From bc1bb4ba69283d2cd739ee79b6e21cd0ef60e752 Mon Sep 17 00:00:00 2001 From: Zachary Rice Date: Fri, 25 Oct 2024 12:00:47 -0500 Subject: [PATCH 1/3] adding logging section in contrib doc --- CONTRIBUTING.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 16fe1035b2f9..ce551d38d758 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -11,3 +11,25 @@ Contributors need to [sign our CLA](https://cla-assistant.io/trufflesecurity/tru ## Adding new secret detectors We have published some [documentation and tooling to get started on adding new secret detectors](hack/docs/Adding_Detectors_external.md). Let's improve detection together! + +## Logging in TruffleHog + +**Use fields over format strings**. For structured logging, fields allow us to better filter and search through logs than embedding data in the message. + +**Differentiate logs coming from dependencies**. This can be done with a `"dep"` field that gets passed to the library. Sometimes it’s not possible to do this. + +Limit log levels to _**info**_ (indicate normal or expected operation) and _**error**_ (functionality is impeded and should be checked by an engineer) + +**Choose an appropriate verbosity level** +``` +0. — logs we always want to see +1. — logs we could possibly want to turn off +2. — logs that are useful for debugging +3. — frequently called logs that may produce a lot of output +4. — extremely verbose logs or logs containing sensitive information +5. — ultimate verbosity +``` + +**Either log an error or return it**. Doing one or the other will help defer logging for when there is more context for it and prevent duplicate “bubbling up” logs. + +**Log contextual information**. Every log emitted should contain this context via fields to easily filter and search. From 7b9bd3f25819f202f1db05a8f86cfe567f98b52c Mon Sep 17 00:00:00 2001 From: Zachary Rice Date: Fri, 25 Oct 2024 12:03:43 -0500 Subject: [PATCH 2/3] sample line --- CONTRIBUTING.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index ce551d38d758..8ea65d5fc054 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -30,6 +30,10 @@ Limit log levels to _**info**_ (indicate normal or expected operation) and _**er 5. — ultimate verbosity ``` +Example: `Logger().V(2).Info("skipping file: extension is ignored", "ext", mimeExt)` + + + **Either log an error or return it**. Doing one or the other will help defer logging for when there is more context for it and prevent duplicate “bubbling up” logs. **Log contextual information**. Every log emitted should contain this context via fields to easily filter and search. From e39d3d3e721caffcfc15b7fb8762f260d3f055ee Mon Sep 17 00:00:00 2001 From: Zachary Rice Date: Fri, 25 Oct 2024 12:04:38 -0500 Subject: [PATCH 3/3] Space --- CONTRIBUTING.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8ea65d5fc054..786b4a806c76 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -29,11 +29,8 @@ Limit log levels to _**info**_ (indicate normal or expected operation) and _**er 4. — extremely verbose logs or logs containing sensitive information 5. — ultimate verbosity ``` - Example: `Logger().V(2).Info("skipping file: extension is ignored", "ext", mimeExt)` - - **Either log an error or return it**. Doing one or the other will help defer logging for when there is more context for it and prevent duplicate “bubbling up” logs. **Log contextual information**. Every log emitted should contain this context via fields to easily filter and search.