{"id":13411581,"url":"https://github.com/basecamp/console1984","last_synced_at":"2025-07-20T03:31:16.883Z","repository":{"id":36953335,"uuid":"266574211","full_name":"basecamp/console1984","owner":"basecamp","description":"The Rails console you love, 1984 style","archived":false,"fork":false,"pushed_at":"2025-01-30T12:43:46.000Z","size":1902,"stargazers_count":719,"open_issues_count":17,"forks_count":42,"subscribers_count":28,"default_branch":"master","last_synced_at":"2025-07-18T05:34:44.235Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/basecamp.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"MIT-LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-05-24T15:53:35.000Z","updated_at":"2025-07-09T18:28:44.000Z","dependencies_parsed_at":"2024-05-21T15:59:36.220Z","dependency_job_id":"f705ff85-5969-4cc3-8025-524ea73ebd60","html_url":"https://github.com/basecamp/console1984","commit_stats":{"total_commits":239,"total_committers":12,"mean_commits":"19.916666666666668","dds":0.2635983263598326,"last_synced_commit":"0d34734c1b4e3f44e48b9a593b06d36c6a17df9f"},"previous_names":[],"tags_count":35,"template":false,"template_full_name":null,"purl":"pkg:github/basecamp/console1984","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/basecamp%2Fconsole1984","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/basecamp%2Fconsole1984/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/basecamp%2Fconsole1984/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/basecamp%2Fconsole1984/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/basecamp","download_url":"https://codeload.github.com/basecamp/console1984/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/basecamp%2Fconsole1984/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266063099,"owners_count":23870716,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T20:01:14.688Z","updated_at":"2025-07-20T03:31:16.868Z","avatar_url":"https://github.com/basecamp.png","language":"Ruby","funding_links":[],"categories":["Ruby"],"sub_categories":[],"readme":"![example workflow](https://github.com/basecamp/console1984/actions/workflows/build.yml/badge.svg)\n\n# Console1984\n\nA Rails console extension that protects sensitive accesses and makes them auditable.\n\n\u003e “If you want to keep a secret, you must also hide it from yourself.”\n\u003e\n\u003e ― George Orwell, 1984\n\nIf you are looking for the auditing tool, check [`audits1984`](https://github.com/basecamp/audits1984).\n\n![Terminal screenshot showing console1984 asking for a reason for the session](docs/images/console-session-reason.png)\n\n## Installation\n\n**Important:** `console1984` depends on [Active Record encryption](https://guides.rubyonrails.org/active_record_encryption.html) which is a Rails 7 feature.\n\nAdd it to your `Gemfile`:\n\n```ruby\ngem 'console1984'\n```\n\nCreate tables to store console activity in the database:\n\n```ruby\nrails console1984:install:migrations\nrails db:migrate\n```\n\nBy default, console1984 is only enabled in `production`. You can configure the target environments in your `application.rb`:\n\n```ruby\nconfig.console1984.protected_environments = %i[ production staging ]\n```\n\nFinally, you need to [configure Active Record Encryption](https://guides.rubyonrails.org/active_record_encryption.html#setup) in your\nproject. This is because the library stores the tracked console commands encrypted.\n\n## How it works\n\n### Session activity logging\n\nWhen starting a console session, it will ask for a reason. Internally, it will use this reason to document the console session and record all the commands executed in it.\n\n```\n$ rails c\n\nYou have access to production data here. That's a big deal. As part of our promise to keep customer data safe and private, we audit the commands you type here. Let's get started!\n\n\n\nCommands:\n\n* decrypt!: enter unprotected mode with access to encrypted information\n\nUnnamed, why are you using this console today?\n\n\u003e ...\n```\n\n### Auditing sessions\n\nCheck out [`audits1984`](https://github.com/basecamp/audits1984), a companion auditing tool prepared to work with `console1984` database session trails.\n\n### Access to encrypted data\n\nBy default, `console1984` won't decrypt data encrypted with [Active Record encryption](https://guides.rubyonrails.org/active_record_encryption.html). Users will just see the ciphertexts.\n\nTo decrypt data, enter the command `decrypt!`. It will ask for a justification, and these accesses will be flagged internally as sensitive.\n\n```ruby\nirb(main)\u003e Topic.last.name\n Topic Load (1.4ms) SELECT `topics`.* FROM `topics` ORDER BY `topics`.`id` DESC LIMIT 1\n=\u003e \"{\\\"p\\\":\\\"iu6+LfnNlurC6sL++JyOIDvedjNSz/AvnZQ=\\\",\\\"h\\\":{\\\"iv\\\":\\\"BYa86+JNM/LdkC18\\\",\\\"at\\\":\\\"r4sQNoSyIlAjJdZEKHVMow==\\\",\\\"k\\\":{\\\"p\\\":\\\"7L1l/5UiYsFQqqo4jfMZtLwp90KqcrIgS7HqgteVjuM=\\\",\\\"h\\\":{\\\"iv\\\":\\\"ItwRYxZAerKIoSZ8\\\",\\\"at\\\":\\\"ZUSNVfvtm4wAYWLBKRAx/g==\\\",\\\"e\\\":\\\"QVNDSUktOEJJVA==\\\"}},\\\"i\\\":\\\"OTdiOQ==\\\"}}\"\nirb(main)\u003e decrypt!\n```\n\n```\nBefore you can access personal information, you need to ask for and get explicit consent from the user(s). Unnamed, where can we find this consent (a URL would be great)?\n\n\u003e ...\n\nOk! You have access to encrypted information now. We pay extra close attention to any commands entered while you have this access. You can go back to protected mode with 'encrypt!'\n\nWARNING: Make sure you don`t save objects that were loaded while in protected mode, as this can result in saving the encrypted texts.\n```\n\n```ruby\nirb(main)\u003e Topic.last.name\n Topic Load (1.2ms) SELECT `topics`.* FROM `topics` ORDER BY `topics`.`id` DESC LIMIT 1\n=\u003e \"Thanks for the inspiration\"\n```\n\nYou can type `encrypt!` to go back to protected mode again.\n\n```ruby\nirb(main):004:0\u003e encrypt!\n```\n\n```\nGreat! You are back in protected mode. When we audit, we may reach out for a conversation about the commands you entered. What went well? Did you solve the problem without accessing personal data?\n```\n\n```ruby\nirb(main)\u003e Topic.last.name\n Topic Load (1.4ms) SELECT `topics`.* FROM `topics` ORDER BY `topics`.`id` DESC LIMIT 1\n=\u003e \"{\\\"p\\\":\\\"iu6+LfnNlurC6sL++JyOIDvedjNSz/AvnZQ=\\\",\\\"h\\\":{\\\"iv\\\":\\\"BYa86+JNM/LdkC18\\\",\\\"at\\\":\\\"r4sQNoSyIlAjJdZEKHVMow==\\\",\\\"k\\\":{\\\"p\\\":\\\"7L1l/5UiYsFQqqo4jfMZtLwp90KqcrIgS7HqgteVjuM=\\\",\\\"h\\\":{\\\"iv\\\":\\\"ItwRYxZAerKIoSZ8\\\",\\\"at\\\":\\\"ZUSNVfvtm4wAYWLBKRAx/g==\\\",\\\"e\\\":\\\"QVNDSUktOEJJVA==\\\"}},\\\"i\\\":\\\"OTdiOQ==\\\"}}\"\n```\n\nWhile in protected mode, you can't modify encrypted data, but can save unencrypted attributes normally. If you try to modify an encrypted column it will raise an error.\n\n### Access to external systems\n\nWhile Active Record encryption can protect personal information in the database, there are other systems can contain very sensitive information. For example: Elasticsearch indexing user information or Redis caching template fragments.\n\nTo protect the access to such systems, you can add their URLs to `config.console1984.protected_urls` in the corresponding environment config file (e.g: `production.rb`):\n\n```ruby\nconfig.console1984.protected_urls = [ \"https://my-app-us-east-1-whatever.us-east-1.es.amazonaws.com\", \"redis://my-app-cache-1.whatever.cache.amazonaws.com:6379\" ]\n```\n\nIn the default protected mode, trying to read data from a protected system will be aborted with an error:\n\n```ruby\nirb(main)\u003e Rails.cache.read(\"some key\") # raises Console1984::Errors::ProtectedConnection\n```\n\nRunning `decrypt!` will switch you to unprotected mode and let you access these systems normally. The system will ask for a justification and will flag those accesses as sensitive.\n\nThis will work for systems that use Ruby sockets as the underlying communication mechanism.\n\n### Automatic scheduled incineration for sessions\n\nBy default, sessions will be incinerated with a job 30 days after they are created. You can configure this period by setting `config.console1984.incinerate_after = 1.year` and you can disable incineration completely by setting `config.console1984.incinerate = false`.\n\n### Eager loading\n\nWhen starting a console session, `console1984` will eager load all the application classes if necessary. In practice, production environments already load classes eagerly, so this won't represent any change for those. \n\n## Configuration\n\nThese config options are namespaced in `config.console1984`:\n\n| Name | Description |\n|---------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `protected_environments` | The list of environments where `console1984` will act on. Defaults to `%i[ production ]`. |\n| `protected_urls` | The list of URLs corresponding with external systems to protect. |\n| `session_logger` | The system used to record session data. The default logger is `Console1984::SessionsLogger::Database`. |\n| `username_resolver` | Configure how the current user is determined for a given console session. The default is `Console1984::Username::EnvResolver.new(\"CONSOLE_USER\")`, which returns the value of the environment variable `CONSOLE_USER`. |\n | `ask_for_username_if_empty` | If `true`, the console will ask for a username if it is empty. If `false`, it will raise an error if no username is set. Defaults to `false`. |\n| `production_data_warning` | The text to show when a console session starts. |\n| `enter_unprotected_encryption_mode_warning` | The text to show when user enters into unprotected mode. |\n| `enter_protected_mode_warning` | The text to show when user goes back to protected mode. |\n| `incinerate` | Whether incinerate sessions automatically after a period of time or not. Default to `true`. |\n| `incinerate_after` | The period to keep sessions around before incinerate them. Default `30.days`. |\n| `incineration_queue` | The name of the queue for session incineration jobs. Default `console1984_incineration`. |\n| `base_record_class` | The host application base class that will be the parent of `console1984` records. By default it's `::ApplicationRecord`. |\n\n### SSH Config\n\nTo automatically set the `CONSOLE_USER` env var for sessions, you'll need to configure SSH on the server to accept the environment variable.\n\nOn the server, edit `/etc/ssh/sshd_config` to accept the environment variable:\n```\nAcceptEnv LANG LC_* CONSOLE_USER\n```\n\nRestart the SSH server to use the new config:\n```bash\nservice sshd restart\n```\n\nOn the client side, you can provide this env var from your clients by adding the variable to the ssh config:\n\n```\nHost *\n SetEnv CONSOLE_USER=david\n```\n\n## About built-in protection mechanisms\n\n`console1984` adds many protection mechanisms to prevent tampering. This includes attempts to alter data in auditing tables or monkey patching certain classes to change how the system works. If you find a way to circumvent these tampering controls, please [report an issue](https://github.com/basecamp/console1984/issues).\n\nWe aim to make these defense mechanisms as robust as possible, but there might always be open doors because Ruby is highly dynamic. If your organization needs bullet-proof protection against malicious actors using the console, you should consider additional security measures. An example would be using a read-only database user for auditing data while in a console. The gem doesn't offer direct support for doing this, but it's on our radar for future improvement.\n\n## Running the test suite\n\nThe test suite runs against SQLite by default, but can be run against Postgres and MySQL too. It will run against the three in the CI server.\n\nTo run the suite in your computer, first, run `bin/setup` to create the docker containers for MySQL/PostgreSQL and create the databases. Then run:\n\n```bash\nbin/rails test # against SQLite (default) \nbin/rails test TARGET_DB=mysql \nbin/rails test TARGET_DB=postgres \nbin/rails test TARGET_DB=sqlite \n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbasecamp%2Fconsole1984","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbasecamp%2Fconsole1984","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbasecamp%2Fconsole1984/lists"}