posthoganalytics 6.7.14__py3-none-any.whl → 6.9.0__py3-none-any.whl

posthoganalytics/contexts.py

@@ -22,6 +22,9 @@ class ContextScope:
         self.session_id: Optional[str] = None
         self.distinct_id: Optional[str] = None
         self.tags: Dict[str, Any] = {}
+        self.capture_exception_code_variables: Optional[bool] = None
+        self.code_variables_mask_patterns: Optional[list] = None
+        self.code_variables_ignore_patterns: Optional[list] = None
 
     def set_session_id(self, session_id: str):
         self.session_id = session_id
@@ -32,6 +35,15 @@ class ContextScope:
     def add_tag(self, key: str, value: Any):
         self.tags[key] = value
 
+    def set_capture_exception_code_variables(self, enabled: bool):
+        self.capture_exception_code_variables = enabled
+
+    def set_code_variables_mask_patterns(self, mask_patterns: list):
+        self.code_variables_mask_patterns = mask_patterns
+
+    def set_code_variables_ignore_patterns(self, ignore_patterns: list):
+        self.code_variables_ignore_patterns = ignore_patterns
+
     def get_parent(self):
         return self.parent
 
@@ -59,6 +71,27 @@ class ContextScope:
             tags.update(new_tags)
         return tags
 
+    def get_capture_exception_code_variables(self) -> Optional[bool]:
+        if self.capture_exception_code_variables is not None:
+            return self.capture_exception_code_variables
+        if self.parent is not None and not self.fresh:
+            return self.parent.get_capture_exception_code_variables()
+        return None
+
+    def get_code_variables_mask_patterns(self) -> Optional[list]:
+        if self.code_variables_mask_patterns is not None:
+            return self.code_variables_mask_patterns
+        if self.parent is not None and not self.fresh:
+            return self.parent.get_code_variables_mask_patterns()
+        return None
+
+    def get_code_variables_ignore_patterns(self) -> Optional[list]:
+        if self.code_variables_ignore_patterns is not None:
+            return self.code_variables_ignore_patterns
+        if self.parent is not None and not self.fresh:
+            return self.parent.get_code_variables_ignore_patterns()
+        return None
+
 
 _context_stack: contextvars.ContextVar[Optional[ContextScope]] = contextvars.ContextVar(
     "posthog_context_stack", default=None
@@ -243,6 +276,54 @@ def get_context_distinct_id() -> Optional[str]:
     return None
 
 
+def set_capture_exception_code_variables_context(enabled: bool) -> None:
+    """
+    Set whether code variables are captured for the current context.
+    """
+    current_context = _get_current_context()
+    if current_context:
+        current_context.set_capture_exception_code_variables(enabled)
+
+
+def set_code_variables_mask_patterns_context(mask_patterns: list) -> None:
+    """
+    Variable names matching these patterns will be masked with *** when capturing code variables.
+    """
+    current_context = _get_current_context()
+    if current_context:
+        current_context.set_code_variables_mask_patterns(mask_patterns)
+
+
+def set_code_variables_ignore_patterns_context(ignore_patterns: list) -> None:
+    """
+    Variable names matching these patterns will be ignored completely when capturing code variables.
+    """
+    current_context = _get_current_context()
+    if current_context:
+        current_context.set_code_variables_ignore_patterns(ignore_patterns)
+
+
+def get_capture_exception_code_variables_context() -> Optional[bool]:
+    current_context = _get_current_context()
+    if current_context:
+        return current_context.get_capture_exception_code_variables()
+    return None
+
+
+def get_code_variables_mask_patterns_context() -> Optional[list]:
+    current_context = _get_current_context()
+    if current_context:
+        return current_context.get_code_variables_mask_patterns()
+    return None
+
+
+def get_code_variables_ignore_patterns_context() -> Optional[list]:
+    current_context = _get_current_context()
+    if current_context:
+        return current_context.get_code_variables_ignore_patterns()
+    return None
+
+
 F = TypeVar("F", bound=Callable[..., Any])
 
 

posthoganalytics/exception_utils.py

@@ -5,6 +5,7 @@
 # 💖open source (under MIT License)
 # We want to keep payloads as similar to Sentry as possible for easy interoperability
 
+import json
 import linecache
 import os
 import re
@@ -26,6 +27,7 @@ from typing import (  # noqa: F401
     Union,
     cast,
     TYPE_CHECKING,
+    Pattern,
 )
 
 from posthoganalytics.args import ExcInfo, ExceptionArg  # noqa: F401
@@ -40,6 +42,42 @@ except ImportError:
 
 DEFAULT_MAX_VALUE_LENGTH = 1024
 
+DEFAULT_CODE_VARIABLES_MASK_PATTERNS = [
+    r"(?i).*password.*",
+    r"(?i).*secret.*",
+    r"(?i).*passwd.*",
+    r"(?i).*pwd.*",
+    r"(?i).*api_key.*",
+    r"(?i).*apikey.*",
+    r"(?i).*auth.*",
+    r"(?i).*credentials.*",
+    r"(?i).*privatekey.*",
+    r"(?i).*private_key.*",
+    r"(?i).*token.*",
+]
+
+DEFAULT_CODE_VARIABLES_IGNORE_PATTERNS = [r"^__.*"]
+
+CODE_VARIABLES_REDACTED_VALUE = "$$_posthog_redacted_based_on_masking_rules_$$"
+
+DEFAULT_TOTAL_VARIABLES_SIZE_LIMIT = 20 * 1024
+
+
+class VariableSizeLimiter:
+    def __init__(self, max_size=DEFAULT_TOTAL_VARIABLES_SIZE_LIMIT):
+        self.max_size = max_size
+        self.current_size = 0
+
+    def can_add(self, size):
+        return self.current_size + size <= self.max_size
+
+    def add(self, size):
+        self.current_size += size
+
+    def get_remaining_space(self):
+        return self.max_size - self.current_size
+
+
 LogLevelStr = Literal["fatal", "critical", "error", "warning", "info", "debug"]
 
 Event = TypedDict(
@@ -884,3 +922,157 @@ def strip_string(value, max_length=None):
             "rem": [["!limit", "x", max_length - 3, max_length]],
         },
     )
+
+
+def _compile_patterns(patterns):
+    compiled = []
+    for pattern in patterns:
+        try:
+            compiled.append(re.compile(pattern))
+        except:
+            pass
+    return compiled
+
+
+def _pattern_matches(name, patterns):
+    for pattern in patterns:
+        if pattern.search(name):
+            return True
+    return False
+
+
+def _serialize_variable_value(value, limiter, max_length=1024):
+    try:
+        if value is None:
+            result = "None"
+        elif isinstance(value, bool):
+            result = str(value)
+        elif isinstance(value, (int, float)):
+            result_size = len(str(value))
+            if not limiter.can_add(result_size):
+                return None
+            limiter.add(result_size)
+            return value
+        elif isinstance(value, str):
+            result = value
+        else:
+            result = json.dumps(value)
+
+        if len(result) > max_length:
+            result = result[: max_length - 3] + "..."
+
+        result_size = len(result)
+        if not limiter.can_add(result_size):
+            return None
+        limiter.add(result_size)
+
+        return result
+    except Exception:
+        try:
+            fallback = f"<{type(value).__name__}>"
+            fallback_size = len(fallback)
+            if not limiter.can_add(fallback_size):
+                return None
+            limiter.add(fallback_size)
+            return fallback
+        except Exception:
+            fallback = "<unserializable object>"
+            fallback_size = len(fallback)
+            if not limiter.can_add(fallback_size):
+                return None
+            limiter.add(fallback_size)
+            return fallback
+
+
+def _is_simple_type(value):
+    return isinstance(value, (type(None), bool, int, float, str))
+
+
+def serialize_code_variables(
+    frame, limiter, mask_patterns=None, ignore_patterns=None, max_length=1024
+):
+    if mask_patterns is None:
+        mask_patterns = []
+    if ignore_patterns is None:
+        ignore_patterns = []
+
+    compiled_mask = _compile_patterns(mask_patterns)
+    compiled_ignore = _compile_patterns(ignore_patterns)
+
+    try:
+        local_vars = frame.f_locals.copy()
+    except Exception:
+        return {}
+
+    simple_vars = {}
+    complex_vars = {}
+
+    for name, value in local_vars.items():
+        if _pattern_matches(name, compiled_ignore):
+            continue
+
+        if _is_simple_type(value):
+            simple_vars[name] = value
+        else:
+            complex_vars[name] = value
+
+    result = {}
+
+    all_vars = {**simple_vars, **complex_vars}
+    ordered_names = list(sorted(simple_vars.keys())) + list(sorted(complex_vars.keys()))
+
+    for name in ordered_names:
+        value = all_vars[name]
+
+        if _pattern_matches(name, compiled_mask):
+            redacted_value = CODE_VARIABLES_REDACTED_VALUE
+            redacted_size = len(redacted_value)
+            if not limiter.can_add(redacted_size):
+                break
+            limiter.add(redacted_size)
+            result[name] = redacted_value
+        else:
+            serialized = _serialize_variable_value(value, limiter, max_length)
+            if serialized is None:
+                break
+            result[name] = serialized
+
+    return result
+
+
+def try_attach_code_variables_to_frames(
+    all_exceptions, exc_info, mask_patterns, ignore_patterns
+):
+    exc_type, exc_value, traceback = exc_info
+
+    if traceback is None:
+        return
+
+    tb_frames = list(iter_stacks(traceback))
+
+    if not tb_frames:
+        return
+
+    limiter = VariableSizeLimiter()
+
+    for exception in all_exceptions:
+        stacktrace = exception.get("stacktrace")
+        if not stacktrace or "frames" not in stacktrace:
+            continue
+
+        serialized_frames = stacktrace["frames"]
+
+        for serialized_frame, tb_item in zip(serialized_frames, tb_frames):
+            if not serialized_frame.get("in_app"):
+                continue
+
+            variables = serialize_code_variables(
+                tb_item.tb_frame,
+                limiter,
+                mask_patterns=mask_patterns,
+                ignore_patterns=ignore_patterns,
+                max_length=1024,
+            )
+
+            if variables:
+                serialized_frame["code_variables"] = variables

posthoganalytics/test/test_exception_capture.py

@@ -32,3 +32,303 @@ def test_excepthook(tmpdir):
         b'"$exception_list": [{"mechanism": {"type": "generic", "handled": true}, "module": null, "type": "ZeroDivisionError", "value": "division by zero", "stacktrace": {"frames": [{"platform": "python", "filename": "app.py", "abs_path"'
         in output
     )
+
+
+def test_code_variables_capture(tmpdir):
+    app = tmpdir.join("app.py")
+    app.write(
+        dedent(
+            """
+    import os
+    from posthoganalytics import Posthog
+    
+    class UnserializableObject:
+        pass
+    
+    posthog = Posthog(
+        'phc_x', 
+        host='https://eu.i.posthog.com', 
+        debug=True, 
+        enable_exception_autocapture=True,
+        capture_exception_code_variables=True,
+        project_root=os.path.dirname(os.path.abspath(__file__))
+    )
+    
+    def trigger_error():
+        my_string = "hello world"
+        my_number = 42
+        my_bool = True
+        my_dict = {"name": "test", "value": 123}
+        my_obj = UnserializableObject()
+        my_password = "secret123"  # Should be masked by default
+        __should_be_ignored = "hidden"  # Should be ignored by default
+        
+        1/0  # Trigger exception
+    
+    def intermediate_function():
+        request_id = "abc-123"
+        user_count = 100
+        is_active = True
+        
+        trigger_error()
+    
+    def process_data():
+        batch_size = 50
+        retry_count = 3
+        
+        intermediate_function()
+    
+    process_data()
+    """
+        )
+    )
+
+    with pytest.raises(subprocess.CalledProcessError) as excinfo:
+        subprocess.check_output([sys.executable, str(app)], stderr=subprocess.STDOUT)
+
+    output = excinfo.value.output
+
+    assert b"ZeroDivisionError" in output
+    assert b"code_variables" in output
+
+    # Variables from trigger_error frame
+    assert b"'my_string': 'hello world'" in output
+    assert b"'my_number': 42" in output
+    assert b"'my_bool': 'True'" in output
+    assert b'"my_dict": "{\\"name\\": \\"test\\", \\"value\\": 123}"' in output
+    assert b'"my_obj": "<UnserializableObject>"' in output
+    assert b"'my_password': '$$_posthog_redacted_based_on_masking_rules_$$'" in output
+    assert b"'__should_be_ignored':" not in output
+
+    # Variables from intermediate_function frame
+    assert b"'request_id': 'abc-123'" in output
+    assert b"'user_count': 100" in output
+    assert b"'is_active': 'True'" in output
+
+    # Variables from process_data frame
+    assert b"'batch_size': 50" in output
+    assert b"'retry_count': 3" in output
+
+
+def test_code_variables_context_override(tmpdir):
+    app = tmpdir.join("app.py")
+    app.write(
+        dedent(
+            """
+    import os
+    import posthog
+    from posthoganalytics import Posthog
+    
+    posthog_client = Posthog(
+        'phc_x', 
+        host='https://eu.i.posthog.com', 
+        debug=True, 
+        enable_exception_autocapture=True,
+        capture_exception_code_variables=False,
+        project_root=os.path.dirname(os.path.abspath(__file__))
+    )
+    
+    def process_data():
+        bank = "should_be_masked"
+        __dunder_var = "should_be_visible"
+        
+        1/0
+    
+    with posthog.new_context(client=posthog_client):
+        posthog.set_capture_exception_code_variables_context(True)
+        posthog.set_code_variables_mask_patterns_context([r"(?i).*bank.*"])
+        posthog.set_code_variables_ignore_patterns_context([])
+        
+        process_data()
+    """
+        )
+    )
+
+    with pytest.raises(subprocess.CalledProcessError) as excinfo:
+        subprocess.check_output([sys.executable, str(app)], stderr=subprocess.STDOUT)
+
+    output = excinfo.value.output
+
+    assert b"ZeroDivisionError" in output
+    assert b"code_variables" in output
+    assert b"'bank': '$$_posthog_redacted_based_on_masking_rules_$$'" in output
+    assert b"'__dunder_var': 'should_be_visible'" in output
+
+
+def test_code_variables_size_limiter(tmpdir):
+    app = tmpdir.join("app.py")
+    app.write(
+        dedent(
+            """
+    import os
+    from posthoganalytics import Posthog
+    
+    posthog = Posthog(
+        'phc_x', 
+        host='https://eu.i.posthog.com', 
+        debug=True, 
+        enable_exception_autocapture=True,
+        capture_exception_code_variables=True,
+        project_root=os.path.dirname(os.path.abspath(__file__))
+    )
+    
+    def trigger_error():
+        var_a = "a" * 2000
+        var_b = "b" * 2000
+        var_c = "c" * 2000
+        var_d = "d" * 2000
+        var_e = "e" * 2000
+        var_f = "f" * 2000
+        var_g = "g" * 2000
+        
+        1/0
+    
+    def intermediate_function():
+        var_h = "h" * 2000
+        var_i = "i" * 2000
+        var_j = "j" * 2000
+        var_k = "k" * 2000
+        var_l = "l" * 2000
+        var_m = "m" * 2000
+        var_n = "n" * 2000
+        
+        trigger_error()
+    
+    def process_data():
+        var_o = "o" * 2000
+        var_p = "p" * 2000
+        var_q = "q" * 2000
+        var_r = "r" * 2000
+        var_s = "s" * 2000
+        var_t = "t" * 2000
+        var_u = "u" * 2000
+        
+        intermediate_function()
+    
+    process_data()
+    """
+        )
+    )
+
+    with pytest.raises(subprocess.CalledProcessError) as excinfo:
+        subprocess.check_output([sys.executable, str(app)], stderr=subprocess.STDOUT)
+
+    output = excinfo.value.output.decode("utf-8")
+
+    assert "ZeroDivisionError" in output
+    assert "code_variables" in output
+
+    captured_vars = []
+    for var_name in [
+        "var_a",
+        "var_b",
+        "var_c",
+        "var_d",
+        "var_e",
+        "var_f",
+        "var_g",
+        "var_h",
+        "var_i",
+        "var_j",
+        "var_k",
+        "var_l",
+        "var_m",
+        "var_n",
+        "var_o",
+        "var_p",
+        "var_q",
+        "var_r",
+        "var_s",
+        "var_t",
+        "var_u",
+    ]:
+        if f"'{var_name}'" in output:
+            captured_vars.append(var_name)
+
+    assert len(captured_vars) > 0
+    assert len(captured_vars) < 21
+
+
+def test_code_variables_disabled_capture(tmpdir):
+    app = tmpdir.join("app.py")
+    app.write(
+        dedent(
+            """
+    import os
+    from posthoganalytics import Posthog
+    
+    posthog = Posthog(
+        'phc_x', 
+        host='https://eu.i.posthog.com', 
+        debug=True, 
+        enable_exception_autocapture=True,
+        capture_exception_code_variables=False,
+        project_root=os.path.dirname(os.path.abspath(__file__))
+    )
+    
+    def trigger_error():
+        my_string = "hello world"
+        my_number = 42
+        my_bool = True
+        
+        1/0
+    
+    trigger_error()
+    """
+        )
+    )
+
+    with pytest.raises(subprocess.CalledProcessError) as excinfo:
+        subprocess.check_output([sys.executable, str(app)], stderr=subprocess.STDOUT)
+
+    output = excinfo.value.output.decode("utf-8")
+
+    assert "ZeroDivisionError" in output
+    assert "'code_variables':" not in output
+    assert '"code_variables":' not in output
+    assert "'my_string'" not in output
+    assert "'my_number'" not in output
+
+
+def test_code_variables_enabled_then_disabled_in_context(tmpdir):
+    app = tmpdir.join("app.py")
+    app.write(
+        dedent(
+            """
+    import os
+    import posthog
+    from posthoganalytics import Posthog
+    
+    posthog_client = Posthog(
+        'phc_x', 
+        host='https://eu.i.posthog.com', 
+        debug=True, 
+        enable_exception_autocapture=True,
+        capture_exception_code_variables=True,
+        project_root=os.path.dirname(os.path.abspath(__file__))
+    )
+    
+    def process_data():
+        my_var = "should not be captured"
+        important_value = 123
+        
+        1/0
+    
+    with posthog.new_context(client=posthog_client):
+        posthog.set_capture_exception_code_variables_context(False)
+        
+        process_data()
+    """
+        )
+    )
+
+    with pytest.raises(subprocess.CalledProcessError) as excinfo:
+        subprocess.check_output([sys.executable, str(app)], stderr=subprocess.STDOUT)
+
+    output = excinfo.value.output.decode("utf-8")
+
+    assert "ZeroDivisionError" in output
+    assert "'code_variables':" not in output
+    assert '"code_variables":' not in output
+    assert "'my_var'" not in output
+    assert "'important_value'" not in output

posthoganalytics/version.py

@@ -1,4 +1,4 @@
-VERSION = "6.7.14"
+VERSION = "6.9.0"
 
 if __name__ == "__main__":
     print(VERSION, end="")  # noqa: T201

{posthoganalytics-6.7.14.dist-info → posthoganalytics-6.9.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: posthoganalytics
-Version: 6.7.14
+Version: 6.9.0
 Summary: Integrate PostHog into any python application.
 Home-page: https://github.com/posthog/posthog-python
 Author: Posthog