feat!: improve log sanitization (#550)

Author: DaveHanns

packages/log/src/log.ts

@@ -1,5 +1,5 @@
-import { LogFormat, LogLevel, PREFIX_DELIMITER } from './log_consts';
-import { getFormatFromEnv, getLevelFromEnv, limitDepth } from './log_helpers';
+import { LogFormat, LogLevel, PREFERRED_FIELDS, PREFIX_DELIMITER, TRUNCATION_FLAG_KEY, TRUNCATION_SUFFIX } from './log_consts';
+import { getFormatFromEnv, getLevelFromEnv, sanitizeData } from './log_helpers';
 import type { Logger } from './logger';
 import { LoggerJson } from './logger_json';
 import { LoggerText } from './logger_text';
@@ -12,12 +12,31 @@ export interface LoggerOptions {
     level?: number;
     /** Max depth of data object that will be logged. Anything deeper than the limit will be stripped off. */
     maxDepth?: number;
+    /**
+     * Factor by which the limits (`maxStringLength`, `maxArrayLength`, `maxFields`) will be adjusted at each depth level.
+     *
+     * Examples
+     * - If the factor is 0.5, the limits will be halved at each depth level.
+     * - If the factor is 1, the limits will be kept the same at each depth level.
+     * - If the factor is 2, the limits will be doubled at each depth level.
+     */
+    gradualLimitFactor?: number;
     /** Max length of the string to be logged. Longer strings will be truncated. */
     maxStringLength?: number;
+    /** Max number of array items to be logged. More items will be omitted. */
+    maxArrayLength?: number;
+    /** Max number of fields to be logged. More fields will be omitted. */
+    maxFields?: number;
+    /** Ordered list of fields that should be prioritized when logging objects. */
+    preferredFields?: PropertyKey[];
     /** Prefix to be prepended the each logged line. */
     prefix?: string | null;
     /** Suffix that will be appended the each logged line. */
     suffix?: string | null;
+    /** Suffix that will be appended to truncated strings, objects and arrays. */
+    truncationSuffix?: string;
+    /** Key of the flag property that will be added to the object if it is truncated. */
+    truncationFlagKey?: string;
     /**
      * Logger implementation to be used. Default one is log.LoggerText to log messages as easily readable
      * strings. Optionally you can use `log.LoggerJson` that formats each log line as a JSON.
@@ -27,6 +46,8 @@ export interface LoggerOptions {
     data?: Record<string, unknown>,
 }
 
+type AdditionalData = Record<string, any> | null;
+
 const getLoggerForFormat = (format: LogFormat): Logger => {
     switch (format) {
         case LogFormat.JSON:
@@ -40,15 +61,19 @@ const getLoggerForFormat = (format: LogFormat): Logger => {
 const getDefaultOptions = () => ({
     level: getLevelFromEnv(),
     maxDepth: 4,
-    maxStringLength: 2000,
+    gradualLimitFactor: 1 / 2, // at each depth level, the limits will be reduced by half
+    maxStringLength: 1000,
+    maxArrayLength: 500,
+    maxFields: 20,
+    preferredFields: [...PREFERRED_FIELDS],
     prefix: null,
     suffix: null,
+    truncationSuffix: TRUNCATION_SUFFIX,
+    truncationFlagKey: TRUNCATION_FLAG_KEY,
     logger: getLoggerForFormat(getFormatFromEnv()),
     data: {},
 });
 
-type AdditionalData = Record<string, any> | null;
-
 /**
  * The log instance enables level aware logging of messages and we advise
  * to use it instead of `console.log()` and its aliases in most development
@@ -122,22 +147,47 @@ export class Log {
 
     private options: Required<LoggerOptions>;
 
+    /** Maps preferred fields to their index for faster lookup */
+    private readonly preferredFieldsMap: Record<string, number>;
+
     private readonly warningsOnceLogged: Set<string> = new Set();
 
     constructor(options: Partial<LoggerOptions> = {}) {
         this.options = { ...getDefaultOptions(), ...options };
 
         if (!LogLevel[this.options.level]) throw new Error('Options "level" must be one of log.LEVELS enum!');
         if (typeof this.options.maxDepth !== 'number') throw new Error('Options "maxDepth" must be a number!');
+        if (typeof this.options.gradualLimitFactor !== 'number') throw new Error('Options "gradualLimitFactor" must be a number!');
         if (typeof this.options.maxStringLength !== 'number') throw new Error('Options "maxStringLength" must be a number!');
+        if (typeof this.options.maxArrayLength !== 'number') throw new Error('Options "maxArrayLength" must be a number!');
+        if (typeof this.options.maxFields !== 'number') throw new Error('Options "maxFields" must be a number!');
+        if (!Array.isArray(this.options.preferredFields)) throw new Error('Options "preferredFields" must be an array!');
         if (this.options.prefix && typeof this.options.prefix !== 'string') throw new Error('Options "prefix" must be a string!');
         if (this.options.suffix && typeof this.options.suffix !== 'string') throw new Error('Options "suffix" must be a string!');
+        if (typeof this.options.truncationSuffix !== 'string') throw new Error('Options "truncationSuffix" must be a string!');
+        if (typeof this.options.truncationFlagKey !== 'string') throw new Error('Options "truncationFlagKey" must be a string!');
         if (typeof this.options.logger !== 'object') throw new Error('Options "logger" must be an object!');
         if (typeof this.options.data !== 'object') throw new Error('Options "data" must be an object!');
+
+        this.preferredFieldsMap = Object.fromEntries(
+            this.options.preferredFields.map((field, index) => [field, index]),
+        );
     }
 
-    private _limitDepth(obj: any) {
-        return limitDepth(obj, this.options.maxDepth);
+    private _sanitizeData(obj: any) {
+        return sanitizeData(
+            obj,
+            {
+                maxDepth: this.options.maxDepth,
+                gradualLimitFactor: this.options.gradualLimitFactor,
+                maxStringLength: this.options.maxStringLength,
+                maxArrayLength: this.options.maxArrayLength,
+                maxFields: this.options.maxFields,
+                preferredFieldsMap: this.preferredFieldsMap,
+                truncationSuffix: this.options.truncationSuffix,
+                truncationFlagKey: this.options.truncationFlagKey,
+            },
+        );
     }
 
     /**
@@ -170,8 +220,8 @@ export class Log {
         if (level > this.options.level) return;
 
         data = { ...this.options.data, ...data };
-        data = Reflect.ownKeys(data).length > 0 ? this._limitDepth(data) : undefined;
-        exception = this._limitDepth(exception);
+        data = Reflect.ownKeys(data).length > 0 ? this._sanitizeData(data) : undefined;
+        exception = this._sanitizeData(exception);
 
         this.options.logger.log(level, message, data, exception, {
             prefix: this.options.prefix,

packages/log/src/log_consts.ts

@@ -13,19 +13,83 @@ export enum LogLevel {
     PERF = 6,
 }
 
+export const LEVELS = LogLevel;
+// Inverse of LEVELS = maps log level to string.
+export const LEVEL_TO_STRING = Object.keys(LogLevel).filter((x) => Number.isNaN(+x));
+
 export enum LogFormat {
     JSON = 'JSON',
     TEXT = 'TEXT',
 }
 
-export const PREFIX_DELIMITER = ':';
-export const LEVELS = LogLevel;
-
-// Inverse of LOG_LEVELS = maps log level to string.
-export const LEVEL_TO_STRING = Object.keys(LogLevel).filter((x) => Number.isNaN(+x));
-
 /**
  * A symbol used to mark a limited depth object as having come from an error
  * @internal
  */
 export const IS_APIFY_LOGGER_EXCEPTION = Symbol('apify.processed_error');
+
+export const PREFIX_DELIMITER = ':';
+
+export const TRUNCATION_FLAG_KEY = '[TRUNCATED]';
+export const TRUNCATION_SUFFIX = '...[truncated]';
+
+/** ID fields used in Apify system */
+export const PREFERRED_ID_FIELDS = [
+    '_id',
+    'id',
+    'userId',
+    'impersonatedUserId',
+    'impersonatingUserId',
+    'adminUserId',
+    'actorId',
+    'actorTaskId',
+    'taskId',
+    'buildId',
+    'buildNumber',
+    'runId',
+] as const;
+
+/** Standard JS Error fields */
+export const PREFERRED_ERROR_FIELDS = [
+    'name',
+    'message',
+    'stack',
+    'cause',
+] as const;
+
+/** Standard HTTP / network-related fields */
+export const PREFERRED_HTTP_FIELDS = [
+    'url',
+    'method',
+    'code',
+    'status',
+    'statusCode',
+    'statusText',
+] as const;
+
+/** API error fields used in Apify system */
+export const PREFERRED_API_ERROR_FIELDS = [
+    'errorCode',
+    'errorMessage',
+    'errorResponse',
+] as const;
+
+/** Potentially large or nested data fields */
+export const PREFERRED_DATA_FIELDS = [
+    'response',
+    'request',
+    'data',
+    'payload',
+    'details',
+    'exception',
+    'config',
+    'headers',
+] as const;
+
+export const PREFERRED_FIELDS = [
+    ...PREFERRED_ID_FIELDS,
+    ...PREFERRED_ERROR_FIELDS,
+    ...PREFERRED_HTTP_FIELDS,
+    ...PREFERRED_API_ERROR_FIELDS,
+    ...PREFERRED_DATA_FIELDS,
+] as const;

packages/log/src/log_helpers.ts

@@ -1,12 +1,18 @@
 import { APIFY_ENV_VARS } from '@apify/consts';
 
-import { IS_APIFY_LOGGER_EXCEPTION, LogFormat, LogLevel } from './log_consts';
+import {
+    IS_APIFY_LOGGER_EXCEPTION,
+    LogFormat,
+    LogLevel,
+    TRUNCATION_FLAG_KEY,
+    TRUNCATION_SUFFIX,
+} from './log_consts';
 
 /**
  * Ensures a string is shorter than a specified number of character, and truncates it if not, appending a specific suffix to it.
  * (copied from utilities package so logger do not have to depend on all of its dependencies)
  */
-export function truncate(str: string, maxLength: number, suffix = '...[truncated]'): string {
+export function truncate(str: string, maxLength: number, suffix = TRUNCATION_SUFFIX): string {
     maxLength = Math.floor(maxLength);
 
     // TODO: we should just ignore rest of the suffix...
@@ -53,55 +59,115 @@ export function getFormatFromEnv(): LogFormat {
     }
 }
 
+type SanitizeDataOptions = {
+    maxDepth?: number;
+    gradualLimitFactor?: number;
+    maxStringLength?: number;
+    maxArrayLength?: number;
+    maxFields?: number;
+    preferredFieldsMap?: Record<PropertyKey, number>;
+    truncationSuffix?: string;
+    truncationFlagKey?: string;
+};
+
 /**
- * Limits given object to given depth and escapes function with [function] string.
+ * Sanitizes given object based on the given options.
  *
  * ie. Replaces object's content by '[object]' and array's content
- * by '[array]' when the value is nested more than given limit.
+ * by '[array]' when the value is nested more than given depth limit.
  */
-export function limitDepth<T>(record: T, depth: number, maxStringLength?: number): T | undefined {
+export function sanitizeData(data: unknown, options: SanitizeDataOptions): unknown {
+    const {
+        maxDepth = Infinity,
+        gradualLimitFactor = 1,
+        maxStringLength = Infinity,
+        maxArrayLength = Infinity,
+        maxFields = Infinity,
+        preferredFieldsMap = {},
+        truncationSuffix = TRUNCATION_SUFFIX,
+        truncationFlagKey = TRUNCATION_FLAG_KEY,
+    } = options;
+
     // handle common cases quickly
-    if (typeof record === 'string') {
-        return maxStringLength && record.length > maxStringLength ? truncate(record, maxStringLength) as unknown as T : record;
+    if (typeof data === 'string') {
+        return data.length > maxStringLength
+            ? truncate(data, maxStringLength, truncationSuffix)
+            : data;
     }
 
-    if (['number', 'boolean', 'symbol', 'bigint'].includes(typeof record) || record == null || record instanceof Date) {
-        return record;
+    if (['number', 'boolean', 'symbol', 'bigint'].includes(typeof data) || data == null || data instanceof Date) {
+        return data;
     }
 
     // WORKAROUND: Error's properties are not iterable, convert it to a simple object and preserve custom properties
     // NOTE: _.isError() doesn't work on Match.Error
-    if (record instanceof Error) {
-        const { name, message, stack, cause, ...rest } = record;
-        record = { name, message, stack, cause, ...rest, [IS_APIFY_LOGGER_EXCEPTION]: true } as unknown as T;
+    if (data instanceof Error) {
+        const { name, message, stack, cause, ...rest } = data;
+        data = { name, message, stack, cause, ...rest, [IS_APIFY_LOGGER_EXCEPTION]: true };
     }
 
-    const nextCall = (rec: T) => limitDepth(rec, depth - 1, maxStringLength);
-
-    if (Array.isArray(record)) {
-        return (depth ? record.map(nextCall) : '[array]') as unknown as T;
+    const nextCall = (dat: unknown) => sanitizeData(
+        dat,
+        {
+            ...options,
+            maxDepth: maxDepth - 1,
+            maxStringLength: Math.max(
+                Math.floor(maxStringLength * gradualLimitFactor),
+                truncationSuffix.length, // always at least the length of the truncation suffix
+            ),
+            maxArrayLength: Math.floor(maxArrayLength * gradualLimitFactor),
+            maxFields: Math.floor(maxFields * gradualLimitFactor),
+        },
+    );
+
+    if (Array.isArray(data)) {
+        if (maxDepth <= 0) return '[array]';
+
+        const sanitized = data.slice(0, maxArrayLength).map(nextCall);
+
+        if (data.length > maxArrayLength) {
+            sanitized.push(truncationSuffix);
+        }
+
+        return sanitized;
     }
 
-    if (typeof record === 'object' && record !== null) {
-        const mapObject = <U extends Record<PropertyKey, any>> (obj: U) => {
-            const res = {} as U;
-            Reflect.ownKeys(obj).forEach((key: keyof U) => {
-                res[key as keyof U] = nextCall(obj[key]) as U[keyof U];
-            });
-            return res;
-        };
+    if (typeof data === 'object' && data !== null) {
+        if (maxDepth <= 0) return '[object]';
+
+        // Sort preferred fields to the front
+        const allKeys = Reflect.ownKeys(data);
+        allKeys.sort((a, b) => {
+            const aIndex = preferredFieldsMap[String(a)] ?? -1;
+            const bIndex = preferredFieldsMap[String(b)] ?? -1;
+
+            if (aIndex === -1 && bIndex === -1) return 0; // none is preferred
+            if (aIndex === -1) return 1; // a is not preferred
+            if (bIndex === -1) return -1; // b is not preferred
+            return aIndex - bIndex; // both are preferred, sort by index
+        });
+
+        // Sanitize only up to maxFields fields (keeping preferred ones first)
+        const sanitized: Record<PropertyKey, unknown> = {};
+        allKeys
+            .slice(0, maxFields)
+            .forEach((key) => { sanitized[key] = nextCall(data[key as keyof typeof data]); });
+
+        if (allKeys.length > maxFields) {
+            sanitized[truncationFlagKey] = true;
+        }
 
-        return depth ? mapObject(record) : '[object]' as unknown as T;
+        return sanitized;
     }
 
     // Replaces all function with [function] string
-    if (typeof record === 'function') {
-        return '[function]' as unknown as T;
+    if (typeof data === 'function') {
+        return '[function]';
     }
 
     // this shouldn't happen
     // eslint-disable-next-line no-console
-    console.log(`WARNING: Object cannot be logged: ${record}`);
+    console.log(`WARNING: Object cannot be logged: ${data}`);
 
     return undefined;
 }