search

mozilla / blurts-server

Mozilla Monitor arms you with tools to keep your personal information safe. Find out what hackers already know about you and learn how to stay a step ahead of them.
https://monitor.mozilla.org
Mozilla Public License 2.0
727 stars 205 forks source link

audit mozlog logging #694

Closed pdehaan closed 8 months ago

pdehaan commented 5 years ago 
$ git rev-parse --short HEAD # 638af6a

$  git grep -n "log\." | grep -v "blog.moz"
basket.js:32:      log.error("subscribe", {stack: e.stack});
controllers/dockerflow.js:18:  log.info("generating");
controllers/dockerflow.js:23:    log.error("generating", {err: err});
controllers/hibp.js:41:    log.info(`${breachAlert.Name} is fabricated, a spam list, not associated with a website, or unverified. \n Breach Alert not sent.`);
controllers/hibp.js:51:  log.info("notification", { length: subscribers.length, breachAlertName: breachAlert.Name });
controllers/hibp.js:56:    log.info("notify", {subscriber});
controllers/hibp.js:86:  log.info("notified", { length: notifiedSubscribers.length });
controllers/oauth.js:55:  log.debug("fxa-confirmed-fxaUser", fxaUser);
controllers/oauth.js:62:  log.debug("fxa-confirmed-profile-data", data.body);
controllers/ses.js:19:        log.error("notification", { err: err });
controllers/ses.js:37:  log.info("received-SES", { id: notification.MessageId });
controllers/ses.js:47:      log.info("unhandled-eventType", { type: message.eventType });
db/DB.js:184:      log.info("removed-subscriber", { id: aEntry.id });
db/DB.js:187:      log.warn("removed-subscriber-not-found");
email-utils.js:35:      log.info("smtpUrl-empty", { message: "EmailUtils will log a JSON response instead of sending emails." });
email-utils.js:74:          log.info("JSONTransport", { message: info.message.toString() });
hbs-helpers.js:83:  log.error("ifCompare", {message: `${operator} not found`});
hibp.js:34:      log.error("_throttledGot", {err: err});
hibp.js:39:        log.info("_throttledGot", {err: "got a 429, tryCount: " + tryCount});
hibp.js:41:          log.error("_throttledGot", {err: err});
hibp.js:83:    log.info("loadBreachesIntoApp");
hibp.js:99:    log.info("done-loading-breaches");
locale-utils.js:59:        log.error("loadFluentBundle", {stack: e.stack});
locale-utils.js:62:    log.info("LocaleUtils.init", {availableLanguages});
locale-utils.js:63:    log.info("LocaleUtils.init", {fluentBundles});
middleware.js:62:  log.error("error", {stack: err.stack});
routes/ses.js:17:    log.info("ses-notification-body", { body: req.body });
server.js:52:  log.error("try-load-languages-error", { error: error });
server.js:59:    log.error("try-load-breaches-error", { error: error });
server.js:170:    log.info("Listening", { port: listener.address().port });
server.js:173:  log.error("try-initialize-email-error", { error: error });

I think the only one that jumps out at me is this one, which doesn't list an op:

https://github.com/mozilla/blurts-server/blob/638af6a3aa2bcafedf110ae111da65d7f4fff7d3/controllers/hibp.js#L41

It should probably be something like this with a string op and object for the second [optional] param:

log.info("notify", {message: `${breachAlert.Name} is fabricated, a spam list, not associated with a website, or unverified. \n Breach Alert not sent.`});

Not sure if we care much about the formatting of op or the second parameter... I notice some of the ops are "loadBreachesIntoApp" vs "done-loading-breaches".

EMMLynch commented 8 months ago

Closing since we've redesigned the site and functionality since this was created. If you feel that this is still needed, please let me know.