diff --git a/build_hardened.py b/build_hardened.py
index f9d312ca..07973246 100755
--- a/build_hardened.py
+++ b/build_hardened.py
@@ -1,5 +1,16 @@
-import os
-import shutil
+#!/usr/bin/env python
+"""
+Loguru hardened
+---------------
+
+Loguru hardened is a release of loguru which has small patches to make the default use more secure (and less developer friendly).
+
+The following changes make loguru-hardened different:
+
+- Use serialize by default to mitigate possible injection of newlines by logging data injected by malicious user.
+ See https://huntr.com/bounties/73ebb08a-0415-41be-b9b0-0cea067f6771
+- Disable diagnose by default, to keep context information from leaking into the logs.
+"""
import subprocess
@@ -16,26 +27,28 @@ def update_setup_py():
f.write(setup_py)
-def replace_with_hardened_files():
- """Replace the loguru files with hardened versions"""
- # Walk hardened folder and copy files to loguru folder
- for root, _, files in os.walk("hardened"):
- for file in files:
- assert os.path.isfile(os.path.join("loguru", file))
- # Copy file to loguru folder
- shutil.copy(os.path.join(root, file), os.path.join("loguru", file))
-
+def update_defaults_py():
+ """Set HARDENED_BUILD to True in _defaults.py"""
+ defaults_py_path = "loguru/_defaults.py"
+ with open(defaults_py_path, "r") as f:
+ defaults_py = f.read()
+ hardened_defaults = defaults_py.replace("HARDENED_BUILD = False", "HARDENED_BUILD = True")
+ assert hardened_defaults != defaults_py
+ with open(defaults_py_path, "w") as f:
+ f.write(hardened_defaults)
def main():
"""Update the setup.py file for logoru-hardened
- - copy hardened files in place,
+ - patch to become hardened:
+ - setup.py
+ - _defaults.py
- test
- build
- git checkout changes
"""
update_setup_py()
- replace_with_hardened_files()
+ update_defaults_py()
tox_test_result = subprocess.run(["tox", "-e", "tests"])
tox_test_result.check_returncode()
build_result = subprocess.run(["python", "-m", "build"])
diff --git a/hardened/README.rst b/hardened/README.rst
deleted file mode 100644
index 18fa323e..00000000
--- a/hardened/README.rst
+++ /dev/null
@@ -1,10 +0,0 @@
-Loguru hardened
----------------
-
-Loguru hardened is a release of loguru which has small patches to make the default use more secure (and less developer friendly).
-
-The following changes make loguru-hardened different:
-
-- Use serialize by default to mitigate possible injection of newlines by logging data injected by malicious user.
- See https://huntr.com/bounties/73ebb08a-0415-41be-b9b0-0cea067f6771
-- Disable diagnose by default, to keep context information from leaking into the logs.
diff --git a/hardened/_defaults.py b/hardened/_defaults.py
deleted file mode 100644
index 92c87d78..00000000
--- a/hardened/_defaults.py
+++ /dev/null
@@ -1,75 +0,0 @@
-from os import environ
-
-
-def env(key, type_, default=None):
- if key not in environ:
- return default
-
- val = environ[key]
-
- if type_ == str:
- return val
- if type_ == bool:
- if val.lower() in ["1", "true", "yes", "y", "ok", "on"]:
- return True
- if val.lower() in ["0", "false", "no", "n", "nok", "off"]:
- return False
- raise ValueError(
- "Invalid environment variable '%s' (expected a boolean): '%s'" % (key, val)
- )
- if type_ == int:
- try:
- return int(val)
- except ValueError:
- raise ValueError(
- "Invalid environment variable '%s' (expected an integer): '%s'" % (key, val)
- ) from None
- raise ValueError("The requested type '%r' is not supported" % type_)
-
-
-LOGURU_AUTOINIT = env("LOGURU_AUTOINIT", bool, True)
-
-LOGURU_FORMAT = env(
- "LOGURU_FORMAT",
- str,
- "{time:YYYY-MM-DD HH:mm:ss.SSS} | "
- "{level: <8} | "
- "{name}:{function}:{line} - {message}",
-)
-LOGURU_FILTER = env("LOGURU_FILTER", str, None)
-LOGURU_LEVEL = env("LOGURU_LEVEL", str, "DEBUG")
-LOGURU_COLORIZE = env("LOGURU_COLORIZE", bool, None)
-LOGURU_SERIALIZE = env("LOGURU_SERIALIZE", bool, True)
-LOGURU_BACKTRACE = env("LOGURU_BACKTRACE", bool, True)
-LOGURU_DIAGNOSE = env("LOGURU_DIAGNOSE", bool, False)
-LOGURU_ENQUEUE = env("LOGURU_ENQUEUE", bool, False)
-LOGURU_CONTEXT = env("LOGURU_CONTEXT", str, None)
-LOGURU_CATCH = env("LOGURU_CATCH", bool, True)
-
-LOGURU_TRACE_NO = env("LOGURU_TRACE_NO", int, 5)
-LOGURU_TRACE_COLOR = env("LOGURU_TRACE_COLOR", str, "")
-LOGURU_TRACE_ICON = env("LOGURU_TRACE_ICON", str, "\u270F\uFE0F") # Pencil
-
-LOGURU_DEBUG_NO = env("LOGURU_DEBUG_NO", int, 10)
-LOGURU_DEBUG_COLOR = env("LOGURU_DEBUG_COLOR", str, "")
-LOGURU_DEBUG_ICON = env("LOGURU_DEBUG_ICON", str, "\U0001F41E") # Lady Beetle
-
-LOGURU_INFO_NO = env("LOGURU_INFO_NO", int, 20)
-LOGURU_INFO_COLOR = env("LOGURU_INFO_COLOR", str, "")
-LOGURU_INFO_ICON = env("LOGURU_INFO_ICON", str, "\u2139\uFE0F") # Information
-
-LOGURU_SUCCESS_NO = env("LOGURU_SUCCESS_NO", int, 25)
-LOGURU_SUCCESS_COLOR = env("LOGURU_SUCCESS_COLOR", str, "")
-LOGURU_SUCCESS_ICON = env("LOGURU_SUCCESS_ICON", str, "\u2705") # White Heavy Check Mark
-
-LOGURU_WARNING_NO = env("LOGURU_WARNING_NO", int, 30)
-LOGURU_WARNING_COLOR = env("LOGURU_WARNING_COLOR", str, "")
-LOGURU_WARNING_ICON = env("LOGURU_WARNING_ICON", str, "\u26A0\uFE0F") # Warning
-
-LOGURU_ERROR_NO = env("LOGURU_ERROR_NO", int, 40)
-LOGURU_ERROR_COLOR = env("LOGURU_ERROR_COLOR", str, "")
-LOGURU_ERROR_ICON = env("LOGURU_ERROR_ICON", str, "\u274C") # Cross Mark
-
-LOGURU_CRITICAL_NO = env("LOGURU_CRITICAL_NO", int, 50)
-LOGURU_CRITICAL_COLOR = env("LOGURU_CRITICAL_COLOR", str, "")
-LOGURU_CRITICAL_ICON = env("LOGURU_CRITICAL_ICON", str, "\u2620\uFE0F") # Skull and Crossbones
diff --git a/loguru/_defaults.py b/loguru/_defaults.py
index 5456e81c..257f1fc0 100644
--- a/loguru/_defaults.py
+++ b/loguru/_defaults.py
@@ -26,6 +26,7 @@ def env(key, type_, default=None):
) from None
raise ValueError("The requested type '%r' is not supported" % type_)
+HARDENED_BUILD = False
LOGURU_AUTOINIT = env("LOGURU_AUTOINIT", bool, True)
@@ -39,9 +40,9 @@ def env(key, type_, default=None):
LOGURU_FILTER = env("LOGURU_FILTER", str, None)
LOGURU_LEVEL = env("LOGURU_LEVEL", str, "DEBUG")
LOGURU_COLORIZE = env("LOGURU_COLORIZE", bool, None)
-LOGURU_SERIALIZE = env("LOGURU_SERIALIZE", bool, False)
+LOGURU_SERIALIZE = env("LOGURU_SERIALIZE", bool, True if HARDENED_BUILD else False)
LOGURU_BACKTRACE = env("LOGURU_BACKTRACE", bool, True)
-LOGURU_DIAGNOSE = env("LOGURU_DIAGNOSE", bool, True)
+LOGURU_DIAGNOSE = env("LOGURU_DIAGNOSE", bool, False if HARDENED_BUILD else True)
LOGURU_ENQUEUE = env("LOGURU_ENQUEUE", bool, False)
LOGURU_CONTEXT = env("LOGURU_CONTEXT", str, None)
LOGURU_CATCH = env("LOGURU_CATCH", bool, True)