Version

• PHP: 8.2

Description

When installing the package, even on a fresh version of Laravel, the latest version is not installed.

Steps to reproduce

1. composer create-project laravel/laravel playground
2. cd playground
3. composer require treblle/treblle-laravel

What happens

Version 3.0.8 is installed

What should happen

Version 4.1.02 should be installed.

Description

I've mostly made sure the SDK supports Laravel Octane and Laravel Vapor. Trust me there is a huge difference :) When running Octane on Vapor it's a bit different than running Octane without Vapor. In any case i used Laravel native functions to get things like headers, data and similar.

The last thing that i can't figure out is the load time. Because Laravel Octane keeps all the the requests in memory $_SERVER['REQUEST_TIME_FLOAT'] isn't actually reset upon each request. This means that the function we have for detecting the load time won't correctly work. One idea that @khalyomede had to use Redis and store a value each time a new request is made. We could use Octane RequestReceived event to do it. But I'm afraid of using that in case there are many requests being made.

In my opinion what should happen is we should have a variable inside the class let's stay $start_time and we should set that to microtime(true) each time a new requests comes in ONLY on Octane. Again using Octane listeners we can do that like the guys at Spatie: Laravel Ignition Example

But I'm not sure how to do it. Ideas?

Thank you

Version

• PHP: 8.1
• Laravel: 10.14.1
• treblle-laravel: 4.0.35

Description

After upgrading to version 4.0.35 on our internal API we started seeing load times that do not seem to be correct again. We had this problem before and it seems to be creeping in again. We are running on top of Vapor + Octane. This might be causing problems. If someone else is running regular Laravel (not vapor) they can check me.

Steps to reproduce

1. Install treblle-laravel 4.0.35 on your API
2. Make sure you are running Vapor + Octane
3. Make a test request and see it in the Treblle dashboard

Expected behavior

The load times should not be as high as it is right now.

Notes

As I've mentioned we had this bug already on Vapor/Octane.

Version

• PHP: 8.1
• Laravel: 10
• treblle-laravel: 3.0.8

Description

Following the Laravel Package installation documentation. And running my API via Vapor, I'm encountering an issue with your middleware. Currently, I cannot install treblle-laravel version ^4 since my composer is configured for stable packages only.

Here the logs:

{
"exception": 
{
"class": 
"JsonException",
"message": 
"Syntax error",
"code": 
4,
"file": 
"/var/task/vendor/treblle/treblle-laravel/src/Middlewares/TreblleMiddleware.php:149"
},
"aws_request_id": 
"2d63be31-855d-4c62-9fb4-2c7d5d3a9346"
}

Thank you!

Expected behavior

Recording API calls onto Treblle.

Description

When serving requests using Laravel Octane, 2 duplicated API responses are registered in the user's dashboard (instead of one).

Reproduce the issue

1. Run php artisan octane:start --server=swoole, then make a request to your endpoint
2. Check on your dashboard that the response is duplicated twice

Expected behavior

Only one API response is logged on the user's dashboard.

Version

• PHP: 8.1
• Laravel: 9.52.4
• treblle-laravel: 3.0

Description

When I return a Illuminate\Http\JsonResponse, like this:

response()->json([
    'message' => 'Valid response',
]);

I get a type error that only Illuminate\Http\Response is acceptable.

Stacktrace

TypeError: Treblle\Jobs\ProcessRequest::__construct(): Argument #2 ($response) must be of type Illuminate\Http\Response, Illuminate\Http\JsonResponse given, called in vendor/treblle/treblle-laravel/src/Middlewares/TreblleMiddleware.php on line 39 and defined in vendor/treblle/treblle-laravel/src/Jobs/ProcessRequest.php:40
Stack trace:

Description

When a Github user creates a pull request and use its own forked branch as source, the github action step that runs php-cs-fixer fails to find a branch on the destination repository (this one) with the same name as the fork branch name.

See this failure on this pull request for example.

Reproduce the issue

1. Fork the repository
2. Create a new branch (that does not exist on the source repository e.g. does not exist on this one)
3. Create a pull request on the source repository from the fork branch
4. The "Commit changes" step fails

Expected behavior

No failure when the fork branch code is complying with php-cs-fixer configuration and the fork branch does not exist on the source repository.

First of all, congratulations for this package, great job done here!

Description

I installed and configured the package, but unfortunately I could not see results on my Treblle dashboard because I noticed we are not using FastCGI on our test server.

By tweaking the code of the middleware a bit, I managed to find a solution to send a payload to my dashboard (see Suggestion).

Proposal

I think we could have an option, "use fast CGI", which is by default to true (to not break the previous behavior), and can be set to false. In this case, the terminate method could be called manually inside the handle method. What do you think?

Notes

This is the code I added to be able to see my endpoints payloads on my dashboard:

public function handle($request, Closure $next) {

  $response = $next($request);

  $this->terminate($request, $response); // <--
    
  return $response;
}

Description

Our application has multiple APIs within it - we would like to set these up as individual projects with Trebble - however this doesn't seem possible.

Proposal

A means to specify a project id via middleware params

Notes

Not sure how feasible this would be but it would be mega useful!

Version

• PHP: 8.1
• Laravel: 10.20.0
• treblle-laravel: 4.1.2

Description

I am getting following error after installing treblle , following in rollbar stack.

ErrorException: Undefined array key 1
  File "/var/www/html/app/vendor/treblle/utils/src/Masking/FieldMasker.php", line 54
  File "/var/www/html/app/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/HandleExceptions.php", line 254, in Illuminate\Foundation\Bootstrap\HandleExceptions::handleError
  File "/var/www/html/app/vendor/treblle/utils/src/Masking/FieldMasker.php", line 54, in Illuminate\Foundation\Bootstrap\HandleExceptions::Illuminate\Foundation\Bootstrap\{closure}
  File "/var/www/html/app/vendor/treblle/treblle-laravel/src/Factories/DataFactory.php", line 95, in Treblle\Utils\Masking\FieldMasker::mask
  File "/var/www/html/app/vendor/treblle/treblle-laravel/src/Middlewares/TreblleMiddleware.php", line 82, in Treblle\Factories\DataFactory::make
  File "/var/www/html/app/treblle/treblle-laravel/src/Middlewares/TreblleMiddleware.php", line 55, in Treblle\Middlewares\TreblleMiddleware::collectData
  File "/var/www/html/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php", line 258, in Treblle\Middlewares\TreblleMiddleware::terminate
  File "/var/www/html/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php", line 213, in Illuminate\Foundation\Http\Kernel::terminateMiddleware
  File "/var/www/html/app/public/index.php", line 55, in Illuminate\Foundation\Http\Kernel::terminate

Explain the context and how you encountered this bug.
I am getting this error on particular API. I am not sure the reason.

treblle.php

<?php

return [
    /*
     * A valid Treblle API key. You can get started for FREE by visiting https://treblle.com/
     */
    'api_key' => env('TREBLLE_API_KEY'),

    /*
     * A valid Treblle project ID. Create your first project on https://treblle.com/
     */
    'project_id' => env('TREBLLE_PROJECT_ID'),

    /*
     * Define which environments should Treblle ignore and not monitor
     */
    'ignored_environments' => env('TREBLLE_IGNORED_ENV', 'dev,test,testing'),

    /*
     * Define which fields should be masked before leaving the server
     */
    'masked_fields' => [
        'password',
        'pwd',
        'secret',
        'password_confirmation',
        'cc',
        'card_number',
        'ccv',
        'ssn',
        'credit_score',
        'api_key',
        'api_token'
    ],
];

More details :

Treblle\Utils\Masking\FieldMasker::mask(/var/www/html/app/vendor/treblle/treblle-laravel/src/Factories/DataFactory.php:95)
Treblle\Utils\Masking\FieldMasker::mask arguments

{
  "ac": "12",
  "access-control-allow-headers": "*",
  "cf-visitor": "{\"scheme\":\"https\"}",
  "accept-encoding": "gzip, br",
  "content-type": "application/json; charset=utf-8",
  "x-forwarded-for": "2401:4900:8028:40ce::2f:f04",
  "content-length": "",
  "accept": "application/json; charset=utf-8",
  "user-agent": "Dart/2.19 (dart:io)",
  "access-control-allow-origin": "*",
  "host": "",
  "x-forwarded-proto": "https",
  "cache-control": "no-cache",
  "cdn-loop": "cloudflare",
  "cf-connecting-ip": "2401:4900:8088:40ce::2f:f04",
  "cf-ray": "7fddae0a495c9e-FRA",
  "cf-ipcountry": "IN",
  "x-app-user": "customer",
  "x-app-identifier": "",
  "authorization": "Bearer"
}

Steps to reproduce

1. ...
2. ...
3. ...

Expected behavior

Explain what result you expected to see.

Notes

Any additional useful informations, like related issues, ...

Version

• PHP: 8.2
• Laravel: 10
• treblle-laravel: 4.3

Description

Treblle package is throwing Forbidden exception.

I've installed package through composer and then run install command. After that command had created my account and printed API credentials. I've pasted that credentials to .env file and added middleware to the API group but after that it didn't worked as expected.

Steps to reproduce

1. composer require treblle/treblle-laravel
2. php artisan treblle:start
3. Enter new email that is not registered with treblle and follow the instructions
4. Copy printed credentials to .env file
5. Enable treblle through app/Http/Kernel.php by adding treblle alias
6. Add treblle middleware to api group.
7. Make any api call and it will throw TreblleApiException with message 'Forbidden' and append that response after API response

Expected behavior

It should work as expected and if there is any exception it should log it to treblle dashboard instead of API response and if its not possible to log it should log it to log file.

Version

• PHP: 8.1.16
• Laravel: 8.83.27
• treblle-laravel: 2.8.6

Description

The TreblleMiddleware.php class seems to treat any response that throws the \Illuminate\Validation\ValidationException::class as an api error.

As a result, such request gets logged on the Treblle console as an error which is not really the case. The response body which would normally contain the validation errors is also empty.

Steps to reproduce

1. Make a request to any api endpoint that has validation rules.
2. Provide data that will cause the validation rules to fail.
3. Check the treblle console and the request would have an ERROR label and also be flagged under the 'Problems' tab.

Expected behavior

\Illuminate\Validation\ValidationException::class instances are not exactly api 'errors' per se. Validation failures in laravel leads to that exception being thrown and the 422 status code being returned. It isn't accurate to have it listed as an error on the console and as a 'problem' that needs to be fixed.

Notes

As far as solutions go, in my particular use case, I think adding something like a exception_whitelist config key to the treblle.php config file might work. Kinda like this:

Existing code in vendor/treblle/treblle-laravel/src/Middlewares/TreblleMiddleware.php line 127

if (empty($response->exception)) {
   ...

Proposed change:

if (empty($response->exception) or in_array(get_class($response->exception), config('treblle.exception_whitelist', []))) {
...

I can create a PR to add this change if given the go ahead.

Thank you kindly.

Description

I feel the package is getting traction these days, great news! This would be the perfect moment to provide some documentation for changes that happens between 2 versions. This may help developpers knowing if they can/should update their package version (in case of breaking changes for example).

Proposal

Let's create a CHANGELOG.md file for that. Keepachangelog.org provides a good starting point for the content. This will also require each time someone bumps the package version, he/she should also make it on this file.

Basically, each merged pull request should also contain a note on the change, which will be located on a "Unreleased" section on top of the file, so that the next person that will bump the version will only have to change from "Unreleased" to "[3.0.0] 2022-01-10" or whatever is the current version and date.

Version

• PHP: 8.2
• Laravel: 10.9.0
• treblle-laravel: latest

Description

Cache store [octane] is not defined.

Steps to reproduce

Not required [internal].

Expected behavior

Not required [internal].

Notes

Not required [internal].

Version

• PHP: 8.1.20
• Laravel: 10.13.1
• treblle-laravel: N/A

Description

Explain the context and how you encountered this bug.

Steps to reproduce

1. laravel new treble-demo
2. composer require treblle/treblle-laravel:^4.0

Expected behavior

Install without a flinch

Notes

• Package installs v3 instead of v4, requires specifying v4 to get latest version
• To install package it requires -W argument to composer

❯ composer require treblle/treblle-laravel:^4.0
Info from https://repo.packagist.org: #StandWithUkraine
./composer.json has been updated
Running composer update treblle/treblle-laravel
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - juststeveking/sdk-tools 0.0.4 requires psr/http-message ^1.0 -> found psr/http-message[1.0, 1.0.1, 1.1] but the package is fixed to 2.0 (lock file version) by a partial update and that version does not match. Make sure you list it as an argument for the update command.
    - treblle/treblle-laravel 4.0.33 requires treblle/utils ^0.0.34 -> satisfiable by treblle/utils[0.0.34].
    - treblle/utils 0.0.34 requires juststeveking/sdk-tools ^0.0.4 -> satisfiable by juststeveking/sdk-tools[0.0.4].
    - Root composer.json requires treblle/treblle-laravel ^4.0 -> satisfiable by treblle/treblle-laravel[4.0.33].

Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.

Version

• PHP: 8.2.5
• Laravel: 9.52
• treblle-laravel: 4.0.30

Description

Trying to upgrade to any version after 4.0.26, I get "[Illuminate\Contracts\Container\BindingResolutionException]
Target class [treblle] does not exist."

Looks related to #65

Route::prefix('/v1')->middleware(['treblle'])->group(function () {
  // API ROUTES HERE
});

Steps to reproduce

Expected behavior

I expect Treblle route middleware to still work out of the box but since 4.0.26, it hasn't worked.

Notes

For some reason you've removed previous versions/releases in 4.0.x , so I can't rollback to when it was working before now 4.0.26 so I've had to disable it.

Version

• PHP: 8.1
• Laravel: 9
• treblle-laravel: 3.0.1

Description

The handle() method of TreblleMiddleware doesn't recognize Illuminate\Http\JsonResponse as return type.

This causes my Laravel application to return a 500 error.

Stacktrace

Treblle\Middlewares\TreblleMiddleware::handle(): Return value must be of type Illuminate\Http\Response, Illuminate\Http\JsonResponse returned

Version

• PHP: 8.2.6
• Laravel: 9.52.7
• treblle-laravel: 4.0.23

Description

I'm getting this error:

Treblle\Utils\Masking\FieldMasker::isHeader(): Argument #1 ($name) must be of type string, int given, called in /var/www/html/vendor/treblle/utils/src/Masking/FieldMasker.php on line 41

Headers:

Accept | application/json
-- | --
Accept-Encoding | gzip, deflate, br
Accept-Language | en-US,en;q=0.5
Authorization | [Filtered]
Content-Length | 301
Content-Type | application/json
Cookie | [Filtered]
Forwarded | for=174.52.***.***;host=api.***.io;proto=https
Host | api.***.io
Origin | https://app.***.io
Referer | https://app.***.io/
Sec-Fetch-Dest | empty
Sec-Fetch-Mode | cors
Sec-Fetch-Site | same-site
User-Agent | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/113.0
Via | HTTP/1.1 AmazonAPIGateway
X-Amzn-Trace-Id | Root=1-6463a2f3-6add634f59c984e411540b91
X-Forwarded-Port | 443

Steps to reproduce

1. ...
2. ...
3. ...

Expected behavior

I don't expect to receive this error when the code is checking for headers (string) but receives an int? as a header name?

Notes

Any additional useful informations, like related issues, ...

Version

• PHP: *
• Laravel: *
• treblle-laravel: latest

Description

Trying to integrate the library, seems that during the last refactor introduced an impossible set of conditions on the app.env.
Tried a fix here: #87

Version

• PHP: 8.2.4
• Laravel: 10.4.1
• treblle-laravel: 3.0.8

Description

Seem like after i upgraded to treblle 3, API request to my octane site are no longer logged by Treblle

Steps to reproduce

Use Laravel Octane.
Upgrade to treblle 3

Previously I run on treblle 2 and Octane

make minimum dependency of the package to Laravel 7, so we could easily use HTTPClient provided by Laravel and use it for mocking API responses in tests, we could use mockery as well to mock GuzzleClient directly instead of using wrapper but not sure if its worth efforts.

Version

• PHP: 8.3.1
• Laravel: 11.4.0
• treblle-laravel: 4.5.4

Description

Explain the context and how you encountered this bug.

seeing errors in laravel.log when doing requests to my API

Treblle\Utils\Masking\FieldMasker::handleString(): Argument #1 ($key) must be of type string, int given, called in 
 /app/vendor/treblle/utils/src/Masking/FieldMasker.php on line 22 {"userId":1,"exception":"[object] (TypeError(code: 0):  
Treblle\\Utils\\Masking\\FieldMasker::handleString(): Argument #1 ($key) must be of type string, int given, called in  
/app/vendor/treblle/utils/src/Masking/FieldMasker.php on line 22 at /app/vendor/treblle/utils/src/Masking/FieldMasker.php:33)

Steps to reproduce

the error happens when sending requests to my API.
it´s a json body with a json response.

Expected behavior

no errors in laravel.log

Notes

just a hack, but I had to do this to temp fix it:

Description

Performance Span from Sentry

Proposal

Understanding there Terminable Middleware as used at

Proposing an opt-in feature to use queues for Collecting API Metrics

Notes

N/A

Description

With more people involved in the project, having the same IDE conventions will help not saving files with differents line ending etc... Most modern IDE like VSCode supports this file, so that if the "format on save" configuration or equivalent is active, it will correctly format the files.

Proposal

Format file with these conventions

• All files
  • indent width: 4
  • indent type: space
  • line ending: lf
  • trim trailing white spaces: yes
  • insert new line at the end of file: yes
  • charset: utf8
• .json, .md, .yml
  • indent width: 2

Version

• PHP: 8.2.5
• Laravel: 10.11.0
• treblle-laravel: 4.0.23

Description

I do not think the ignored_environments config value is used anywhere. I searched through the code for ignored_environments and I only see it referenced in:

• treblle-laravel/config/treblle.php
• treblle-sdk-core/src/Configuration.php

Steps to reproduce

1. In your .env file set TREBLLE_IGNORED_ENV to your current environment
2. Do not set TREBLLE_API_KEY
3. Make some API requests and then check your logs and you will see the errors that an API key is not specified

Expected behavior

I would expect to see it referenced in the ServiceProvider or in the middleware but it is not. I would expect that if the environment is ignored that it would use an early return in the middleware. I would also expect that if the environment is ignored that I would not need to set the API key and I would not get the error that I need to set the API key.

Notes

I am still generally confused about how I am expected to use Treblle with multiple environments. Should I have one Treblle project for each environment? How can I have Treblle enabled only in certain environments like staging and production?

Description

This will help having more structured issues, and essentials information for bugs.

Proposal

2 new issue templates:

• Enhancements
  • "Description" section: the developper describe a bit of context before the actual proposal
  • "Proposal" section: the developper explains what he wants to see as an improvement (code snippet, ...)
• Bug report
  • "Version" section: contains versions for
    • PHP
    • This package
    • Laravel
  • "Description" section: A place where the developper can give a bit of context before explaining how to reproduce the issue
  • "Steps to reproduce" section: Should contains clear guidances to help reproduce the issue
  • "Expected behavior" section: Contain what result the developper expected to have

Notes

The Github tutorial to set this up: Configuring issue templates for your repository.

'password', 'pwd', 'secret', 'password_confirmation', 'cc', 'card_number', 'ccv', 'ssn',
'credit_score', 'api_key',

Proposing to move these values to config file as default values.. so user has complete control over what to show or what to mask..

Description

Having src folder contain all the PHP files of the package will look "cleaner".

Proposal

Move "config" folder to "src" folder.

• login and registration routes should not need token
• once we login or register we should get token in response specific to that user..
• then this token should be used to create projects ..

Not sure how that token is scoped in backend.. it might be security threat

Want to raise discussion around this topic so if needed it can be addressed..