v15.2.1

Fixes no implicit conversion of nil into String when request includes bearer proc but no bearer token.

v15.2.0

• Stop reporting to Rollbar if errors are explicitly ignored.

v15.1.3

Fix re-authentication for the endpoints without auth options.

v15.1.2

Add sprockets-rails gem as a dev dependency

v15.1.1

When a request url did include a parameter which did not match any provided parameters to be scrubbed, then the app ran into:

expected LHC::NotFound, got #<NoMethodError: undefined method `[]' for nil:NilClass>

This release fixes that.

v15.1.0

Filter more sensitive data from request's cache key and from response's effective URL.
Introduce usage of local_uri for filtering the data from the effective URL.

v15.0.1

This release fixes FrozenError (can't modify frozen String: "[FILTERED]") which happened when the app configured config.scrubs[:headers] << 'Authorization' and a request with a bearer token or basic auth were made.

v15.0.0

Configuring scrubs

You can filter out sensitive request data from your log files and rollbar by appending them to LHS.config.scrubs. These values will be marked [FILTERED] in the log and on rollbar. Also nested parameters are being filtered.
The scrubbing configuration affects all request done by LHC independent of the endpoint. You can scrub any attribute within :params, :headers or :body. For :auth you either can choose :bearer or :basic (default is both).

LHS scrubs per default:

• Bearer Token within the Request Header
• Basic Auth username and password within the Request Header
• password and password_confirmation within the Request Body

Enhance the default scrubbing by pushing the name of the parameter, which should be scrubbed, as string to the existing configuration.
You can also add multiple parameters at once by pushing multiple strings.

Example:

  LHC.configure do |c|
    c.scrubs[:params] << 'api_key'
    c.scrubs[:body].push('user_token', 'secret_key')
  end

For disabling scrubbing, add following configuration:

  LHC.configure do |c|
    c.scrubs = {}
  end

If you want to turn off :bearer or :basic scrubbing, then just overwrite the :auth configuration.

Example:

  LHC.configure do |c|
    c.scrubs[:auth] = [:bearer]
  end

If your app has a different authentication strategy than Bearer Authentication or Basic Authentication then you can filter the data by scrubbing the whole header:

  LHC.configure do |c|
    c.scrubs[:headers] << 'Authorization'
  end

Major Changes
This Release automatically filters out sensitive data from the logs and rollbar notifications. No further changes needed.

v14.0.0

This release upgrades rubocop and switches GitHub Action from using actions/setup-ruby to use ruby/setup-ruby.
It also removes the localch specific rubocop rules. Now we only have .rubocop.yml.

Furthermore this PR disables following cops:

• Lint/DeprecatedConstants
• Lint/EmptyBlock
• Lint/EmptyClass
• Lint/OrAssignmentToConstant
• Lint/SymbolConversion
• Lint/NonDeterministicRequireOrder
• Lint/ConstantDefinitionInBlock
• Lint/ToJSON
• Layout/LineLength
• Style/HashConversion
• Style/NilLambda
• Style/SingleArgumentDig
• Style/OptionalBooleanParameter
• Style/CaseLikeIf
• Style/OptionalBooleanParameter
• Style/RedundantBegin
• Style/RedundantAssignment
• Performance/StringInclude

Major Changes
This version requires ruby 2.7 and higher

v13.2.0

Fix warning URI.escape is obsolete mentioned here: #193