Add safe Prometheus metrics and security signals#132
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f6da6e2ab0
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if limit <= 0: | ||
| return b"" | ||
| try: | ||
| return request.body[:limit] |
There was a problem hiding this comment.
Bound request-body sampling before reading it
When security metrics are enabled with request-body inspection, request.body materializes and caches the entire request payload before this slice is applied, so max_body_bytes does not actually bound memory or I/O. Large uploads will be fully buffered by the middleware even in metrics-only mode, which can add significant latency or memory pressure despite the configured sampling limit.
Useful? React with 👍 / 👎.
|
|
||
| def increment_skipped_logs(self, reason): | ||
| if metrics_settings.pipeline_metrics_enabled(): | ||
| self.skipped_logs.labels(reason=str(reason or "unknown")).inc() |
There was a problem hiding this comment.
Sanitize policy skip reasons before labeling metrics
When pipeline metrics are enabled and a logging policy skips a request, the policy reason is user-configurable via the declarative policy or DRF_API_LOGGER_POLICY_FUNC, but it is sent directly as the Prometheus reason label here. If a policy returns dynamic data such as a path, user id, or request-specific reason, this bypasses the safe-label allowlist and can leak sensitive data or create unbounded time series.
Useful? React with 👍 / 👎.
Summary
unknownstatus labels.1.4.0.Verification
coverage run --source=drf_api_logger -m django test tests --settings=tests.test_settings --verbosity=1- 307 tests passed.coverage report- total coverage 89%.python -m sphinx -b html docs docs/_build/html- build succeeded.python -m build --sdist --wheel- builtdrf_api_logger-1.4.0.tar.gzanddrf_api_logger-1.4.0-py3-none-any.whl.python -m twine check dist/*- both artifacts passed.git diff --cached --check- passed.