mozilla
/
fxa-profile-server
зеркало из https://github.com/mozilla/fxa-profile-server.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

fix(config): mark config sentryDsn and mysql password sensitive (#298) r=@vladikoff

This commit is contained in:
John Morrison 2018-01-11 16:54:41 -08:00 коммит произвёл Vlad Filippov
Родитель 98b1f7aefc
Коммит f7a3717f49
4 изменённых файлов: 76 добавлений и 67 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

5
bin/server.js
Просмотреть файл

@ -6,13 +6,14 @@
// If required, modules will be instrumented. // If required, modules will be instrumented.
require('../lib/newrelic')(); require('../lib/newrelic')();
const config = require('../lib/config').getProperties(); const configuration = require('../lib/config');
const db = require('../lib/db'); const db = require('../lib/db');
const logger = require('../lib/logging')('bin.server'); const logger = require('../lib/logging')('bin.server');
const server = require('../lib/server').create(); const server = require('../lib/server').create();
const events = require('../lib/events')(server); const events = require('../lib/events')(server);
logger.info('config', config); // The stringify/parse is to force the output back to unindented json.
logger.info('config', JSON.stringify(JSON.parse(configuration.toString())));
db.ping().done(function() { db.ping().done(function() {
server.start(function(err) { server.start(function(err) {
if (err) { if (err) {

5
lib/config.js
Просмотреть файл

@ -89,6 +89,7 @@ const conf = convict({
}, },
types: { types: {
doc: 'A mapping of allowed mime types and their file signatures', doc: 'A mapping of allowed mime types and their file signatures',
format: Object,
default: { default: {
// see https://en.wikipedia.org/wiki/List_of_file_signatures // see https://en.wikipedia.org/wiki/List_of_file_signatures
'image/jpeg': [ 'image/jpeg': [
@ -162,6 +163,7 @@ const conf = convict({
}, },
password: { password: {
default: '', default: '',
sensitive: true,
env: 'MYSQL_PASSWORD' env: 'MYSQL_PASSWORD'
}, },
database: { database: {
@ -321,6 +323,7 @@ const conf = convict({
}, },
sentryDsn: { sentryDsn: {
doc: 'Sentry DSN for error and log reporting', doc: 'Sentry DSN for error and log reporting',
sensitive: true,
default: '', default: '',
format: 'String', format: 'String',
env: 'SENTRY_DSN' env: 'SENTRY_DSN'
@ -346,7 +349,7 @@ if (conf.get('env') === 'test') {
process.env.NODE_ENV = conf.get('env'); process.env.NODE_ENV = conf.get('env');
var options = { var options = {
strict: true allowed: 'strict'
}; };
conf.validate(options); conf.validate(options);

131
npm-shrinkwrap.json сгенерированный
Просмотреть файл

@ -211,49 +211,61 @@
} }
}, },
"convict": { "convict": {
"version": "2.0.0", "version": "4.0.2",
"from": "convict@2.0.0", "from": "convict@4.0.2",
"resolved": "https://registry.npmjs.org/convict/-/convict-2.0.0.tgz", "resolved": "https://registry.npmjs.org/convict/-/convict-4.0.2.tgz",
"dependencies": { "dependencies": {
"depd": {
"version": "1.1.1",
"from": "depd@1.1.1",
"resolved": "https://registry.npmjs.org/depd/-/depd-1.1.1.tgz"
},
"json5": { "json5": {
"version": "0.5.1", "version": "0.5.1",
"from": "https://registry.npmjs.org/json5/-/json5-0.5.1.tgz", "from": "json5@0.5.1",
"resolved": "https://registry.npmjs.org/json5/-/json5-0.5.1.tgz" "resolved": "https://registry.npmjs.org/json5/-/json5-0.5.1.tgz"
}, },
"lodash.clonedeep": { "lodash.clonedeep": {
"version": "4.5.0", "version": "4.5.0",
"from": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz", "from": "lodash.clonedeep@4.5.0",
"resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz" "resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz"
}, },
"minimist": {
"version": "1.2.0",
"from": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz"
},
"moment": { "moment": {
"version": "2.17.1", "version": "2.19.3",
"from": "https://registry.npmjs.org/moment/-/moment-2.17.1.tgz", "from": "moment@2.19.3",
"resolved": "https://registry.npmjs.org/moment/-/moment-2.17.1.tgz" "resolved": "https://registry.npmjs.org/moment/-/moment-2.19.3.tgz"
}, },
"validator": { "validator": {
"version": "6.2.0", "version": "7.2.0",
"from": "https://registry.npmjs.org/validator/-/validator-6.2.0.tgz", "from": "validator@7.2.0",
"resolved": "https://registry.npmjs.org/validator/-/validator-6.2.0.tgz" "resolved": "https://registry.npmjs.org/validator/-/validator-7.2.0.tgz"
},
"yargs-parser": {
"version": "7.0.0",
"from": "yargs-parser@7.0.0",
"resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-7.0.0.tgz",
"dependencies": {
"camelcase": {
"version": "4.1.0",
"from": "camelcase@>=4.1.0 <5.0.0",
"resolved": "https://registry.npmjs.org/camelcase/-/camelcase-4.1.0.tgz"
}
}
}, },
"varify": { "varify": {
"version": "0.1.1", "version": "0.2.0",
"from": "https://registry.npmjs.org/varify/-/varify-0.1.1.tgz", "from": "varify@0.2.0",
"resolved": "https://registry.npmjs.org/varify/-/varify-0.1.1.tgz", "resolved": "https://registry.npmjs.org/varify/-/varify-0.2.0.tgz",
"dependencies": { "dependencies": {
"redeyed": { "redeyed": {
"version": "0.4.4", "version": "1.0.1",
"from": "https://registry.npmjs.org/redeyed/-/redeyed-0.4.4.tgz", "from": "redeyed@>=1.0.1 <1.1.0",
"resolved": "https://registry.npmjs.org/redeyed/-/redeyed-0.4.4.tgz", "resolved": "https://registry.npmjs.org/redeyed/-/redeyed-1.0.1.tgz",
"dependencies": { "dependencies": {
"esprima": { "esprima": {
"version": "1.0.4", "version": "3.0.0",
"from": "https://registry.npmjs.org/esprima/-/esprima-1.0.4.tgz", "from": "esprima@>=3.0.0 <3.1.0",
"resolved": "https://registry.npmjs.org/esprima/-/esprima-1.0.4.tgz" "resolved": "https://registry.npmjs.org/esprima/-/esprima-3.0.0.tgz"
} }
} }
} }
@ -459,7 +471,7 @@
"dependencies": { "dependencies": {
"ms": { "ms": {
"version": "2.0.0", "version": "2.0.0",
"from": "ms@2.0.0", "from": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz" "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz"
} }
} }
@ -907,7 +919,7 @@
"dependencies": { "dependencies": {
"ansi-styles": { "ansi-styles": {
"version": "2.2.1", "version": "2.2.1",
"from": "ansi-styles@>=2.2.1 <3.0.0", "from": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz",
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz" "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz"
}, },
"escape-string-regexp": { "escape-string-regexp": {
@ -1335,7 +1347,7 @@
"dependencies": { "dependencies": {
"align-text": { "align-text": {
"version": "0.1.4", "version": "0.1.4",
"from": "align-text@>=0.1.3 <0.2.0", "from": "align-text@>=0.1.1 <0.2.0",
"resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz", "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz",
"dependencies": { "dependencies": {
"kind-of": { "kind-of": {
@ -1376,7 +1388,7 @@
"dependencies": { "dependencies": {
"align-text": { "align-text": {
"version": "0.1.4", "version": "0.1.4",
"from": "align-text@>=0.1.3 <0.2.0", "from": "align-text@>=0.1.1 <0.2.0",
"resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz", "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz",
"dependencies": { "dependencies": {
"kind-of": { "kind-of": {
@ -1451,9 +1463,9 @@
"resolved": "https://registry.npmjs.org/conventional-commits-parser/-/conventional-commits-parser-0.1.2.tgz", "resolved": "https://registry.npmjs.org/conventional-commits-parser/-/conventional-commits-parser-0.1.2.tgz",
"dependencies": { "dependencies": {
"JSONStream": { "JSONStream": {
"version": "1.3.1", "version": "1.3.2",
"from": "JSONStream@>=1.0.4 <2.0.0", "from": "JSONStream@>=1.0.4 <2.0.0",
"resolved": "https://registry.npmjs.org/JSONStream/-/JSONStream-1.3.1.tgz", "resolved": "https://registry.npmjs.org/JSONStream/-/JSONStream-1.3.2.tgz",
"dependencies": { "dependencies": {
"jsonparse": { "jsonparse": {
"version": "1.3.1", "version": "1.3.1",
@ -1510,7 +1522,7 @@
}, },
"normalize-package-data": { "normalize-package-data": {
"version": "2.4.0", "version": "2.4.0",
"from": "normalize-package-data@>=2.3.2 <3.0.0", "from": "normalize-package-data@>=2.3.0 <3.0.0",
"resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.4.0.tgz", "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.4.0.tgz",
"dependencies": { "dependencies": {
"is-builtin-module": { "is-builtin-module": {
@ -2246,9 +2258,9 @@
"resolved": "https://registry.npmjs.org/d/-/d-1.0.0.tgz" "resolved": "https://registry.npmjs.org/d/-/d-1.0.0.tgz"
}, },
"es5-ext": { "es5-ext": {
"version": "0.10.35", "version": "0.10.37",
"from": "es5-ext@>=0.10.14 <0.11.0", "from": "es5-ext@>=0.10.14 <0.11.0",
"resolved": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.35.tgz" "resolved": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.37.tgz"
}, },
"es6-iterator": { "es6-iterator": {
"version": "2.0.3", "version": "2.0.3",
@ -2288,9 +2300,9 @@
"resolved": "https://registry.npmjs.org/d/-/d-1.0.0.tgz" "resolved": "https://registry.npmjs.org/d/-/d-1.0.0.tgz"
}, },
"es5-ext": { "es5-ext": {
"version": "0.10.35", "version": "0.10.37",
"from": "es5-ext@>=0.10.14 <0.11.0", "from": "es5-ext@>=0.10.14 <0.11.0",
"resolved": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.35.tgz" "resolved": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.37.tgz"
}, },
"es6-iterator": { "es6-iterator": {
"version": "2.0.3", "version": "2.0.3",
@ -2324,9 +2336,9 @@
"resolved": "https://registry.npmjs.org/espree/-/espree-3.5.2.tgz", "resolved": "https://registry.npmjs.org/espree/-/espree-3.5.2.tgz",
"dependencies": { "dependencies": {
"acorn": { "acorn": {
"version": "5.2.1", "version": "5.3.0",
"from": "acorn@>=5.2.1 <6.0.0", "from": "acorn@>=5.2.1 <6.0.0",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-5.2.1.tgz" "resolved": "https://registry.npmjs.org/acorn/-/acorn-5.3.0.tgz"
}, },
"acorn-jsx": { "acorn-jsx": {
"version": "3.0.1", "version": "3.0.1",
@ -2407,9 +2419,9 @@
"resolved": "https://registry.npmjs.org/is-path-in-cwd/-/is-path-in-cwd-1.0.0.tgz", "resolved": "https://registry.npmjs.org/is-path-in-cwd/-/is-path-in-cwd-1.0.0.tgz",
"dependencies": { "dependencies": {
"is-path-inside": { "is-path-inside": {
"version": "1.0.0", "version": "1.0.1",
"from": "is-path-inside@>=1.0.0 <2.0.0", "from": "is-path-inside@>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-1.0.0.tgz" "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-1.0.1.tgz"
} }
} }
}, },
@ -2677,9 +2689,9 @@
} }
}, },
"is-my-json-valid": { "is-my-json-valid": {
"version": "2.16.1", "version": "2.17.1",
"from": "is-my-json-valid@>=2.10.0 <3.0.0", "from": "is-my-json-valid@>=2.10.0 <3.0.0",
"resolved": "https://registry.npmjs.org/is-my-json-valid/-/is-my-json-valid-2.16.1.tgz", "resolved": "https://registry.npmjs.org/is-my-json-valid/-/is-my-json-valid-2.17.1.tgz",
"dependencies": { "dependencies": {
"generate-function": { "generate-function": {
"version": "2.0.0", "version": "2.0.0",
@ -2711,16 +2723,9 @@
} }
}, },
"is-resolvable": { "is-resolvable": {
"version": "1.0.0", "version": "1.0.1",
"from": "is-resolvable@>=1.0.0 <2.0.0", "from": "is-resolvable@>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/is-resolvable/-/is-resolvable-1.0.0.tgz", "resolved": "https://registry.npmjs.org/is-resolvable/-/is-resolvable-1.0.1.tgz"
"dependencies": {
"tryit": {
"version": "1.0.3",
"from": "tryit@>=1.0.1 <2.0.0",
"resolved": "https://registry.npmjs.org/tryit/-/tryit-1.0.3.tgz"
}
}
}, },
"js-yaml": { "js-yaml": {
"version": "3.10.0", "version": "3.10.0",
@ -3054,7 +3059,7 @@
}, },
"escape-string-regexp": { "escape-string-regexp": {
"version": "1.0.5", "version": "1.0.5",
"from": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", "from": "escape-string-regexp@>=1.0.2 <2.0.0",
"resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz" "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz"
}, },
"extend": { "extend": {
@ -3211,9 +3216,9 @@
"resolved": "https://registry.npmjs.org/mimos/-/mimos-3.0.3.tgz", "resolved": "https://registry.npmjs.org/mimos/-/mimos-3.0.3.tgz",
"dependencies": { "dependencies": {
"mime-db": { "mime-db": {
"version": "1.31.0", "version": "1.32.0",
"from": "mime-db@>=1.0.0 <2.0.0", "from": "mime-db@>=1.0.0 <2.0.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.31.0.tgz" "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.32.0.tgz"
} }
} }
}, },
@ -3374,9 +3379,9 @@
"resolved": "https://registry.npmjs.org/items/-/items-2.1.1.tgz" "resolved": "https://registry.npmjs.org/items/-/items-2.1.1.tgz"
}, },
"moment": { "moment": {
"version": "2.19.2", "version": "2.20.1",
"from": "moment@>=2.0.0 <3.0.0", "from": "moment@>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/moment/-/moment-2.19.2.tgz" "resolved": "https://registry.npmjs.org/moment/-/moment-2.20.1.tgz"
}, },
"topo": { "topo": {
"version": "2.0.2", "version": "2.0.2",
@ -3758,7 +3763,7 @@
}, },
"inherits": { "inherits": {
"version": "2.0.3", "version": "2.0.3",
"from": "inherits@>=2.0.1 <2.1.0", "from": "inherits@>=2.0.0 <3.0.0",
"resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz" "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz"
} }
} }
@ -3971,9 +3976,9 @@
"resolved": "https://registry.npmjs.org/@newrelic/native-metrics/-/native-metrics-2.1.2.tgz", "resolved": "https://registry.npmjs.org/@newrelic/native-metrics/-/native-metrics-2.1.2.tgz",
"dependencies": { "dependencies": {
"nan": { "nan": {
"version": "2.7.0", "version": "2.8.0",
"from": "nan@>=2.4.0 <3.0.0", "from": "nan@>=2.4.0 <3.0.0",
"resolved": "https://registry.npmjs.org/nan/-/nan-2.7.0.tgz" "resolved": "https://registry.npmjs.org/nan/-/nan-2.8.0.tgz"
} }
} }
} }
@ -3990,9 +3995,9 @@
"resolved": "https://registry.npmjs.org/chai/-/chai-3.5.0.tgz", "resolved": "https://registry.npmjs.org/chai/-/chai-3.5.0.tgz",
"dependencies": { "dependencies": {
"assertion-error": { "assertion-error": {
"version": "1.0.2", "version": "1.1.0",
"from": "assertion-error@>=1.0.1 <2.0.0", "from": "assertion-error@>=1.0.1 <2.0.0",
"resolved": "https://registry.npmjs.org/assertion-error/-/assertion-error-1.0.2.tgz" "resolved": "https://registry.npmjs.org/assertion-error/-/assertion-error-1.1.0.tgz"
}, },
"deep-eql": { "deep-eql": {
"version": "0.1.3", "version": "0.1.3",
@ -4217,9 +4222,9 @@
} }
}, },
"is-my-json-valid": { "is-my-json-valid": {
"version": "2.16.1", "version": "2.17.1",
"from": "is-my-json-valid@>=2.12.4 <3.0.0", "from": "is-my-json-valid@>=2.12.4 <3.0.0",
"resolved": "https://registry.npmjs.org/is-my-json-valid/-/is-my-json-valid-2.16.1.tgz", "resolved": "https://registry.npmjs.org/is-my-json-valid/-/is-my-json-valid-2.17.1.tgz",
"dependencies": { "dependencies": {
"generate-function": { "generate-function": {
"version": "2.0.0", "version": "2.0.0",

2
package.json
Просмотреть файл

@ -19,7 +19,7 @@
"catbox-redis": "3.0.1", "catbox-redis": "3.0.1",
"checksum": "0.1.1", "checksum": "0.1.1",
"compute-cluster": "0.0.9", "compute-cluster": "0.0.9",
"convict": "2.0.0", "convict": "4.0.2",
"fxa-notifier-aws": "1.0.0", "fxa-notifier-aws": "1.0.0",
"gm-reloaded": "1.24.0", "gm-reloaded": "1.24.0",
"hapi": "16.6.0", "hapi": "16.6.0",