@snapshot-labs/snapshot-sentry
Advanced tools
Comparing version 1.1.0 to 1.2.0
@@ -0,4 +1,8 @@ | ||
/// <reference types="node" /> | ||
import * as Sentry from '@sentry/node'; | ||
import type { Express } from 'express'; | ||
export declare function scrubData(exception: Sentry.Exception, regex: RegExp): void; | ||
export declare function sensitiveDataToScrub(collection: NodeJS.ProcessEnv): false | RegExp; | ||
export declare function initLogger(app?: Express): void; | ||
export declare function fallbackLogger(app?: Express): void; | ||
export declare function capture(e: any, captureContext?: any): void; |
@@ -26,8 +26,30 @@ "use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.capture = exports.fallbackLogger = exports.initLogger = void 0; | ||
exports.capture = exports.fallbackLogger = exports.initLogger = exports.sensitiveDataToScrub = exports.scrubData = void 0; | ||
const Sentry = __importStar(require("@sentry/node")); | ||
const DEFAULT_TRACE_SAMPLE_RATE = '0.01'; | ||
const SCRUB_MASK = '[Filtered]'; | ||
function shouldDisable() { | ||
return !process.env.SENTRY_DSN; | ||
} | ||
function scrubData(exception, regex) { | ||
if (exception.value) { | ||
exception.value = exception.value.replaceAll(/\?(apiKey)=[a-zA-Z0-9]+/gi, `?$1=${SCRUB_MASK}`); | ||
exception.value = exception.value.replaceAll(regex, SCRUB_MASK); | ||
} | ||
} | ||
exports.scrubData = scrubData; | ||
function sensitiveDataToScrub(collection) { | ||
const stringsToScrub = Object.keys(collection) | ||
.filter(k => k.match(/_(KEY|API|SECRET|TOKEN)$/i)) | ||
.map(key => collection[key]) | ||
.filter(key => key); | ||
if (stringsToScrub.length === 0) { | ||
return false; | ||
} | ||
return new RegExp(stringsToScrub | ||
.map(s => s.replace(/[()[\]{}*+?^$|#.,\/\\\s-]/g, '\\$&')) | ||
.sort((a, b) => b.length - a.length) | ||
.join('|'), 'gi'); | ||
} | ||
exports.sensitiveDataToScrub = sensitiveDataToScrub; | ||
function initLogger(app) { | ||
@@ -45,6 +67,14 @@ if (shouldDisable()) { | ||
} | ||
const regexToScrub = sensitiveDataToScrub(process.env); | ||
console.log(regexToScrub); | ||
Sentry.init({ | ||
dsn: process.env.SENTRY_DSN, | ||
integrations, | ||
tracesSampleRate: parseFloat(process.env.SENTRY_TRACE_SAMPLE_RATE ?? DEFAULT_TRACE_SAMPLE_RATE) | ||
tracesSampleRate: parseFloat(process.env.SENTRY_TRACE_SAMPLE_RATE ?? DEFAULT_TRACE_SAMPLE_RATE), | ||
beforeSend(event) { | ||
for (const exception of event.exception?.values ?? []) { | ||
regexToScrub && scrubData(exception, regexToScrub); | ||
} | ||
return event; | ||
} | ||
}); | ||
@@ -51,0 +81,0 @@ if (app) { |
{ | ||
"name": "@snapshot-labs/snapshot-sentry", | ||
"version": "1.1.0", | ||
"version": "1.2.0", | ||
"license": "MIT", | ||
@@ -8,7 +8,8 @@ "main": "dist/index.js", | ||
"scripts": { | ||
"build": "tsc", | ||
"lint": "eslint ./src --ext .ts", | ||
"typecheck": "tsc --noEmit", | ||
"build": "tsc", | ||
"prepare": "yarn build", | ||
"prepublishOnly": "yarn run lint" | ||
"prepublishOnly": "yarn run lint", | ||
"test": "jest test" | ||
}, | ||
@@ -23,3 +24,3 @@ "eslintConfig": { | ||
"engines": { | ||
"node": ">=14 < 17 || 18" | ||
"node": ">=16 < 17 || >= 18" | ||
}, | ||
@@ -30,6 +31,9 @@ "devDependencies": { | ||
"@types/express": "^4.17.17", | ||
"@types/jest": "^29.5.4", | ||
"@types/node": "^20.4.5", | ||
"eslint": "^8.36.0", | ||
"eslint-plugin-prettier": "5", | ||
"jest": "^29.6.4", | ||
"prettier": "^3.0.0", | ||
"ts-jest": "^29.1.1", | ||
"ts-node": "^10.9.1", | ||
@@ -36,0 +40,0 @@ "typescript": "^5.1.6" |
@@ -5,2 +5,3 @@ import * as Sentry from '@sentry/node'; | ||
const DEFAULT_TRACE_SAMPLE_RATE = '0.01'; | ||
const SCRUB_MASK = '[Filtered]'; | ||
@@ -11,2 +12,28 @@ function shouldDisable() { | ||
export function scrubData(exception: Sentry.Exception, regex: RegExp) { | ||
if (exception.value) { | ||
exception.value = exception.value.replaceAll(/\?(apiKey)=[a-zA-Z0-9]+/gi, `?$1=${SCRUB_MASK}`); | ||
exception.value = exception.value.replaceAll(regex, SCRUB_MASK); | ||
} | ||
} | ||
export function sensitiveDataToScrub(collection: NodeJS.ProcessEnv) { | ||
const stringsToScrub = Object.keys(collection) | ||
.filter(k => k.match(/_(KEY|API|SECRET|TOKEN)$/i)) | ||
.map(key => collection[key]) | ||
.filter(key => key) as string[]; | ||
if (stringsToScrub.length === 0) { | ||
return false; | ||
} | ||
return new RegExp( | ||
stringsToScrub | ||
.map(s => s.replace(/[()[\]{}*+?^$|#.,\/\\\s-]/g, '\\$&')) | ||
.sort((a, b) => b.length - a.length) | ||
.join('|'), | ||
'gi' | ||
); | ||
} | ||
export function initLogger(app?: Express) { | ||
@@ -27,6 +54,15 @@ if (shouldDisable()) { | ||
const regexToScrub = sensitiveDataToScrub(process.env); | ||
console.log(regexToScrub); | ||
Sentry.init({ | ||
dsn: process.env.SENTRY_DSN, | ||
integrations, | ||
tracesSampleRate: parseFloat(process.env.SENTRY_TRACE_SAMPLE_RATE ?? DEFAULT_TRACE_SAMPLE_RATE) | ||
tracesSampleRate: parseFloat(process.env.SENTRY_TRACE_SAMPLE_RATE ?? DEFAULT_TRACE_SAMPLE_RATE), | ||
beforeSend(event) { | ||
for (const exception of event.exception?.values ?? []) { | ||
regexToScrub && scrubData(exception, regexToScrub); | ||
} | ||
return event; | ||
} | ||
}); | ||
@@ -33,0 +69,0 @@ |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
11758
7
193
12
5