changelog and version bump

Author: jsendo

packages/sdk/CHANGELOG.md

@@ -2,6 +2,14 @@
 
 # Changelog
 
+## [1.5.1] - 2025-04-15
+
+### Added
+
+- PD_SDK_DEBUG env var.  Set it to true to enable debugging of Pipedream Connect
+  API requests.  Simple sanitization is performed to prevent sensitive field leakage
+  but use caution.
+
 ## [1.5.0] - 2025-04-08
 
 ### Added

packages/sdk/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@pipedream/sdk",
   "type": "module",
-  "version": "1.5.0",
+  "version": "1.5.1",
   "description": "Pipedream SDK",
   "main": "./dist/server.js",
   "module": "./dist/server.js",

packages/sdk/src/shared/index.ts

@@ -847,13 +847,40 @@ export interface AsyncRequestOptions extends RequestOptions {
   body: { async_handle: string; } & Required<RequestOptions["body"]>;
 }
 
+const SENSITIVE_KEYS = ["token", "password", "secret", "apiKey", "authorization", "auth", "key", "access_token"];
+
+function sanitize(value: any, seen = new WeakSet()): any {
+  if (value === null || value === undefined) return value;
+
+  if (typeof value === "object") {
+    if (seen.has(value)) return "[CIRCULAR]";
+    seen.add(value);
+
+    if (Array.isArray(value)) {
+      return value.map((v) => sanitize(v, seen));
+    }
+
+    const sanitizedObj: Record<string, any> = {};
+    for (const [k, v] of Object.entries(value)) {
+      const isSensitiveKey = SENSITIVE_KEYS.some((sensitiveKey) =>
+        k.toLowerCase().includes(sensitiveKey.toLowerCase())
+      );
+      sanitizedObj[k] = isSensitiveKey ? "[REDACTED]" : sanitize(v, seen);
+    }
+    return sanitizedObj;
+  }
+
+  return value; // numbers, booleans, functions, etc.
+}
+
 export function DEBUG(...args: any[]) {
   if (
     typeof process !== "undefined" &&
     typeof process.env !== "undefined" &&
-    process.env.DEBUG === "true"
+    process.env.PD_SDK_DEBUG === "true"
   ) {
-    console.log("[DEBUG]", ...args);
+    const safeArgs = args.map((arg) => sanitize(arg));
+    console.log("[PD_SDK_DEBUG]", ...safeArgs);
   }
 }
 
@@ -971,9 +998,6 @@ export abstract class BaseClient {
     ) {
       requestOptions.body = processedBody;
     }
-    DEBUG("makeRequest")
-    DEBUG("url: ", url.toString())
-    DEBUG("requestOptions: ", requestOptions)
 
     const response: Response = await fetch(url.toString(), requestOptions);
 
@@ -992,27 +1016,25 @@ export abstract class BaseClient {
 
     return (await response.text()) as unknown as T;*/
     const rawBody = await response.text();
-    DEBUG("Response status:", response.status);
-    DEBUG("Response body:", rawBody);
 
     if (!response.ok) {
       throw new Error(`HTTP error! status: ${response.status}, body: ${rawBody}`);
     }
 
+    DEBUG(response.status, url.toString(), requestOptions, rawBody)
     const contentType = response.headers.get("Content-Type");
     if (contentType && contentType.includes("application/json")) {
       try {
         const json = JSON.parse(rawBody);
-        DEBUG("Parsed JSON:", json);
         return json as T;
       } catch (err) {
-        DEBUG("Failed to parse JSON, returning raw body as fallback.");
       }
     }
 
     return rawBody as unknown as T;
   }
 
+
   protected abstract authHeaders(): string | Promise<string>;
 
   /**