Logger package updates + NPM Trusted Publishing

.github/workflows/publish-package.yml

@@ -38,6 +38,11 @@ jobs:
         id: vars
         run: |
           echo "dir=packages/${{ inputs.package }}" >> ${GITHUB_OUTPUT}
+          if [ "${{ inputs.increment-type }}" = "prerelease" ]; then
+            echo "npmtag=next" >> ${GITHUB_OUTPUT}
+          else
+            echo "npmtag=latest" >> ${GITHUB_OUTPUT}
+          fi
 
       - name: Checkout
         id: checkout
@@ -49,14 +54,6 @@ jobs:
         with:
           node-version-file: "${{ steps.vars.outputs.dir }}/package.json"
 
-      - name: Setup .npmrc
-        id: npmrc
-        working-directory: ${{ steps.vars.outputs.dir }}
-        run: |
-          echo 'registry=https://registry.npmjs.org/' >> .npmrc
-          echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' >> .npmrc
-          echo 'always-auth=true' >> .npmrc
-
       # we could add this to devDependencies but we'd have to do it for every package
       # so might as well just install it inside the action
       - name: Install semver
@@ -69,8 +66,8 @@ jobs:
         working-directory: ${{ steps.vars.outputs.dir }}
         run: npm ci
 
-      - name: Compute new tag
-        id: compute-tag
+      - name: Compute new version
+        id: compute-version
         uses: actions/github-script@v7
         with:
           result-encoding: string
@@ -132,9 +129,9 @@ jobs:
       - name: Write new version to file
         working-directory: ${{ steps.vars.outputs.dir }}
         run: |
-          jq '.version = "${{ steps.compute-tag.outputs.result }}"' package.json > package.json.tmp
-          jq '.version = "${{ steps.compute-tag.outputs.result }}"' package-lock.json > package-lock.tmp1.json
-          jq '.packages."".version = "${{ steps.compute-tag.outputs.result }}"' package-lock.tmp1.json > package-lock.json.tmp
+          jq '.version = "${{ steps.compute-version.outputs.result }}"' package.json > package.json.tmp
+          jq '.version = "${{ steps.compute-version.outputs.result }}"' package-lock.json > package-lock.tmp1.json
+          jq '.packages."".version = "${{ steps.compute-version.outputs.result }}"' package-lock.tmp1.json > package-lock.json.tmp
 
           mv package.json.tmp package.json
           mv package-lock.json.tmp package-lock.json
@@ -143,9 +140,7 @@ jobs:
       - name: NPM Publish
         id: publish
         working-directory: ${{ steps.vars.outputs.dir }}
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-        run: npm publish --provenance --access public
+        run: npm publish --provenance --access public --tag ${{ steps.vars.outputs.npmtag }}
 
       - name: Commit and push changes
         id: commit-and-push
@@ -157,9 +152,9 @@ jobs:
           files: |
             package.json
             package-lock.json
-          message: "publish: ${{ steps.extract-package-name.outputs.result }} v${{ steps.compute-tag.outputs.result }}"
+          message: "publish: ${{ steps.extract-package-name.outputs.result }} v${{ steps.compute-version.outputs.result }}"
           long-message: This commit was generated by GitHub Actions CI
-          tag: "${{ steps.extract-package-name.outputs.result }}@${{ steps.compute-tag.outputs.result }}"
-          tag-message: "${{ steps.extract-package-name.outputs.result }}@${{ steps.compute-tag.outputs.result }}"
+          tag: "${{ steps.extract-package-name.outputs.result }}@${{ steps.compute-version.outputs.result }}"
+          tag-message: "${{ steps.extract-package-name.outputs.result }}@${{ steps.compute-version.outputs.result }}"
           repository: ${{ github.repository }}
           branch: ${{ github.ref_name }}

packages/logger/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@saasquatch/logger",
-  "version": "2.0.0",
+  "version": "2.0.1-3",
   "description": "Thin wrapper around Winston to provide unified logging across SaaSquatch NodeJS services",
   "private": false,
   "publishConfig": {

packages/logger/src/plugins.ts

@@ -1,7 +1,8 @@
 import type { Request, Response } from "express";
 import winston from "winston";
-import { LogLevel } from "./config";
+import type { LogLevel } from "./config";
 import { LOG_TYPE_MARKER } from "./logger";
+import { URL } from "node:url";
 
 export type HttpLogMiddlewareOptions = {
   nonErrorLogLevel?: LogLevel;
@@ -11,6 +12,21 @@ export type HttpLogMiddlewareOptions = {
 
 const HEALTHCHECK_ENDPOINTS = ["/healthz", "/livez", "/readyz"];
 
+// the URLs from express don't come with an origin
+// but it's necessary for `new URL()` to be able to parse
+// the path and query parameters
+const PHONY_ORIGIN = "http://localhost";
+
+const STRIP_PARAMS = [
+  "itoken",
+  "token",
+  "jwt",
+  "auth",
+  "password",
+  "bearer",
+  "key",
+];
+
 /**
  * A simple Express.js middleware which logs the URL, method, response code,
  * and response time of all HTTP requests.
@@ -34,8 +50,11 @@ export function httpLogMiddleware(
         return;
       }
 
-      const url = req.originalUrl;
-      const isHealthcheck = HEALTHCHECK_ENDPOINTS.includes(url ?? "");
+      const rawUrl = new URL(`${PHONY_ORIGIN}${req.originalUrl}`);
+      STRIP_PARAMS.forEach((p) => rawUrl.searchParams.delete(p));
+      const cleanUrl = rawUrl.toString().replace(PHONY_ORIGIN, "");
+
+      const isHealthcheck = HEALTHCHECK_ENDPOINTS.includes(cleanUrl ?? "");
       if (isHealthcheck && opts?.logHealthchecks === false) {
         return;
       }
@@ -51,6 +70,10 @@ export function httpLogMiddleware(
       const method = req.method;
       const requestId = res.locals?.requestId;
 
+      const extraData = res.locals?.extraData as
+        | Record<string, any>
+        | undefined;
+
       const level =
         status >= 500
           ? "error"
@@ -60,8 +83,8 @@ export function httpLogMiddleware(
           ? "debug"
           : opts?.nonErrorLogLevel ?? "info";
 
-      const message = { method, status, time, url, requestId };
-      logger.log(level, { [LOG_TYPE_MARKER]: "HTTP", message });
+      const message = { method, status, time, url: cleanUrl, requestId };
+      logger.log(level, { [LOG_TYPE_MARKER]: "HTTP", message, extraData });
     });
 
     next();