Or see the list of project sponsors.
Documentation | 🥺 |
Docstrings | 😀 |
Tests | 🥺 |
Examples | 🥺 |
RepositoryActivity | 🥺 |
CI | 🥺 |
This library can be useful for anybody who is writing services which logs their errors with backtraces. It will protect you from leaking sensitive data like passwords and tokens.
For example, let's pretend we have some code which authenticates to a database with a password. At some moment and error can happen and when you log the backtrace, the password will be logged as well:
POFTHEDAY> (defun authenticate (password)
(format t "Authenticating with ~A"
password)
(sb-debug:print-backtrace :count 3))
POFTHEDAY> (defun bar (password)
(authenticate password))
POFTHEDAY> (bar "The Secret Password")
Authenticating with The Secret Password
Backtrace for: #<SB-THREAD:THREAD "sly-channel-1-mrepl-remote-1" RUNNING {1003692013}>
0: (AUTHENTICATE "The Secret Password")
1: (BAR "The Secret Password")
2: (SB-INT:SIMPLE-EVAL-IN-LEXENV (BAR "The Secret Password") #<NULL-LEXENV>)
The secret-values
allows to wrap the secret value into the object and retrieve the real value as needed.
POFTHEDAY> (secret-values:conceal-value "The Secret Password" :name "password")
#<SECRET-VALUES:SECRET-VALUE password {100450B623}>
POFTHEDAY> (secret-values:reveal-value *)
"The Secret Password"
Here how we can use it in our example. Pay attention to the backtrace. Now it does not contain the password and such backtrace can be written into the file or sent for diagnostic to the developer:
POFTHEDAY> (defun authenticate (password)
(format t "Authenticating with ~A"
(secret-values:reveal-value password))
(sb-debug:print-backtrace :count 3))
POFTHEDAY> (let ((pass (secret-values:conceal-value "The Secret Password")))
(bar pass))
Authenticating with The Secret Password
Backtrace for: #<SB-THREAD:THREAD "sly-channel-1-mrepl-remote-1" RUNNING {1003692013}>
0: (AUTHENTICATE #<SECRET-VALUES:SECRET-VALUE {10043ABB23}>)
1: (BAR #<SECRET-VALUES:SECRET-VALUE {10043ABB23}>)
2: ((LAMBDA ()))
I definitely will use it! And you should too!
By the way, does somebody know something about the author Thomas Bakketun and his company Copyleft? Seems they are using the Common Lisp in their stack.