feat: Obfuscate potential PII in logs

AGENTS.md

@@ -55,6 +55,13 @@ mParticle is a Customer Data Platform that collects, validates, and forwards eve
 - **No Unnecessary Features**: Don't add error handling for scenarios that can't happen
 - **Trust Internal Code**: Only validate at system boundaries (user input, external APIs)
 
+### Logging and PII Obfuscation
+
+**PII (Personally Identifiable Information)** is data that can identify a specific person, for example: email, name or phone number, and similar attributes. Logging raw payloads can expose PII in production.
+
+- Use `obfuscateDevData(data, isDevelopmentMode)` from `utils` to log payloads - shows raw data in development mode, obfuscates in production.
+- Use `obfuscateData(data)` from `utils` when you need to obfuscate a specific field.
+
 ### Testing Requirements
 
 - Run the full test suite before committing

src/batchUploader.ts

@@ -1,9 +1,9 @@
 import { Batch } from '@mparticle/event-models';
 import Constants from './constants';
-import { SDKEvent, SDKEventCustomFlags, SDKLoggerApi } from './sdkRuntimeModels';
+import { SDKEvent, SDKEventCustomFlags } from './sdkRuntimeModels';
 import { convertEvents } from './sdkToEventsApiConverter';
 import { MessageType, EventType } from './types';
-import { getRampNumber, isEmpty } from './utils';
+import { getRampNumber, isEmpty, obfuscateDevData } from './utils';
 import { SessionStorageVault, LocalStorageVault } from './vault';
 import {
     AsyncUploader,
@@ -79,17 +79,11 @@
 
         if (this.offlineStorageEnabled && !noFunctional) {
             this.eventVault = new SessionStorageVault<SDKEvent[]>(
-                `${mpInstance._Store.storageName}-events`,
-                {
-                    logger: mpInstance.Logger,
-                }
+                `${mpInstance._Store.storageName}-events`
             );
 
             this.batchVault = new LocalStorageVault<Batch[]>(
-                `${mpInstance._Store.storageName}-batches`,
-                {
-                    logger: mpInstance.Logger,
-                }
+                `${mpInstance._Store.storageName}-batches`
             );
 
             // Load Events from Session Storage in case we have any in storage
@@ -260,15 +254,18 @@
             return;
         }
 
-        const { Logger } = this.mpInstance;
-
         this.eventsQueuedForProcessing.push(event);
         if (this.offlineStorageEnabled && this.eventVault) {
-            this.eventVault.store(this.eventsQueuedForProcessing);
+            try {
+                this.eventVault.store(this.eventsQueuedForProcessing);
+            } catch (error) {
+                this.mpInstance.Logger.error('Failed to store events to offline storage. Events will remain in memory queue.');
+            }
         }
 
-        Logger.verbose(`Queuing event: ${JSON.stringify(event)}`);
-        Logger.verbose(`Queued event count: ${this.eventsQueuedForProcessing.length}`);
+        const eventToLog = obfuscateDevData(event, this.mpInstance._Store.SDKConfig.isDevelopmentMode);
+        this.mpInstance.Logger.verbose(`Queuing event: ${JSON.stringify(eventToLog)}`);
+        this.mpInstance.Logger.verbose(`Queued event count: ${this.eventsQueuedForProcessing.length}`);
 
         if (this.shouldTriggerImmediateUpload(event.EventDataType)) {
             this.prepareAndUpload(false, false);
@@ -380,7 +377,11 @@
 
         this.eventsQueuedForProcessing = [];
         if (this.offlineStorageEnabled && this.eventVault) {
-            this.eventVault.store([]);
+            try {
+                this.eventVault.store([]);
+            } catch (error) {
+                this.mpInstance.Logger.error('Failed to clear events from offline storage.');
+            }
         }
 
         let newBatches: Batch[] = [];
@@ -412,7 +413,6 @@
         this.batchesQueuedForProcessing = [];
 
         const batchesThatDidNotUpload = await this.uploadBatches(
-            this.mpInstance.Logger,
             batchesToUpload,
             useBeacon
         );
@@ -432,21 +432,22 @@
             // therefore NOT overwrite Offline Storage when beacon returns, so that we can retry
             // uploading saved batches at a later time. Batches should only be removed from
             // Local Storage once we can confirm they are successfully uploaded.
-            this.batchVault.store(this.batchesQueuedForProcessing);
-
-            // Clear batch queue since everything should be in Offline Storage
-            this.batchesQueuedForProcessing = [];
+
+            try {
+                this.batchVault.store(this.batchesQueuedForProcessing);
+                // Clear batch queue since everything should be in Offline Storage
+                this.batchesQueuedForProcessing = [];
+            } catch (error) {
+                this.mpInstance.Logger.error('Failed to store batches to offline storage. Batches will remain in memory queue.');
+            }
         }
 
         if (triggerFuture) {
             this.triggerUploadInterval(triggerFuture, false);
         }
     }
 
-    // TODO: Refactor to use logger as a class method
-    // https://go.mparticle.com/work/SQDSDKS-5167
     private async uploadBatches(
-        logger: SDKLoggerApi,
         batches: Batch[],
         useBeacon: boolean
     ): Promise<Batch[] | null> {
@@ -457,8 +458,9 @@
             return null;
         }
 
-        logger.verbose(`Uploading batches: ${JSON.stringify(uploads)}`);
-        logger.verbose(`Batch count: ${uploads.length}`);
+        const uploadsToLog = obfuscateDevData(uploads, this.mpInstance._Store.SDKConfig.isDevelopmentMode);
+        this.mpInstance.Logger.verbose(`Uploading batches: ${JSON.stringify(uploadsToLog)}`);
+        this.mpInstance.Logger.verbose(`Batch count: ${uploads.length}`);
 
         for (let i = 0; i < uploads.length; i++) {
             const fetchPayload: IFetchPayload = {
@@ -482,20 +484,20 @@
                     const response = await this.uploader.upload(fetchPayload);
 
                     if (response.status >= 200 && response.status < 300) {
-                        logger.verbose(
+                        this.mpInstance.Logger.verbose(
                             `Upload success for request ID: ${uploads[i].source_request_id}`
                         );
                     } else if (
                         response.status >= 500 ||
                         response.status === 429
                     ) {
-                        logger.error(
+                        this.mpInstance.Logger.error(
                             `HTTP error status ${response.status} received`
                         );
                         // Server error, add back current batches and try again later
                         return uploads.slice(i, uploads.length);
                     } else if (response.status >= 401) {
-                        logger.error(
+                        this.mpInstance.Logger.error(
                             `HTTP error status ${response.status} while uploading - please verify your API key.`
                         );
                         //if we're getting a 401, assume we'll keep getting a 401 and clear the uploads.
@@ -512,7 +514,7 @@
                         );
                     }
                 } catch (e) {
-                    logger.error(
+                    this.mpInstance.Logger.error(
                         `Error sending event to mParticle servers. ${e}`
                     );
                     return uploads.slice(i, uploads.length);

src/foregroundTimeTracker.ts

@@ -66,7 +66,11 @@
 
     public updateTimeInPersistence(): void {
         if (this.isTrackerActive && !this.noFunctional) {
-            this.timerVault.store(Math.round(this.totalTime));
+            try {
+                this.timerVault.store(Math.round(this.totalTime));
+            } catch (error) {
+                // Time tracking persistence is not critical for SDK functionality
+            }
         }
     }
 

src/identity-utils.ts

@@ -99,7 +99,11 @@
         status,
         expireTimestamp,
     };
-    idCache.store(cache);
+    try {
+        idCache.store(cache);
+    } catch (error) {
+        // Silently fail - identity caching is an optimization, not critical for functionality
+    }
 };
 
 // We need to ensure that identities are concatenated in a deterministic way, so
@@ -234,7 +238,11 @@
         }
     }
 
-    idCache.store(cache);
+    try {
+        idCache.store(cache);
+    } catch (error) {
+        // Silently fail - identity caching is an optimization, not critical for functionality
+    }
 };
 
 export const tryCacheIdentity = (

src/identityApiClient.ts

@@ -6,7 +6,7 @@ import {
     IFetchPayload,
 } from './uploaders';
 import { CACHE_HEADER } from './identity-utils';
-import { parseNumber, valueof } from './utils';
+import { obfuscateData, parseNumber, valueof } from './utils';
 import {
     IAliasCallback,
     IAliasRequest,
@@ -278,8 +278,16 @@ export default function IdentityAPIClient(
                         }
 
                     } else {
-                        message = 'Received Identity Response from server: ';
-                        message += JSON.stringify(identityResponse.responseText);
+                        const responseText = identityResponse.responseText;
+                        const { isDevelopmentMode } = mpInstance._Store.SDKConfig;
+                        let responseToLog = responseText;
+                        if (!isDevelopmentMode && responseText?.matched_identities) {
+                            responseToLog = {
+                                ...responseText,
+                                matched_identities: obfuscateData(responseText.matched_identities)
+                            };
+                        }
+                        message = 'Received Identity Response from server: ' + JSON.stringify(responseToLog);
                     }
 
                     break;

src/mp-instance.ts

@@ -1213,7 +1213,7 @@ export default function mParticleInstance(this: IMParticleWebSDKInstance, instan
      * @method setOptOut
      * @param {Boolean} isOptingOut boolean to opt out or not. When set to true, opt out of logging.
      */
-    this.setOptOut = function(isOptingOut) {
+    this.setOptOut = function(isOptingOut: boolean) {
         const queued = queueIfNotInitialized(function() {
             self.setOptOut(isOptingOut);
         }, self);
@@ -1619,14 +1619,10 @@ function createIdentityCache(mpInstance) {
     // Identity expects mpInstance._Identity.idCache to always exist. DisabledVault
     // ensures no identity response data is written to localStorage when noFunctional is true
     if (mpInstance._CookieConsentManager?.getNoFunctional()) {
-        return new DisabledVault(`${mpInstance._Store.storageName}-id-cache`, {
-            logger: mpInstance.Logger,
-        });
+        return new DisabledVault(`${mpInstance._Store.storageName}-id-cache`);
     }
 
-    return new LocalStorageVault(`${mpInstance._Store.storageName}-id-cache`, {
-        logger: mpInstance.Logger,
-    });
+    return new LocalStorageVault(`${mpInstance._Store.storageName}-id-cache`);
 }
 
 function runPreConfigFetchInitialization(mpInstance, apiKey, config) {

src/roktManager.ts

@@ -9,6 +9,7 @@ import {
     isFunction,
     AttributeValue,
     isEmpty,
+    obfuscateDevData,
 } from "./utils";
 import { SDKIdentityApi } from "./identity.interfaces";
 import { SDKLoggerApi } from "./sdkRuntimeModels";
@@ -234,7 +235,8 @@ export default class RoktManager {
             const { attributes } = options;
             const sandboxValue = attributes?.sandbox || null;
             const mappedAttributes = this.mapPlacementAttributes(attributes, this.placementAttributesMapping);
-            this.logger?.verbose(`mParticle.Rokt selectPlacements called with attributes:\n${JSON.stringify(attributes, null, 2)}`);
+            const attributesToLog = obfuscateDevData(attributes, this.store?.SDKConfig?.isDevelopmentMode);
+            this.logger?.verbose(`mParticle.Rokt selectPlacements called with attributes:\n${JSON.stringify(attributesToLog, null, 2)}`);
 
             this.currentUser = this.identityService.getCurrentUser();
             const currentUserIdentities = this.currentUser?.getUserIdentities()?.userIdentities || {};
@@ -273,7 +275,7 @@ export default class RoktManager {
                 newIdentities[this.mappedEmailShaIdentityType] = newHashedEmail;
                 this.logger.warning(`emailsha256 mismatch detected. Current mParticle hashedEmail differs from hashedEmail passed to selectPlacements call. Proceeding to call identify with hashedEmail from selectPlacements call. Please verify your implementation.`);
             }
-
+            
             if (!isEmpty(newIdentities)) {
                 // Call identify with the new user identities
                 try {
@@ -288,7 +290,8 @@ export default class RoktManager {
                         });
                     });
                 } catch (error) {
-                    this.logger.error('Failed to identify user with new email: ' + JSON.stringify(error));
+                    const errorMessage = error instanceof Error ? error.message : JSON.stringify(error);
+                    this.logger.error('Failed to identify user with updated identities: ' + errorMessage);
                 }
             }
 
@@ -504,7 +507,8 @@ export default class RoktManager {
                 return;
             }
 
-            this.logger?.verbose(`RoktManager: Processing queued message: ${message.methodName} with payload: ${JSON.stringify(message.payload)}`);
+            const payloadToLog = obfuscateDevData(message.payload, this.store?.SDKConfig?.isDevelopmentMode);
+            this.logger?.verbose(`RoktManager: Processing queued message: ${message.methodName} with payload: ${JSON.stringify(payloadToLog)}`);
 
             // Capture resolve/reject functions before async processing
             const resolve = message.resolve;

src/utils.ts

@@ -426,12 +426,71 @@ const filterDictionaryWithHash = <T>(
 }
 
 const parseConfig = (config: SDKInitConfig, moduleName: string, moduleId: number): IKitConfigs | null => {
-    return config.kitConfigs?.find((kitConfig: IKitConfigs) => 
-        kitConfig.name === moduleName && 
+    return config.kitConfigs?.find((kitConfig: IKitConfigs) =>
+        kitConfig.name === moduleName &&
         kitConfig.moduleId === moduleId
     ) || null;
 }
 
+/**
+ * Obfuscates an object by replacing all primitive values with their type names,
+ * while preserving the structure of nested objects and arrays.
+ * This is useful for logging data structures without exposing PII.
+ *
+ * @param value - The value to obfuscate
+ * @returns The obfuscated value with types instead of actual values
+ *
+ * @example
+ * obfuscateData({ email: 'user@email.com', age: 30 })
+ * // Returns: { email: 'string', age: 'number' }
+ *
+ * obfuscateData({ tags: ['premium', 'verified'] })
+ * // Returns: { tags: ['string', 'string'] }
+ */
+const obfuscateData = (value: any): any => {
+    // Preserve null and undefined
+    if (value === null || value === undefined) {
+        return value;
+    }
+
+    // Handle arrays - recursively obfuscate each element
+    if (Array.isArray(value)) {
+        return value.map(item => obfuscateData(item));
+    }
+
+    // Handle objects - recursively obfuscate each property
+    if (isObject(value)) {
+        const obfuscated: Dictionary<any> = {};
+        for (const key in value) {
+            if (value.hasOwnProperty(key)) {
+                obfuscated[key] = obfuscateData(value[key]);
+            }
+        }
+        return obfuscated;
+    }
+
+    // For primitives and other types, return the type as a string
+    return typeof value;
+};
+
+/**
+ * For verbose logging: returns raw data when isDevelopmentMode is true, else obfuscated data.
+ * Used when logging payloads so PII is not exposed in production.
+ *
+ * @param data - The value to log
+ * @param isDevelopmentMode - When true, returns data unchanged, when false or undefined, returns obfuscated data
+ * @returns Raw data when isDevelopmentMode is true, otherwise obfuscated structure
+ *
+ * @example
+ * obfuscateDevData({ email: 'user@email.com' }, true)
+ * // Returns: { email: 'user@email.com' }
+ *
+ * obfuscateDevData({ email: 'user@email.com' }, false)
+ * // Returns: { email: 'string' }
+ */
+const obfuscateDevData = (data: any, isDevelopmentMode?: boolean): any =>
+    isDevelopmentMode ? data : obfuscateData(data);
+
 export {
     createCookieString,
     revertCookieString,
@@ -440,6 +499,7 @@ export {
     AttributeValue,
     converted,
     decoded,
+    obfuscateDevData,
     filterDictionaryWithHash,
     findKeyInObject,
     generateDeprecationMessage,
@@ -449,6 +509,7 @@ export {
     inArray,
     isObject,
     isStringOrNumber,
+    obfuscateData,
     parseConfig,
     parseNumber,
     parseSettingsString,