From b75a66497bdde88e052a256217749af76d28b85c Mon Sep 17 00:00:00 2001
From: Lukasz Ostrowski <lukasz.ostrowski@saleor.io>
Date: Thu, 1 Jun 2023 16:33:25 +0200
Subject: [PATCH] Protect logger from trace and debug in production (#527)

* Protec logger from trace and debug in production

* Better error message
---
 .changeset/wet-points-deny.md |  5 +++++
 packages/shared/src/logger.ts | 13 ++++++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 .changeset/wet-points-deny.md

diff --git a/.changeset/wet-points-deny.md b/.changeset/wet-points-deny.md
new file mode 100644
index 0000000..1af4a87
--- /dev/null
+++ b/.changeset/wet-points-deny.md
@@ -0,0 +1,5 @@
+---
+"@saleor/apps-shared": minor
+---
+
+Disabled possibility to create logger if level is DEBUG or TRACE and NODE_ENV is production. This is an additional protection for logging sensitive data.
diff --git a/packages/shared/src/logger.ts b/packages/shared/src/logger.ts
index 5056296..f5796b5 100644
--- a/packages/shared/src/logger.ts
+++ b/packages/shared/src/logger.ts
@@ -1,10 +1,21 @@
 import pino from "pino";
 
+const forbiddenProductionLevels = ["debug", "trace"];
+
+const logLevel = process.env.APP_LOG_LEVEL ?? "silent";
+
+if (process.env.NODE_ENV === "production" && forbiddenProductionLevels.includes(logLevel)) {
+  throw new Error(
+    `Production app can only log INFO or higher log level. "${logLevel}" is development only.`
+  );
+  process.exit(1);
+}
+
 /**
  * TODO Set up log drain etc
  */
 export const logger = pino({
-  level: process.env.APP_LOG_LEVEL ?? "silent",
+  level: logLevel,
   redact: ["token", "apiKey"],
   transport:
     process.env.NODE_ENV === "development"