Merge pull request #154 from OpenPathfinder/rework-logger

Migrated to Pino with improved logger levels and initialization, added `pino@9.5.0` and `pino-pretty@13.0.0` as dependencies, enhanced CLI feedback messages, and improved handling of sensitive information in the logger to prevent leaks (closes #132).
OpenPathfinder · Dec 17, 2024 · 98878a4 · 98878a4
2 parents b62b7f1 + dd03cbc
commit 98878a4
Show file tree

Hide file tree

Showing 10 changed files with 275 additions and 39 deletions.
diff --git a/__tests__/utils.test.js b/__tests__/utils.test.js
@@ -1,4 +1,4 @@
-const { validateGithubUrl, ensureGithubToken, groupArrayItemsByCriteria, isCheckApplicableToProjectCategory, getSeverityFromPriorityGroup, isDateWithinPolicy } = require('../src/utils/index')
+const { validateGithubUrl, ensureGithubToken, groupArrayItemsByCriteria, isCheckApplicableToProjectCategory, getSeverityFromPriorityGroup, isDateWithinPolicy, redactSensitiveData } = require('../src/utils/index')
 
 describe('ensureGithubToken', () => {
   let originalGithubToken
@@ -156,3 +156,15 @@ describe('isDateWithinPolicy', () => {
     expect(() => isDateWithinPolicy(undefined, policy)).toThrow('Target date is required')
   })
 })
+
+describe('redactSensitiveData', () => {
+  it('should redact sensitive data from a string', () => {
+    const input = 'This has a token: ghp_234 and other information'
+    const expected = 'This has a token: [REDACTED] and other information'
+    expect(redactSensitiveData(input)).toBe(expected)
+  })
+  it('Should return the same string if no sensitive data is found', () => {
+    const input = 'This is a normal string'
+    expect(redactSensitiveData(input)).toBe(input)
+  })
+})
diff --git a/index.js b/index.js
@@ -20,7 +20,7 @@ project
     try {
       await runAddProjectCommand(knex, options)
     } catch (error) {
-      logger.error('Error adding project:', error.message)
+      logger.error(error)
       process.exit(1)
     } finally {
       await knex.destroy()
@@ -38,7 +38,7 @@ workflow
     try {
       await runWorkflowCommand(knex, options)
     } catch (error) {
-      logger.error('Error running workflow:', error.message)
+      logger.error(error)
       process.exit(1)
     } finally {
       await knex.destroy()
@@ -62,7 +62,7 @@ check
     try {
       await listCheckCommand(knex, options)
     } catch (error) {
-      logger.error('Error running check:', error.message)
+      logger.error(error)
       process.exit(1)
     } finally {
       await knex.destroy()
@@ -77,7 +77,7 @@ check
     try {
       await runCheckCommand(knex, options)
     } catch (error) {
-      logger.error('Error running check:', error.message)
+      logger.error(error)
       process.exit(1)
     } finally {
       await knex.destroy()

diff --git a/package-lock.json b/package-lock.json