Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(tracer): update warning to better format segment name #1750

Merged
merged 2 commits into from
Oct 18, 2023

Conversation

dreamorosi
Copy link
Contributor

@dreamorosi dreamorosi commented Oct 18, 2023

Description of your changes

As discussed in the linked issue, the Tracer utility logs a warning when it can't manipulate a segment. This is done to avoid throwing an error and blocking customer code and he log includes the name of the segment that threw an error.

Prior to this PR the name of the segment is included by concatenating a string with a non-literal variable, which according to Semgrep guidance can allow an attacker to inject a format specifier in the string and forge the log message.

This PR removes the string concatenation in favor of using the format function on the console object (i.e. console.warn('hello %s', 'Bob');) so that the string interpolation is handled by the language.

Related issues, RFCs

Issue number: #1749

Checklist

  • My changes meet the tenets criteria
  • I have performed a self-review of my own code
  • I have commented my code where necessary, particularly in areas that should be flagged with a TODO, or hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my change is effective and works
  • The PR title follows the conventional commit semantics

Breaking change checklist

Is it a breaking change?: NO

  • I have documented the migration process
  • I have added, implemented necessary warnings (if it can live side by side)

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created on non-triaged issues might not be successful.

@dreamorosi dreamorosi requested a review from a team as a code owner October 18, 2023 12:33
@dreamorosi dreamorosi self-assigned this Oct 18, 2023
@boring-cyborg boring-cyborg bot added tracer This item relates to the Tracer Utility tests PRs that add or change tests labels Oct 18, 2023
@pull-request-size pull-request-size bot added the size/S PR between 10-29 LOC label Oct 18, 2023
@dreamorosi dreamorosi linked an issue Oct 18, 2023 that may be closed by this pull request
2 tasks
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@dreamorosi dreamorosi merged commit c63f656 into main Oct 18, 2023
10 checks passed
@dreamorosi dreamorosi deleted the chore/tracer/template_string_warning branch October 18, 2023 12:43
dreamorosi added a commit that referenced this pull request Oct 18, 2023
* chore(tracer): update warning in Tracer to better format segment name

* chore: linting
dreamorosi added a commit that referenced this pull request Apr 15, 2024
* init parser package

* add init config

* feat(logger): Support for external observability providers (#1511)

* Updated formatAttributes for additional parameters and LogItem return type

* Updated the unit tests to pass with new formatter

* Updated Powertool named objects to Powertools

* Updated tests to match new naming consistency

* Updated for tests for new naming consistency

* Updated formatter for new design decisions

* Update Logger for ephemeral attributes

* Update bringYourOwnFormatter documentation to match new formatter

---------

Co-authored-by: erikayao93 <[email protected]>

* chore(logger): PowertoolsLogFormatter docstring and variable naming update (#1585)

* Updated formatAttributes for additional parameters and LogItem return type

* Updated the unit tests to pass with new formatter

* Updated Powertool named objects to Powertools

* Updated tests to match new naming consistency

* Updated for tests for new naming consistency

* Updated formatter for new design decisions

* Update Logger for ephemeral attributes

* Update bringYourOwnFormatter documentation to match new formatter

* Fixed incorrect return type, renamed variable for consistency

* feat(logger): Support for external observability providers (#1511)

* Updated formatAttributes for additional parameters and LogItem return type

* Updated the unit tests to pass with new formatter

* Updated Powertool named objects to Powertools

* Updated tests to match new naming consistency

* Updated for tests for new naming consistency

* Updated formatter for new design decisions

* Update Logger for ephemeral attributes

* Update bringYourOwnFormatter documentation to match new formatter

---------

Co-authored-by: erikayao93 <[email protected]>

* chore(logger): PowertoolsLogFormatter docstring and variable naming update (#1585)

* Updated formatAttributes for additional parameters and LogItem return type

* Updated the unit tests to pass with new formatter

* Updated Powertool named objects to Powertools

* Updated tests to match new naming consistency

* Updated for tests for new naming consistency

* Updated formatter for new design decisions

* Update Logger for ephemeral attributes

* Update bringYourOwnFormatter documentation to match new formatter

* Fixed incorrect return type, renamed variable for consistency

* chore(maintenance): bump dependencies & drop nodejs14x (#1687)

* chore: update release script to mark all utilities as alpha

* chore: restore version to ease conflicts

* chore: release version change

* chore: release version change

* chore(maintenance): remove `createLogger` and `createTracer` helpers (#1722)

* chore(maintenance): bump dependencies & drop nodejs14x (#1687)

* chore: add pre-release script

* chore: restore deps

* chore: added v2 shim

* chore(maintenance): remove logger and tracer helper function

* chore: remove imports

* chore: fix deps & versions

* tests: moved unit tests

* tests: move logger tests

* chore: added v2 shim

* chore: added v2 shim

* feat(logger): add esmodule support (#1734)

* feat(logger): add esm build output

* fix(Logger): Remove barrel files update references

* test(Logger): update jest/ts-jest to use ESM

* chore(Logger): remove unused lodash.merge

* fix(logger): reinstate lodash.merge

* chore(logger): revert TS assertion

* chore(logger): revert format changes

* chore(logger): update postbuild to remove incremental tsbuildinfo files

* fix(logger): correct reference to types output

* feat(logging): add middleware export

* chore(logger): replace postbuild script with echo statement

* feat(logger): add typesVersions property and barrel files to /types

* chore(logger): file not used, can be added back if needed

* chore(logger): add space back to README

* chore(logger): revert space in README

* feat(commons): add esmodule support (#1735)

* chore(logger): adapt logger to commons exports

* feat(commons): add esmodule support

* chore: address sonar findings

* chore(commons): exported version

* chore: fixed imports in examples

* chore(parameters): fixed imports

* chore(metrics): fixed imports

* chore(tracer): fixed imports

* chore(idempotency): fixed imports

* chore(commons): test coverage

* chore(batch): fix imports

* feat(parameters): add esmodule support (#1736)

* feat(batch): add esmodule support (#1737)

* feat(internal): add esmodule support (#1738)

* feat(testing): add esmodule support

* chore(all): update imports

* feat(metrics): add esmodule support (#1739)

* feat(tracer): add esmodule support (#1741)

* feat(tracer): add esmodule support

* chore(docs): update imports

* feat(idempotency): add esmodule support  (#1743)

* feat(idempotency): add esmodule support

* chore(metrics): fix import

* chore(ci): v2 release line

* chore(ci): fix alpha versioning pre-release

* docs(maintenance): add processes tab (#1747)

* docs(maintenance): update mkdocs to support tabs

* chore(ci): add parallel test npm script

* chore(ci): add jest command

* docs(maintenance): add testing page to navbar

* docs(maintenance): add contributing info

* chore: update roadmap

* chore: update release drafter workflow to allow for manual trigger

* fix formatting

* docs: maintainers handbook

* chore: link to new location

* fix links

* Update docs/maintainers.md

Co-authored-by: Alexander Schueren <[email protected]>

---------

Co-authored-by: Alexander Schueren <[email protected]>

* chore(tracer): update warning to better format segment name (#1750)

* chore(tracer): update warning in Tracer to better format segment name

* chore: linting

* chore(internal): remove outdated notice files (#1752)

* chore(maintenance): set `removeComments` to` false` in `tsconfig.json` (#1754)

* chore(docs): add invisible unicode char to decorator docs (#1755)

* chore: remove extra comma

* chore(docs): upgrade doc intro

* chore(ci): add workflow to publish v2 docs on merge (#1756)

* chore(docs): upgrade doc intro

* chore(ci): remove mike commands

* chore(ci): upgrade mkdocs

* feat(logger): align sampling debug logs feature implementation with the other runtimes (#1744)

* test(logger): remove logsSampled field, add default sampleRateValue

* test(logger): add tests for sampling debug logs feature

* feat(logger): change implementation to make sampling decision at per-function level

* refactor(logger): remove redundant createLogger method

* refactor(logger): remove getSampleRateValue method

* test(logger): improve tests

* refactor(logger): return createLogger() back with the detailed comment of the method importance

* test(logger): add constructor/custom config/env var priority tests for sampling rate feature, improve description

* refactor(logger): address review comments

* feat(logger): add refreshSampleRateCalculation method and tests

* test(logger): adjust end-to-end tests

* chore(logger): refactor types and interfaces (#1758)

* chore(logger): refactor types and interfaces

* chore: grouped type files

* chore: fix code smell

* chore: fix ci

* chore: fix ci

* chore(maintenance): bump Middy v4 & run tests (#1760)

* chore(parameters): fix esm bundling

* chore(parameters): refactor provider constructor to init client as needed (#1757)

* chore(parameters): refactor provider constructor to init client as needed

* chore(parameters): moved client instrumentation up in baseprovider

* chore(parameters): fix code smells

* chore(parameters): fix code smells

* chore(parameters): change declare client param

* chore(commons): update Powertools UA middleware detection (#1762)

* chore(commons): fix double ua detection

* chore(commons): fix unit test

* chore(layers) widen version check in e2e

* chore(maintenance): enable `isolatedModules` and isolate cache (#1765)

* chore(layers) widen version check in e2e

* chore(maintenance): enable isolatedModules

* chore: remove redundant comments from tsconfig

* chore: changed path of tsbuild cache

* fix: idempotency types

* chore(idempotency): refactor aws sdk init logic (#1768)

* build(tracer): bump aws-xray-sdk-core to latest

* build(maintenance): bump aws sdk dev dependencies

* chore(logger): set default UTC timezone (#1775)

* chore(parameters): add export types

* chore(logger): set default utc timezone

* chore(logger): pass down envvarsservice to log formatter

* feat(parser): add built-in schemas (#1788)

* add dynamodb schema

* add alb

* add parser to v2 build

* fix test

* add alb

* add built-in schema

* add more tests for schemas

* remove index export

* add cloudwatch with base64 zlip transform

* add throw test case

* formatting

* add kafka schema

* restructured tests

* add vpc lattice and lattice v2

* s3 event notification should extend eventbridge

* s3 sqs should extend from sqs

* simplify cloudwatch extract from string

* keep message as string, instead of empty object

* fix detail type of eb and field names

* remove duplicated entries

* fix homepage URL in readme

* improved test coverage

* key and value are always present

* cleanup unnecessary definitions, widen peerDep version req

* Update packages/parser/src/schemas/cloudwatch.ts

Co-authored-by: Andrea Amorosi <[email protected]>

* clean up events, some fields are imaginary

* fix api gw

* fix broken IP addresses in examples

* add more tests to api gw

* fix apigw2 add more tests

* add optional scopes to apigwv2

* add optional field back to api gw, stricter methods for vpc lattice

* add test for messageId refinement

* remove redundant entry

* fix sqs

* add dmarcPolicy for ses

* added tests

* moved cw function from kinesis, fix imports

* add parser to build step in ci

* use any safely here

* removed console logs

* name, add datetime to strings

* narrow string to datetime

* refine to url

* imports, remove try/catch

* add .js extension to imports

* moved comment, fixed path

* rename event filename to fix events

---------

Co-authored-by: Andrea Amorosi <[email protected]>

* feat(parser): add schema envelopes (#1815)

* first envelope

* add abstract class

* add tests

* add more tests

* fix tests

* add envelopes

* add middy parser

* minor schema changes

* add more envelopes and tests, refactored utils to autocomplete event files

* simplified check

* remove middleware from this branch

* refactored from class to function envelopes

* removed parser tests, should be in another branch

* add parser to pre push

* consistent naming

* feat(parser): implement middy parser middleware (#1823)

* add middy middleware

* add type to imports

* remove schema type, stick with unkown

* feat(parser): implement parser decorator (#1831)

* feat(parser): add types for built-in schemas (#1838)

* add types for built-in schemas

* fixed imports

* only use top level schema

* chore(parser): add parser subpath exports to package.json (#2179)

* add exports and type version to package json, including index.js

* use index.js as import for coverage

* use package lock from main

* fix envelope path and add types to exports

* use explicit exports instead of *

* import type

* make export types explicit

* adjust imports in tests for coverage, removed unused exports

* remove duplicate imports

* feat(parser): implement `safeParse` option (#2244)

* first draft on safeParse with major refactoring

* add safeParse

* fixed sns tests

* bump coverage

* remove throw error and return ParsedResult

* remove one level to reduce complexity score

* make static methods readonly

* simplified cryptic  ternary operation into something readble

* Update packages/parser/src/parserDecorator.ts

Co-authored-by: Andrea Amorosi <[email protected]>

* merged

* simplify export

* add invisible character for decorator rendering

* fix docs and tests

* Update packages/parser/src/parserDecorator.ts

Co-authored-by: Andrea Amorosi <[email protected]>

* add comment with description

* remove context

* remove unintentional safeParse export

* add examples to parse standalone function

---------

Co-authored-by: Andrea Amorosi <[email protected]>

* refresh package lock after merge

* docs(parser): add docs for parser utility (#1835)

* WIP: parser

* fix test imports

* remove unnecessary exports

* add custom validation

* remove unnecessary export

* add warning

* remove duplicate imports

* add types and error handlig

* remove comment from annotations

* minor changes

* revert merge changes

* merged package-lock

* Update docs/utilities/parser.md

Co-authored-by: Andrea Amorosi <[email protected]>

* Update docs/utilities/parser.md

Co-authored-by: Andrea Amorosi <[email protected]>

* adjust imports to new implementation

* add safeParse

* fixed line highlight

* typo

* revert index.md, add private scope to snippets packagef

* Update docs/utilities/parser.md

Co-authored-by: Andrea Amorosi <[email protected]>

* add parser to main, fixed zod install command

* fix callout indent

* fix tooltip

---------

Co-authored-by: Andrea Amorosi <[email protected]>

* feat(parser): add custom parse error (#2339)

* chore: remove rebase leftovers

* docs(parser): add utility readme

---------

Co-authored-by: Alexander Melnyk <[email protected]>
Co-authored-by: Alexander Melnyk <[email protected]>
Co-authored-by: Erika Yao <[email protected]>
Co-authored-by: erikayao93 <[email protected]>
Co-authored-by: Ant Stanley <[email protected]>
Co-authored-by: Sergei Cherniaev <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
size/S PR between 10-29 LOC tests PRs that add or change tests tracer This item relates to the Tracer Utility
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Maintenance: update warning log in Tracer to better format segment name
1 participant