There are two logger lineages in the monorepo today:
- Legacy (
packages/utils/logger/index.ts): plain console.*, [protect]
prefix, PROTECT_LOG_LEVEL, API { debug, info, error }, no plaintext
guard. It is not a package — @cipherstash/protect (13 files) and
@cipherstash/nextjs (4 files) reach it via cross-package relative-path imports
(../../../utils/logger).
- Stack (
packages/stack/src/utils/logger/index.ts): evlog-based with
sampling, STASH_STACK_LOG, API { debug, info, warn, error }, and a
safeMessage guard that stringifies only the message arg and drops the rest so
a stray logger.error('failed', encryptConfig) cannot leak
config/plaintext (load-bearing for the "never log plaintext" guarantee).
Decision
Create a new dedicated CipherStash logger package (e.g. @cipherstash/logger)
housing Stack's evlog-based, plaintext-safe logger, and have the new Stack line
depend on it. The legacy packages/utils/logger stays with the predecessor
packages (@cipherstash/protect, @cipherstash/nextjs) and is deprecated and
removed once those sunset. We do NOT migrate the maintenance-mode legacy packages
onto the new logger, and we do NOT regress Stack onto the legacy console logger.
Scope (when picked up)
Notes
Deferred follow-up — not blocking the 1.0 RC.
There are two logger lineages in the monorepo today:
packages/utils/logger/index.ts): plainconsole.*,[protect]prefix,
PROTECT_LOG_LEVEL, API{ debug, info, error }, no plaintextguard. It is not a package —
@cipherstash/protect(13 files) and@cipherstash/nextjs(4 files) reach it via cross-package relative-path imports(
../../../utils/logger).packages/stack/src/utils/logger/index.ts):evlog-based withsampling,
STASH_STACK_LOG, API{ debug, info, warn, error }, and asafeMessageguard that stringifies only the message arg and drops the rest soa stray
logger.error('failed', encryptConfig)cannot leakconfig/plaintext (load-bearing for the "never log plaintext" guarantee).
Decision
Create a new dedicated CipherStash logger package (e.g.
@cipherstash/logger)housing Stack's evlog-based, plaintext-safe logger, and have the new Stack line
depend on it. The legacy
packages/utils/loggerstays with the predecessorpackages (
@cipherstash/protect,@cipherstash/nextjs) and is deprecated andremoved once those sunset. We do NOT migrate the maintenance-mode legacy packages
onto the new logger, and we do NOT regress Stack onto the legacy console logger.
Scope (when picked up)
safeMessageplaintext guard,
evlogsampling, and env-var behaviour; decide whether theservicename / env var stay stack-branded or become generic).@cipherstash/stackdepends on it and re-exports as needed.loggercan bedropped from
@cipherstash/stack/adapter-kit(where it currently sits as aninterim — see feat(stack): adapter package split — foundation + plan (#627) #630).
packages/utils/loggerand the protect/nextjs relative-path importsuntouched; they retire with those packages.
Notes
adapter-kitre-exports
loggerfrom Stack's internal logger as the interim seam.../../../utils/logger) are a pre-existinghack; formalizing or removing them is part of the eventual legacy-package
cleanup, not this issue.
Deferred follow-up — not blocking the 1.0 RC.