
|
|
15
20
|
* @throws An error if a config file is found but fails to be read or parsed.
|
|
@@ -40,9 +45,11 @@ export function loadLoggerConfig(opts) {
|
|
|
40
45
|
return {};
|
|
41
46
|
}
|
|
42
47
|
try {
|
|
43
|
-
// Load and parse the YAML file.
|
|
48
|
+
// Load and parse the YAML file with restricted schema (avoids prototype pollution / unsafe types).
|
|
44
49
|
const fileContents = fs.readFileSync(configPath, 'utf8');
|
|
45
|
-
const yamlConfig = yaml.load(fileContents
|
|
50
|
+
const yamlConfig = yaml.load(fileContents, {
|
|
51
|
+
schema: yaml.JSON_SCHEMA,
|
|
52
|
+
});
|
|
46
53
|
// If the YAML has the config under a 'logger' key, extract it.
|
|
47
54
|
// Otherwise, assume the root object is the configuration.
|
|
48
55
|
return yamlConfig?.logger || yamlConfig || {};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"loadLoggerConfig.js","sourceRoot":"","sources":["../../src/config/loadLoggerConfig.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,SAAS,CAAC;AAC3B,OAAO,IAAI,MAAM,MAAM,CAAC;AA8BxB
|
|
1
|
+
{"version":3,"file":"loadLoggerConfig.js","sourceRoot":"","sources":["../../src/config/loadLoggerConfig.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,SAAS,CAAC;AAC3B,OAAO,IAAI,MAAM,MAAM,CAAC;AA8BxB;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,gBAAgB,CAC9B,IAAgC;IAEhC,MAAM,EACJ,UAAU,EAAE,kBAAkB,EAC9B,WAAW,EACX,SAAS,GAAG,UAAU,EACtB,WAAW,GAAG,QAAQ,GACvB,GAAG,IAAI,IAAI,EAAE,CAAC;IAEf,yCAAyC;IACzC,IAAI,UAA8B,CAAC;IACnC,IAAI,kBAAkB,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;QAC5D,UAAU,GAAG,kBAAkB,CAAC;IAClC,CAAC;IAED,oEAAoE;IACpE,IAAI,CAAC,UAAU,IAAI,WAAW,EAAE,CAAC;QAC/B,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAC/B,SAAS,EACT,GAAG,WAAW,IAAI,WAAW,OAAO,CACrC,CAAC;QACF,IAAI,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YACnC,UAAU,GAAG,eAAe,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,0DAA0D;IAC1D,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,WAAW,OAAO,CAAC,CAAC;QAChE,IAAI,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAC/B,UAAU,GAAG,WAAW,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,+EAA+E;IAC/E,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,CAAC;QACH,mGAAmG;QACnG,MAAM,YAAY,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QACzD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE;YACzC,MAAM,EAAE,IAAI,CAAC,WAAW;SACzB,CAAmC,CAAC;QAErC,+DAA+D;QAC/D,0DAA0D;QAC1D,OAAO,UAAU,EAAE,MAAM,IAAI,UAAU,IAAI,EAAE,CAAC;IAChD,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,sDAAsD,UAAU,KAAK,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAC9H,CAAC;IACJ,CAAC;AACH,CAAC"}
|
|
@@ -119,6 +119,8 @@ export class LifecycleManager extends EventEmitter {
|
|
|
119
119
|
this.logger?.info('🔄 State changed to SHUTTING_DOWN');
|
|
120
120
|
try {
|
|
121
121
|
this.logger?.info('Shutting down SyntropyLog framework...');
|
|
122
|
+
// Shutdown MaskingEngine first so regex-test worker is cleaned (avoids process leak)
|
|
123
|
+
this.maskingEngine?.shutdown?.();
|
|
122
124
|
const shutdownPromises = [
|
|
123
125
|
this.redisManager?.shutdown(),
|
|
124
126
|
this.loggerFactory?.shutdown?.(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"LifecycleManager.js","sourceRoot":"","sources":["../../src/core/LifecycleManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AAEtC,OAAO,EAAE,QAAQ,EAAE,MAAM,KAAK,CAAC;AAE/B,OAAO,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAmB,MAAM,YAAY,CAAC;AAE7D,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAExD,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAC7E,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAEzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAU5C,+CAA+C;AAC/C,MAAM,gBAAgB,GAAG,KAAK,EAC5B,YAA0B,EAC1B,MAAsB,EACP,EAAE;IACjB,IAAI,CAAC,YAAY,CAAC,SAAS,IAAI,YAAY,CAAC,QAAQ,KAAK,IAAI,EAAE,CAAC;QAC9D,OAAO;IACT,CAAC;IAED,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC;IAC7B,MAAM,EAAE,KAAK,CAAC,8BAA8B,GAAG,KAAK,CAAC,CAAC;IAEtD,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAE7B,yCAAyC;IACzC,MAAM,YAAY,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;QACjD,MAAM,MAAM,GAAG,GAAG,EAAE;YAClB,OAAO,EAAE,CAAC;YACV,YAAY,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9C,CAAC,CAAC;QACF,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;IAE1E,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;IAE5C,IAAI,YAAY,CAAC,QAAQ,KAAK,IAAI,EAAE,CAAC;QACnC,MAAM,EAAE,IAAI,CACV,WAAW,GAAG,iDAAiD,CAChE,CAAC;QACF,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC/B,CAAC;SAAM,CAAC;QACN,MAAM,EAAE,KAAK,CAAC,WAAW,GAAG,oBAAoB,CAAC,CAAC;IACpD,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,OAAO,gBAAiB,SAAQ,YAAY;IACxC,KAAK,GAAqB,iBAAiB,CAAC;IAC7C,MAAM,CAAgC;IACtC,cAAc,CAA8B;IAC5C,aAAa,CAA4B;IACzC,YAAY,CAA2B;IACvC,oBAAoB,CAAuB;IAC3C,aAAa,CAAgB;IAC5B,MAAM,GAAmB,IAAI,CAAC;IAC9B,cAAc,CAAc;IAC5B,gBAAgB,GAAG,IAAI,GAAG,EAAgB,CAAC;IAEnD,YAAY,cAA2B;QACrC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,mEAAmE;QACnE,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;QACjB,IAAI,CAAC,oBAAoB,GAAG,IAAI,oBAAoB,CAAC,EAAE,CAAC,CAAC;QACzD,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC,EAAE,CAAC,CAAC;IAC7C,CAAC;IAEM,QAAQ;QACb,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,MAAyB;QACzC,IAAI,IAAI,CAAC,KAAK,KAAK,iBAAiB,EAAE,CAAC;YACrC,IAAI,CAAC,MAAM,EAAE,IAAI,CACf,kDAAkD,IAAI,CAAC,KAAK,8BAA8B,CAC3F,CAAC;YACF,OAAO;QACT,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,cAAc,CAAC;QAE5B,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,uBAAuB,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAC3D,MAAM,eAAe,GAAG,cAAc,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,MAAM,GAAG,eAAe,CAAC;YAE9B,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACpE,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACxB,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACrD,CAAC;YAED,IAAI,CAAC,oBAAoB,GAAG,IAAI,oBAAoB,CAAC;gBACnD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,mBAAmB;gBAClD,qBAAqB,EACnB,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,kBAAkB,KAAK,KAAK;aACpD,CAAC,CAAC;YAEH,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC;gBACrC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK;gBACjC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ;gBACvC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,cAAc;gBACnD,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,kBAAkB,KAAK,KAAK;aACtE,CAAC,CAAC;YAEH,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CACpC,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,cAAc,CACpB,CAAC;YACF,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YAChE,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;YAErB,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACtB,IAAI,CAAC;oBACH,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;oBAC/D,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAClC,IAAI,CAAC,MAAM,CAAC,KAAK,EACjB,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,EAClC,IAAI,CAAC,cAAc,CACpB,CAAC;oBACF,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;gBAC3B,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,KAAK,CACV,2EAA2E,EAC3E,EAAE,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC,EAAE,CACnC,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;YAC/D,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC;YACrB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC;YACrB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAE1B,IAAI,KAAK,YAAY,QAAQ,EAAE,CAAC;gBAC9B,OAAO,CAAC,KAAK,CACX,gDAAgD,EAChD,KAAK,CAAC,MAAM,CACb,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,+CAA+C,EAAE,KAAK,CAAC,CAAC;YACxE,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,QAAQ;QACnB,IAAI,CAAC,MAAM,EAAE,IAAI,CACf,yDAAyD,IAAI,CAAC,KAAK,EAAE,CACtE,CAAC;QAEF,IAAI,IAAI,CAAC,KAAK,KAAK,OAAO,EAAE,CAAC;YAC3B,IAAI,CAAC,MAAM,EAAE,IAAI,CACf,6CAA6C,IAAI,CAAC,KAAK,EAAE,CAC1D,CAAC;YACF,OAAO;QACT,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,eAAe,CAAC;QAC7B,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC3B,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,mCAAmC,CAAC,CAAC;QAEvD,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,wCAAwC,CAAC,CAAC;YAE5D,MAAM,gBAAgB,GAAG;gBACvB,IAAI,CAAC,YAAY,EAAE,QAAQ,EAAE;gBAC7B,IAAI,CAAC,aAAa,EAAE,QAAQ,EAAE,EAAE;aACjC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAElB,IAAI,CAAC,MAAM,EAAE,IAAI,CACf,gBAAgB,gBAAgB,CAAC,MAAM,uBAAuB,CAC/D,CAAC;YACF,MAAM,OAAO,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC;YAC3C,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAEnD,kEAAkE;YAClE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,6CAA6C,CAAC,CAAC;YACjE,MAAM,IAAI,CAAC,0BAA0B,EAAE,CAAC;YAExC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,mCAAmC,CAAC,CAAC;YACvD,IAAI,CAAC,KAAK,GAAG,UAAU,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACtB,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,6BAA6B,CAAC,CAAC;QACnD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC;YACrB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAC1B,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,0BAA0B,EAAE;gBAC7C,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;OAIG;IACI,oBAAoB,CAAC,YAA0B;QACpD,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAExC,qCAAqC;QACrC,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE;YAC3B,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,0BAA0B;QACtC,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBACrC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,4CAA4C,CAAC,CAAC;gBAChE,OAAO;YACT,CAAC;YAED,IAAI,CAAC,MAAM,EAAE,IAAI,CACf,eAAe,IAAI,CAAC,gBAAgB,CAAC,IAAI,wBAAwB,CAClE,CAAC;YAEF,MAAM,mBAAmB,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAC/D,CAAC,YAAY,EAAE,EAAE,CAAC,gBAAgB,CAAC,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,CAC9D,CAAC;YAEF,MAAM,OAAO,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC;YAC9C,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;YAC9B,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,qCAAqC,CAAC,CAAC;QAC3D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,uCAAuC,EAAE;gBACzD,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEM,WAAW;QAMhB,IAAI,IAAI,CAAC,KAAK,KAAK,OAAO,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,6CAA6C,IAAI,CAAC,KAAK,iFAAiF,CACzI,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}
|
|
1
|
+
{"version":3,"file":"LifecycleManager.js","sourceRoot":"","sources":["../../src/core/LifecycleManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AAEtC,OAAO,EAAE,QAAQ,EAAE,MAAM,KAAK,CAAC;AAE/B,OAAO,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAmB,MAAM,YAAY,CAAC;AAE7D,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAExD,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAC7E,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAEzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAU5C,+CAA+C;AAC/C,MAAM,gBAAgB,GAAG,KAAK,EAC5B,YAA0B,EAC1B,MAAsB,EACP,EAAE;IACjB,IAAI,CAAC,YAAY,CAAC,SAAS,IAAI,YAAY,CAAC,QAAQ,KAAK,IAAI,EAAE,CAAC;QAC9D,OAAO;IACT,CAAC;IAED,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC;IAC7B,MAAM,EAAE,KAAK,CAAC,8BAA8B,GAAG,KAAK,CAAC,CAAC;IAEtD,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAE7B,yCAAyC;IACzC,MAAM,YAAY,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;QACjD,MAAM,MAAM,GAAG,GAAG,EAAE;YAClB,OAAO,EAAE,CAAC;YACV,YAAY,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9C,CAAC,CAAC;QACF,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;IAE1E,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;IAE5C,IAAI,YAAY,CAAC,QAAQ,KAAK,IAAI,EAAE,CAAC;QACnC,MAAM,EAAE,IAAI,CACV,WAAW,GAAG,iDAAiD,CAChE,CAAC;QACF,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC/B,CAAC;SAAM,CAAC;QACN,MAAM,EAAE,KAAK,CAAC,WAAW,GAAG,oBAAoB,CAAC,CAAC;IACpD,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,OAAO,gBAAiB,SAAQ,YAAY;IACxC,KAAK,GAAqB,iBAAiB,CAAC;IAC7C,MAAM,CAAgC;IACtC,cAAc,CAA8B;IAC5C,aAAa,CAA4B;IACzC,YAAY,CAA2B;IACvC,oBAAoB,CAAuB;IAC3C,aAAa,CAAgB;IAC5B,MAAM,GAAmB,IAAI,CAAC;IAC9B,cAAc,CAAc;IAC5B,gBAAgB,GAAG,IAAI,GAAG,EAAgB,CAAC;IAEnD,YAAY,cAA2B;QACrC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,mEAAmE;QACnE,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;QACjB,IAAI,CAAC,oBAAoB,GAAG,IAAI,oBAAoB,CAAC,EAAE,CAAC,CAAC;QACzD,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC,EAAE,CAAC,CAAC;IAC7C,CAAC;IAEM,QAAQ;QACb,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,MAAyB;QACzC,IAAI,IAAI,CAAC,KAAK,KAAK,iBAAiB,EAAE,CAAC;YACrC,IAAI,CAAC,MAAM,EAAE,IAAI,CACf,kDAAkD,IAAI,CAAC,KAAK,8BAA8B,CAC3F,CAAC;YACF,OAAO;QACT,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,cAAc,CAAC;QAE5B,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,uBAAuB,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAC3D,MAAM,eAAe,GAAG,cAAc,CAAC,YAAY,CAAC,CAAC;YACrD,IAAI,CAAC,MAAM,GAAG,eAAe,CAAC;YAE9B,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACpE,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACxB,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACrD,CAAC;YAED,IAAI,CAAC,oBAAoB,GAAG,IAAI,oBAAoB,CAAC;gBACnD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,mBAAmB;gBAClD,qBAAqB,EACnB,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,kBAAkB,KAAK,KAAK;aACpD,CAAC,CAAC;YAEH,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC;gBACrC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK;gBACjC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ;gBACvC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,cAAc;gBACnD,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,kBAAkB,KAAK,KAAK;aACtE,CAAC,CAAC;YAEH,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CACpC,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,cAAc,CACpB,CAAC;YACF,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YAChE,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;YAErB,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACtB,IAAI,CAAC;oBACH,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;oBAC/D,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAClC,IAAI,CAAC,MAAM,CAAC,KAAK,EACjB,MAAM,CAAC,UAAU,CAAC,eAAe,CAAC,EAClC,IAAI,CAAC,cAAc,CACpB,CAAC;oBACF,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;gBAC3B,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,KAAK,CACV,2EAA2E,EAC3E,EAAE,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC,EAAE,CACnC,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;YAC/D,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC;YACrB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC;YACrB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAE1B,IAAI,KAAK,YAAY,QAAQ,EAAE,CAAC;gBAC9B,OAAO,CAAC,KAAK,CACX,gDAAgD,EAChD,KAAK,CAAC,MAAM,CACb,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,+CAA+C,EAAE,KAAK,CAAC,CAAC;YACxE,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,QAAQ;QACnB,IAAI,CAAC,MAAM,EAAE,IAAI,CACf,yDAAyD,IAAI,CAAC,KAAK,EAAE,CACtE,CAAC;QAEF,IAAI,IAAI,CAAC,KAAK,KAAK,OAAO,EAAE,CAAC;YAC3B,IAAI,CAAC,MAAM,EAAE,IAAI,CACf,6CAA6C,IAAI,CAAC,KAAK,EAAE,CAC1D,CAAC;YACF,OAAO;QACT,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,eAAe,CAAC;QAC7B,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC3B,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,mCAAmC,CAAC,CAAC;QAEvD,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,wCAAwC,CAAC,CAAC;YAE5D,qFAAqF;YACrF,IAAI,CAAC,aAAa,EAAE,QAAQ,EAAE,EAAE,CAAC;YAEjC,MAAM,gBAAgB,GAAG;gBACvB,IAAI,CAAC,YAAY,EAAE,QAAQ,EAAE;gBAC7B,IAAI,CAAC,aAAa,EAAE,QAAQ,EAAE,EAAE;aACjC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAElB,IAAI,CAAC,MAAM,EAAE,IAAI,CACf,gBAAgB,gBAAgB,CAAC,MAAM,uBAAuB,CAC/D,CAAC;YACF,MAAM,OAAO,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC;YAC3C,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAEnD,kEAAkE;YAClE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,6CAA6C,CAAC,CAAC;YACjE,MAAM,IAAI,CAAC,0BAA0B,EAAE,CAAC;YAExC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,mCAAmC,CAAC,CAAC;YACvD,IAAI,CAAC,KAAK,GAAG,UAAU,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACtB,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,6BAA6B,CAAC,CAAC;QACnD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC;YACrB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAC1B,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,0BAA0B,EAAE;gBAC7C,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;OAIG;IACI,oBAAoB,CAAC,YAA0B;QACpD,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAExC,qCAAqC;QACrC,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE;YAC3B,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,0BAA0B;QACtC,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBACrC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,4CAA4C,CAAC,CAAC;gBAChE,OAAO;YACT,CAAC;YAED,IAAI,CAAC,MAAM,EAAE,IAAI,CACf,eAAe,IAAI,CAAC,gBAAgB,CAAC,IAAI,wBAAwB,CAClE,CAAC;YAEF,MAAM,mBAAmB,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAC/D,CAAC,YAAY,EAAE,EAAE,CAAC,gBAAgB,CAAC,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,CAC9D,CAAC;YAEF,MAAM,OAAO,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC;YAC9C,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;YAC9B,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,qCAAqC,CAAC,CAAC;QAC3D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,uCAAuC,EAAE;gBACzD,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEM,WAAW;QAMhB,IAAI,IAAI,CAAC,KAAK,KAAK,OAAO,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,6CAA6C,IAAI,CAAC,KAAK,iFAAiF,CACzI,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}
|
package/dist/index.cjs
CHANGED
|
@@ -150,36 +150,42 @@ class MaskingEngine {
|
|
|
150
150
|
strategy: MaskingStrategy.CREDIT_CARD,
|
|
151
151
|
preserveLength: true,
|
|
152
152
|
maskChar: this.maskChar,
|
|
153
|
+
_isDefaultRule: true,
|
|
153
154
|
},
|
|
154
155
|
{
|
|
155
156
|
pattern: /ssn|social_security|security_number/i,
|
|
156
157
|
strategy: MaskingStrategy.SSN,
|
|
157
158
|
preserveLength: true,
|
|
158
159
|
maskChar: this.maskChar,
|
|
160
|
+
_isDefaultRule: true,
|
|
159
161
|
},
|
|
160
162
|
{
|
|
161
163
|
pattern: /email/i,
|
|
162
164
|
strategy: MaskingStrategy.EMAIL,
|
|
163
165
|
preserveLength: true,
|
|
164
166
|
maskChar: this.maskChar,
|
|
167
|
+
_isDefaultRule: true,
|
|
165
168
|
},
|
|
166
169
|
{
|
|
167
170
|
pattern: /phone|phone_number|mobile_number/i,
|
|
168
171
|
strategy: MaskingStrategy.PHONE,
|
|
169
172
|
preserveLength: true,
|
|
170
173
|
maskChar: this.maskChar,
|
|
174
|
+
_isDefaultRule: true,
|
|
171
175
|
},
|
|
172
176
|
{
|
|
173
177
|
pattern: /password|pass|pwd|secret/i,
|
|
174
178
|
strategy: MaskingStrategy.PASSWORD,
|
|
175
179
|
preserveLength: true,
|
|
176
180
|
maskChar: this.maskChar,
|
|
181
|
+
_isDefaultRule: true,
|
|
177
182
|
},
|
|
178
183
|
{
|
|
179
184
|
pattern: /token|api_key|auth_token|jwt|bearer/i,
|
|
180
185
|
strategy: MaskingStrategy.TOKEN,
|
|
181
186
|
preserveLength: true,
|
|
182
187
|
maskChar: this.maskChar,
|
|
188
|
+
_isDefaultRule: true,
|
|
183
189
|
},
|
|
184
190
|
];
|
|
185
191
|
for (const rule of defaultRules) {
|
|
@@ -206,8 +212,10 @@ class MaskingEngine {
|
|
|
206
212
|
/**
|
|
207
213
|
* Processes a metadata object and applies the configured masking rules.
|
|
208
214
|
* Uses JSON flattening strategy for extreme performance.
|
|
215
|
+
* On failure (timeout, rule error, etc.) returns a safe redacted object with an explicit message
|
|
216
|
+
* instead of the original data, to avoid leaking sensitive content.
|
|
209
217
|
* @param meta - The metadata object to process
|
|
210
|
-
* @returns A new object with the masked data
|
|
218
|
+
* @returns A new object with the masked data, or a safe fallback object if masking fails
|
|
211
219
|
*/
|
|
212
220
|
async process(meta) {
|
|
213
221
|
// Set initialized flag on first use
|
|
@@ -222,10 +230,28 @@ class MaskingEngine {
|
|
|
222
230
|
return masked;
|
|
223
231
|
}
|
|
224
232
|
catch {
|
|
225
|
-
//
|
|
226
|
-
return
|
|
233
|
+
// Do not return original data: emit a safe placeholder so sensitive payload is never logged
|
|
234
|
+
return {
|
|
235
|
+
...MaskingEngine.buildSafeFallbackFromMeta(meta),
|
|
236
|
+
_maskingFailed: true,
|
|
237
|
+
_maskingFailedMessage: MaskingEngine.MASKING_FAILED_MESSAGE,
|
|
238
|
+
};
|
|
227
239
|
}
|
|
228
240
|
}
|
|
241
|
+
/**
|
|
242
|
+
* Builds a minimal safe object from meta (level, timestamp, message, service) for fallback.
|
|
243
|
+
* Avoids leaking any arbitrary keys/values when masking fails.
|
|
244
|
+
*/
|
|
245
|
+
static buildSafeFallbackFromMeta(meta) {
|
|
246
|
+
const safe = {};
|
|
247
|
+
const allowedKeys = ['level', 'timestamp', 'message', 'service'];
|
|
248
|
+
for (const key of allowedKeys) {
|
|
249
|
+
if (key in meta && meta[key] !== undefined) {
|
|
250
|
+
safe[key] = meta[key];
|
|
251
|
+
}
|
|
252
|
+
}
|
|
253
|
+
return safe;
|
|
254
|
+
}
|
|
229
255
|
/**
|
|
230
256
|
* Applies masking rules to data recursively.
|
|
231
257
|
* @param data - Data to mask
|
|
@@ -254,13 +280,20 @@ class MaskingEngine {
|
|
|
254
280
|
for (const rule of this.rules) {
|
|
255
281
|
let isMatch = false;
|
|
256
282
|
if (rule._compiledPattern) {
|
|
257
|
-
|
|
258
|
-
//
|
|
259
|
-
|
|
283
|
+
if (rule._isDefaultRule) {
|
|
284
|
+
// Default rules use safe, known patterns (no ReDoS); sync test avoids
|
|
285
|
+
// regex-test worker IPC queue which caused ~3–6s delay per log.
|
|
286
|
+
isMatch = rule._compiledPattern.test(key);
|
|
260
287
|
}
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
288
|
+
else {
|
|
289
|
+
try {
|
|
290
|
+
// Custom rules: use regex-test for safe execution with timeout
|
|
291
|
+
isMatch = await this.regexTest.test(rule._compiledPattern, key);
|
|
292
|
+
}
|
|
293
|
+
catch {
|
|
294
|
+
// Silent failure on timeout/error - treat as no match
|
|
295
|
+
isMatch = false;
|
|
296
|
+
}
|
|
264
297
|
}
|
|
265
298
|
}
|
|
266
299
|
if (isMatch) {
|
|
@@ -477,6 +510,8 @@ class MaskingEngine {
|
|
|
477
510
|
}
|
|
478
511
|
}
|
|
479
512
|
}
|
|
513
|
+
/** Message used when masking fails (e.g. timeout) so we never emit raw payload. */
|
|
514
|
+
MaskingEngine.MASKING_FAILED_MESSAGE = '[SyntropyLog] Masking could not be applied (e.g. timeout or error); payload redacted for safety.';
|
|
480
515
|
|
|
481
516
|
/**
|
|
482
517
|
* FILE: src/config.schema.ts
|
|
@@ -2347,6 +2382,8 @@ class LifecycleManager extends events.EventEmitter {
|
|
|
2347
2382
|
this.logger?.info('🔄 State changed to SHUTTING_DOWN');
|
|
2348
2383
|
try {
|
|
2349
2384
|
this.logger?.info('Shutting down SyntropyLog framework...');
|
|
2385
|
+
// Shutdown MaskingEngine first so regex-test worker is cleaned (avoids process leak)
|
|
2386
|
+
this.maskingEngine?.shutdown?.();
|
|
2350
2387
|
const shutdownPromises = [
|
|
2351
2388
|
this.redisManager?.shutdown(),
|
|
2352
2389
|
this.loggerFactory?.shutdown?.(),
|
|
@@ -3283,6 +3320,9 @@ class RedisConnectionManager {
|
|
|
3283
3320
|
if (this.client.isOpen) {
|
|
3284
3321
|
this.logger.info('Attempting to quit client.');
|
|
3285
3322
|
try {
|
|
3323
|
+
if (typeof this.client.removeAllListeners === 'function') {
|
|
3324
|
+
this.client.removeAllListeners();
|
|
3325
|
+
}
|
|
3286
3326
|
await this.client.quit();
|
|
3287
3327
|
}
|
|
3288
3328
|
catch (error) {
|
|
@@ -3291,6 +3331,10 @@ class RedisConnectionManager {
|
|
|
3291
3331
|
}
|
|
3292
3332
|
}
|
|
3293
3333
|
else {
|
|
3334
|
+
// Client never connected or already closed: remove listeners to avoid leak
|
|
3335
|
+
if (typeof this.client.removeAllListeners === 'function') {
|
|
3336
|
+
this.client.removeAllListeners();
|
|
3337
|
+
}
|
|
3294
3338
|
this.logger.info('Client was not open. Quit operation effectively complete.');
|
|
3295
3339
|
}
|
|
3296
3340
|
}
|
|
@@ -4532,6 +4576,8 @@ class RedisManager {
|
|
|
4532
4576
|
this.logger.info('Closing all Redis connections...');
|
|
4533
4577
|
const shutdownPromises = Array.from(this.instances.values()).map((instance) => instance.quit());
|
|
4534
4578
|
await Promise.allSettled(shutdownPromises);
|
|
4579
|
+
this.instances.clear();
|
|
4580
|
+
this.defaultInstance = undefined;
|
|
4535
4581
|
this.logger.info('All Redis connections have been closed.');
|
|
4536
4582
|
}
|
|
4537
4583
|
}
|