anonymize account id and error details for telemetry (#2519)

* anonymize account id and error details for telemetry

* PR feedback and fix lint

* expand anonymizePaths to serializable error details

Author: rtpascual

.changeset/good-falcons-attend.md

@@ -0,0 +1,5 @@
+---
+'@aws-amplify/platform-core': patch
+---
+
+anonymize account id and file paths/stacks in error details for telemetry

.eslint_dictionary.json

@@ -6,6 +6,7 @@
   "amazoncognito",
   "amplifyconfiguration",
   "ampx",
+  "anonymize",
   "anthropic",
   "apns",
   "apollo",

packages/platform-core/src/usage-data/account_id_fetcher.test.ts

@@ -2,9 +2,10 @@ import { AccountIdFetcher } from './account_id_fetcher';
 import { GetCallerIdentityCommandOutput, STSClient } from '@aws-sdk/client-sts';
 import { describe, mock, test } from 'node:test';
 import assert from 'node:assert';
+import { validate } from 'uuid';
 
 void describe('AccountIdFetcher', async () => {
-  void test('fetches account ID successfully', async () => {
+  void test('fetches a valid account UUID successfully', async () => {
     const mockSend = mock.method(STSClient.prototype, 'send', () =>
       Promise.resolve({
         Account: '123456789012',
@@ -14,11 +15,11 @@ void describe('AccountIdFetcher', async () => {
     const accountIdFetcher = new AccountIdFetcher(new STSClient({}));
     const accountId = await accountIdFetcher.fetch();
 
-    assert.strictEqual(accountId, '123456789012');
+    assert.ok(validate(accountId), `${accountId} is not a valid UUID string`);
     mockSend.mock.resetCalls();
   });
 
-  void test('returns default account ID when STS fails', async () => {
+  void test('returns no account ID when STS fails', async () => {
     const mockSend = mock.method(STSClient.prototype, 'send', () =>
       Promise.reject(new Error('STS error'))
     );
@@ -30,7 +31,7 @@ void describe('AccountIdFetcher', async () => {
     mockSend.mock.resetCalls();
   });
 
-  void test('returns cached account ID on subsequent calls', async () => {
+  void test('returns cached account UUID on subsequent calls', async () => {
     const mockSend = mock.method(STSClient.prototype, 'send', () =>
       Promise.resolve({
         Account: '123456789012',
@@ -41,8 +42,7 @@ void describe('AccountIdFetcher', async () => {
     const accountId1 = await accountIdFetcher.fetch();
     const accountId2 = await accountIdFetcher.fetch();
 
-    assert.strictEqual(accountId1, '123456789012');
-    assert.strictEqual(accountId2, '123456789012');
+    assert.strictEqual(accountId1, accountId2);
 
     // we only call the service once.
     assert.strictEqual(mockSend.mock.callCount(), 1);

packages/platform-core/src/usage-data/account_id_fetcher.ts

@@ -1,6 +1,11 @@
 import { GetCallerIdentityCommand, STSClient } from '@aws-sdk/client-sts';
+import { v5 as uuidV5 } from 'uuid';
 
 const NO_ACCOUNT_ID = 'NO_ACCOUNT_ID';
+
+// eslint-disable-next-line spellcheck/spell-checker
+const AMPLIFY_CLI_UUID_NAMESPACE = '283cae3e-c611-4659-9044-6796e5d696ec'; // A random v4 UUID
+
 /**
  * Retrieves the account ID of the user
  */
@@ -19,7 +24,11 @@ export class AccountIdFetcher {
         new GetCallerIdentityCommand({})
       );
       if (stsResponse && stsResponse.Account) {
-        this.accountId = stsResponse.Account;
+        const accountIdBucket = Number(stsResponse.Account) / 100;
+        this.accountId = uuidV5(
+          accountIdBucket.toString(),
+          AMPLIFY_CLI_UUID_NAMESPACE
+        );
         return this.accountId;
       }
       // We failed to get the account Id. Most likely the user doesn't have credentials

packages/platform-core/src/usage-data/serializable_error.test.ts

@@ -2,6 +2,7 @@ import { describe, test } from 'node:test';
 import assert from 'node:assert';
 import os from 'os';
 import { SerializableError } from './serializable_error';
+import { pathToFileURL } from 'node:url';
 
 void describe('serializable error', () => {
   class ErrorWithDetailsAndCode extends Error {
@@ -26,6 +27,21 @@ void describe('serializable error', () => {
     });
   });
 
+  void test('that regular stack trace does not contain user homedir for file url paths', () => {
+    const error = new Error('test error');
+    error.stack = `at methodName (${pathToFileURL(
+      process.cwd()
+    ).toString()}/node_modules/@aws-amplify/test-package/lib/test.js:12:34)\n`;
+    const serializableError = new SerializableError(error);
+    assert.ok(serializableError.trace);
+    serializableError.trace?.forEach((trace) => {
+      assert.ok(
+        trace.file.includes(os.homedir()) == false,
+        `${os.homedir()} is included in the ${trace.file}`
+      );
+    });
+  });
+
   void test('that if code is available it is used as the error name', () => {
     const error = new ErrorWithDetailsAndCode(
       'some error message',
@@ -42,15 +58,15 @@ void describe('serializable error', () => {
     assert.deepStrictEqual(serializableError.name, 'Error');
   });
 
-  void test('that no change in error details that does not have AWS ARNs', () => {
+  void test('that no change in error details that does not have AWS ARNs or stacks', () => {
     const error = new ErrorWithDetailsAndCode(
       'some error message',
-      'some error details that do not have ARNs'
+      'some error details that do not have ARNs or stacks'
     );
     const serializableError = new SerializableError(error);
     assert.deepStrictEqual(
       serializableError.details,
-      'some error details that do not have ARNs'
+      'some error details that do not have ARNs or stacks'
     );
   });
 
@@ -66,9 +82,112 @@ void describe('serializable error', () => {
     );
   });
 
+  void test('that stacks are escaped when error details has two AWS stacks', () => {
+    const error = new ErrorWithDetailsAndCode(
+      'some error message',
+      // eslint-disable-next-line spellcheck/spell-checker
+      'some error details with stack: amplify-testapp-test-sandbox-1234abcd and stack: amplify-testapp-test-branch-1234abcd and something else'
+    );
+    const serializableError = new SerializableError(error);
+    assert.deepStrictEqual(
+      serializableError.details,
+      'some error details with stack: <escaped stack> and stack: <escaped stack> and something else'
+    );
+  });
+
   void test('that error message is sanitized by removing invalid characters', () => {
     const error = new ErrorWithDetailsAndCode('some" er❌ror ""m"es❌sage❌');
     const serializableError = new SerializableError(error);
     assert.deepStrictEqual(serializableError.message, 'some error message');
   });
+
+  void test('that error message does not contain AWS ARNs or stacks', () => {
+    const error = new ErrorWithDetailsAndCode(
+      // eslint-disable-next-line spellcheck/spell-checker
+      'test error with stack: amplify-testapp-test-branch-1234abcd and arn: arn:aws-iso:service:region::res'
+    );
+    const serializableError = new SerializableError(error);
+    assert.deepStrictEqual(
+      serializableError.message,
+      'test error with stack: <escaped stack> and arn: <escaped ARN>'
+    );
+  });
+
+  void test('that error message does not contain user homedir', () => {
+    const error = new ErrorWithDetailsAndCode(`${process.cwd()} test error`);
+    const serializableError = new SerializableError(error);
+    const matches = [
+      ...serializableError.message.matchAll(new RegExp(os.homedir(), 'g')),
+    ];
+    assert.ok(
+      matches.length === 0,
+      `${os.homedir()} is included in ${serializableError.message}`
+    );
+  });
+
+  void test('that error message does not contain file url path with user homedir', () => {
+    const error = new ErrorWithDetailsAndCode(
+      `${pathToFileURL(process.cwd()).toString()} test error`
+    );
+    const serializableError = new SerializableError(error);
+    const matches = [
+      ...serializableError.message.matchAll(new RegExp(os.homedir(), 'g')),
+    ];
+    assert.ok(
+      matches.length === 0,
+      `${os.homedir()} is included in ${serializableError.message}`
+    );
+  });
+
+  void test('that error details do not contain user homedir', () => {
+    const error = new ErrorWithDetailsAndCode(
+      'test error',
+      `${process.cwd()} test details`
+    );
+    const serializableError = new SerializableError(error);
+    const matches = serializableError.details
+      ? [...serializableError.details.matchAll(new RegExp(os.homedir(), 'g'))]
+      : [];
+    assert.ok(
+      serializableError.details && matches.length === 0,
+      `${os.homedir()} is included in ${serializableError.details}`
+    );
+  });
+
+  void test('that error details do not contain file url path with user homedir', () => {
+    const error = new ErrorWithDetailsAndCode(
+      'test error',
+      `${pathToFileURL(process.cwd()).toString()} test details`
+    );
+    const serializableError = new SerializableError(error);
+    const matches = serializableError.details
+      ? [...serializableError.details.matchAll(new RegExp(os.homedir(), 'g'))]
+      : [];
+    assert.ok(
+      serializableError.details && matches.length === 0,
+      `${os.homedir()} is included in ${serializableError.details}`
+    );
+  });
+
+  void test('that error details do not contain AWS ARNs or stacks', () => {
+    const error = new ErrorWithDetailsAndCode(
+      'test error',
+      // eslint-disable-next-line spellcheck/spell-checker
+      'test error with stack: amplify-testapp-test-branch-1234abcd and arn: arn:aws-iso:service:region::res'
+    );
+    const serializableError = new SerializableError(error);
+    assert.deepStrictEqual(
+      serializableError.details,
+      'test error with stack: <escaped stack> and arn: <escaped ARN>'
+    );
+  });
+
+  void test('that error details is sanitized by removing invalid characters', () => {
+    const error = new ErrorWithDetailsAndCode(
+      'test error',
+      'some" er❌ror ""m"es❌sage❌'
+    );
+    const serializableError = new SerializableError(error);
+    assert.deepStrictEqual(serializableError.details, 'some error message');
+  });
 });

packages/platform-core/src/usage-data/serializable_error.ts

@@ -1,4 +1,6 @@
 import path from 'path';
+import { fileURLToPath } from 'url';
+import { homedir } from 'os';
 
 /**
  * Wrapper around Error for serialization for usage metrics
@@ -9,11 +11,19 @@ export class SerializableError {
   details?: string;
   trace?: Trace[];
 
+  // breakdown of filePathRegex:
+  // (file:/+)? -> matches optional file url prefix
+  // homedir() -> users home directory, replacing \ with /
+  // [\\w.\\-_@\\\\/]+ -> matches nested directories and file name
+  private filePathRegex = new RegExp(
+    `(file:/+)?${homedir().replaceAll('\\', '/')}[\\w.\\-_@\\\\/]+`,
+    'g'
+  );
   private stackTraceRegex =
     /^\s*at (?:((?:\[object object\])?[^\\/]+(?: \[as \S+\])?) )?\(?(.*?):(\d+)(?::(\d+))?\)?\s*$/i;
   private arnRegex =
     /arn:[a-z0-9][-.a-z0-9]{0,62}:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}/g;
-
+  private stackRegex = /amplify-[a-zA-Z0-9-]+/g;
   /**
    * constructor for SerializableError
    */
@@ -22,9 +32,11 @@ export class SerializableError {
       'code' in error && error.code
         ? this.sanitize(error.code as string)
         : error.name;
-    this.message = this.sanitize(error.message);
+    this.message = this.anonymizePaths(this.sanitize(error.message));
     this.details =
-      'details' in error ? this.sanitize(error.details as string) : undefined;
+      'details' in error
+        ? this.anonymizePaths(this.sanitize(error.details as string))
+        : undefined;
     this.trace = this.extractStackTrace(error);
   }
 
@@ -54,21 +66,52 @@ export class SerializableError {
     return result;
   };
 
+  private anonymizePaths = (str: string): string => {
+    let result = str;
+    const matches = [...result.matchAll(this.filePathRegex)];
+    for (const match of matches) {
+      result = result.replace(match[0], this.processPaths([match[0]])[0]);
+    }
+
+    return result;
+  };
+
   private processPaths = (paths: string[]): string[] => {
     return paths.map((tracePath) => {
-      if (path.isAbsolute(tracePath)) {
-        return path.relative(process.cwd(), tracePath);
+      let result = tracePath;
+      if (this.isURLFilePath(result)) {
+        result = fileURLToPath(result);
+      }
+      if (path.isAbsolute(result)) {
+        return path.relative(process.cwd(), result);
       }
-      return tracePath;
+
+      return result;
     });
   };
 
   private removeARN = (str?: string): string => {
     return str?.replace(this.arnRegex, '<escaped ARN>') ?? '';
   };
 
+  private removeStackIdentifier = (str?: string): string => {
+    return str?.replace(this.stackRegex, '<escaped stack>') ?? '';
+  };
+
   private sanitize = (str: string) => {
-    return this.removeARN(str)?.replaceAll(/["❌]/g, '');
+    let result = str;
+    result = this.removeARN(result);
+    result = this.removeStackIdentifier(result);
+    return result.replaceAll(/["❌]/g, '');
+  };
+
+  private isURLFilePath = (path: string): boolean => {
+    try {
+      new URL(path);
+      return path.startsWith('file:');
+    } catch {
+      return false;
+    }
   };
 }