Configure default sensitive fields #24
Conversation
src/index.ts
Outdated
|
|
||
| constructor(serviceName: string, applicationName: string, correlationId: string | null = null) { | ||
| constructor(serviceName: string, applicationName: string, options: LoggerOptions = {}) { |
There was a problem hiding this comment.
We need to decide what to do with it. I see 3 options:
We accept the breaking change. As this project is quite new and not widely used, we go and fix the issue everywhere we are using it (which is not a lot of places)
We do a MAJOR version bump
We do backward compatible change. (i.e. if options is a string, we consider it's correlationId).
I would personally probably go with 3 since it's not a big change and it avoids breaking anything. Maybe 1 if we are sure we are only using it internally.
It's still early for numbing to v2 already 😄
There was a problem hiding this comment.
Yes, I was thinking multiple times to move in the correlationId arg to new options. We define it with setCorrelationId() instead in our projects. I agree since it's still very early, we can simplify it from now.
There was a problem hiding this comment.
It supports both old/new constructor style now
src/index.ts
Outdated
| this.defaultSensitiveAttributes = [...Logger.DEFAULT_SENSITIVE_ATTRIBUTES]; | ||
|
|
||
| // Handle custom sensitive attributes | ||
| if (options.overrideSensitiveAttributes) { | ||
| this.defaultSensitiveAttributes = options.overrideSensitiveAttributes; | ||
| } else if (options.additionalSensitiveAttributes) { | ||
| this.defaultSensitiveAttributes = [...this.defaultSensitiveAttributes, ...options.additionalSensitiveAttributes]; | ||
| } |
There was a problem hiding this comment.
Nit-pick
| this.defaultSensitiveAttributes = [...Logger.DEFAULT_SENSITIVE_ATTRIBUTES]; | |
| // Handle custom sensitive attributes | |
| if (options.overrideSensitiveAttributes) { | |
| this.defaultSensitiveAttributes = options.overrideSensitiveAttributes; | |
| } else if (options.additionalSensitiveAttributes) { | |
| this.defaultSensitiveAttributes = [...this.defaultSensitiveAttributes, ...options.additionalSensitiveAttributes]; | |
| } | |
| // Handle custom sensitive attributes | |
| if (options.overrideSensitiveAttributes) { | |
| this.defaultSensitiveAttributes = options.overrideSensitiveAttributes; | |
| } else { | |
| this.defaultSensitiveAttributes = [ | |
| ...Logger.DEFAULT_SENSITIVE_ATTRIBUTES, | |
| ...(options.additionalSensitiveAttributes || []) | |
| ]; | |
| } |
src/index.ts
Outdated
| @@ -99,7 +114,7 @@ class Logger { | |||
| }; | |||
|
|
|||
| // Merge default sensitive attributes with custom ones | |||
| const attributesToMask = new Set([...defaultSensitiveAttributes, ...arrayToLowerCase(sensitiveAttributes)]); | |||
| const attributesToMask = new Set([...this.defaultSensitiveAttributes, ...arrayToLowerCase(sensitiveAttributes)]); | |||
There was a problem hiding this comment.
as we discussed offline, it would be great if Logger.log was also able to override.
e.g.
// Let's log all the things 🪄
logger.log('info', 'My data', { secret: 'superseretthing', password: 'm1Pa$$w0rd' }, { overrideSensitiveAttributes: [] });// Print user but hide sensible things
logger.log('info', 'My datauser', user, { additionalSensitiveAttributes: ['firstName', 'lastname', 'email'] });There was a problem hiding this comment.
it supports both style old and new plan now
src/index.ts
Outdated
| this.defaultSensitiveAttributes = [...Logger.DEFAULT_SENSITIVE_ATTRIBUTES]; | ||
| // Clear any custom sensitive attributes that were added through log methods | ||
| this.log("info", "Sensitive attributes have been reset to defaults", {}, {}, []); | ||
| } |
There was a problem hiding this comment.
Is this this.log necessary? I would not log things inside the logger, lol.
Also, let's discuss what "reset" this should really do.
Should it reset to the "default" list (Logger.DEFAULT_SENSITIVE_ATTRIBUTES)
Or should it set it back to what we passed in the constructor??
I think reset only makes sense if you can "set"/change it outside of the constructor.
Because once you reset it you can't change it back to something else.
There was a problem hiding this comment.
this.log is to reset "sensitiveAttributes". This reset method to clear out both default and sensitiveAttributes.
Yes, we can add "set" along with reset if we agree with this feature. It's just my bet to see if it's useful or not?
There was a problem hiding this comment.
What I was asking in my first question i why do we need this line
this.log("info", "Sensitive attributes have been reset to defaults", {}, {}, []);Regarding the second point. Wither we have a setSesitiveAttributes, or we remove this resetSensitiveAttributes. I think the second does not make sense without the first.
For now, I would simply remove it. I don't see it useful at all
src/index.ts
Outdated
| this.defaultSensitiveAttributes = [...Logger.DEFAULT_SENSITIVE_ATTRIBUTES]; | ||
| // Clear any custom sensitive attributes that were added through log methods | ||
| this.log("info", "Sensitive attributes have been reset to defaults", {}, {}, []); | ||
| } |
There was a problem hiding this comment.
What I was asking in my first question i why do we need this line
this.log("info", "Sensitive attributes have been reset to defaults", {}, {}, []);Regarding the second point. Wither we have a setSesitiveAttributes, or we remove this resetSensitiveAttributes. I think the second does not make sense without the first.
For now, I would simply remove it. I don't see it useful at all
src/index.ts
Outdated
| @@ -277,7 +312,7 @@ class Logger { | |||
| message: string = "", | |||
| payload: JSONValue | Error = {}, | |||
| context: JSONObject = {}, | |||
| sensitiveAttributes: StringArray = [] | |||
| sensitiveAttributes: StringArray | LoggerOptions = [] | |||
There was a problem hiding this comment.
I would not re-use the constructor's LoggerOptions here.
The constructor might have some options that we don't want here.
Please use a separate type here
There was a problem hiding this comment.
Separate it with inheritance interface
src/index.ts
Outdated
| inputOptions = { additionalSensitiveAttributes: options }; | ||
| } else { | ||
| inputOptions = options; | ||
| } |
There was a problem hiding this comment.
Please move this up all the way to the top of the method
README.md
Outdated
| ``` | ||
|
|
||
| - **serviceName** [string, mandatory]: Added to each log output | ||
| - **applicationName** [string, mandatory]: Defines the Namespace for metrics | ||
| - **correlationId** [string, optional]: A new UUIDv4 is generated when not defined. Added to each log output. | ||
| - **options** [object | string | null, optional]: Configuration options |
There was a problem hiding this comment.
Don't mention string here, or mention that it is deprecated.
We keep it only for backward compatibility purpose.
| - **options** [object | string | null, optional]: Configuration options | ||
| - **correlationId** [string, optional]: A new UUIDv4 is generated when not defined. Added to each log output. | ||
| - **additionalSensitiveAttributes** [string[], optional]: Add new sensitive attributes to the pre-defined defaults | ||
| - **overrideSensitiveAttributes** [string[], optional]: Completely override the default sensitive attributes |
There was a problem hiding this comment.
These 3 are in option. We should make that clear.
Through the discussion issue below:
#21
We are able to redefining the default sensitive fields when Logger initialization