{"id":13463283,"url":"https://github.com/trusche/httplog","last_synced_at":"2026-01-17T00:28:12.217Z","repository":{"id":421568,"uuid":"2062289","full_name":"trusche/httplog","owner":"trusche","description":"Log outgoing HTTP requests in ruby","archived":false,"fork":false,"pushed_at":"2026-01-07T12:25:40.000Z","size":504,"stargazers_count":816,"open_issues_count":4,"forks_count":78,"subscribers_count":7,"default_branch":"master","last_synced_at":"2026-01-08T19:49:26.600Z","etag":null,"topics":["apis","debugging","http","httplog","logging","rails","ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trusche.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"MIT-LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["trusche"],"patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"lfx_crowdfunding":null,"polar":null,"buy_me_a_coffee":"thilorusche","thanks_dev":null,"custom":null}},"created_at":"2011-07-17T16:30:38.000Z","updated_at":"2026-01-07T12:25:44.000Z","dependencies_parsed_at":"2024-01-08T17:14:21.948Z","dependency_job_id":"4e2a14e5-2b53-4d77-a66c-da1b854d30ba","html_url":"https://github.com/trusche/httplog","commit_stats":{"total_commits":356,"total_committers":38,"mean_commits":9.368421052631579,"dds":0.297752808988764,"last_synced_commit":"7709b7a9e575c7739e20aae2c34acb17f6ece95b"},"previous_names":[],"tags_count":55,"template":false,"template_full_name":null,"purl":"pkg:github/trusche/httplog","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trusche%2Fhttplog","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trusche%2Fhttplog/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trusche%2Fhttplog/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trusche%2Fhttplog/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trusche","download_url":"https://codeload.github.com/trusche/httplog/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trusche%2Fhttplog/sbom","scorecard":{"id":899968,"data":{"date":"2025-08-11","repo":{"name":"github.com/trusche/httplog","commit":"bab1f578a832506153608970a564f8f6930b6c27"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5,"checks":[{"name":"Code-Review","score":1,"reason":"Found 2/20 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/trusche/httplog/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/trusche/httplog/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/trusche/httplog/ci.yml/master?enable=pin","Info:   0 out of   1 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: MIT-LICENSE:0","Info: FSF or OSI recognized license: MIT License: MIT-LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":8,"reason":"SAST tool is not run on all commits -- score normalized to 8","details":["Warn: 10 commits out of 12 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-24T15:12:10.715Z","repository_id":421568,"created_at":"2025-08-24T15:12:10.715Z","updated_at":"2025-08-24T15:12:10.715Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28490097,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T23:55:29.509Z","status":"ssl_error","status_checked_at":"2026-01-16T23:55:29.108Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apis","debugging","http","httplog","logging","rails","ruby"],"created_at":"2024-07-31T13:00:49.768Z","updated_at":"2026-01-17T00:28:12.210Z","avatar_url":"https://github.com/trusche.png","language":"Ruby","readme":"## httplog\n\n[![Gem Version](https://badge.fury.io/rb/httplog.svg)](http://badge.fury.io/rb/httplog) \n[![CI](https://github.com/trusche/httplog/actions/workflows/ci.yml/badge.svg)](https://github.com/trusche/httplog/actions/workflows/ci.yml)\n[![Release Version](https://img.shields.io/github/release/trusche/httplog.svg)](https://img.shields.io/github/release/trusche/httplog.svg)\n\nLog outgoing HTTP requests made from your application. Helps with debugging pesky API error responses, or just generally understanding what's going on under the hood.\n\nRequires ruby \u003e= 2.6.\n\nThis gem works with the following ruby modules and libraries:\n\n* [Net::HTTP](http://www.ruby-doc.org/stdlib-1.9.3/libdoc/net/http/rdoc/index.html) v4+\n* [Ethon](https://github.com/typhoeus/ethon)\n* [Excon](https://github.com/geemus/excon)\n* [OpenURI](http://www.ruby-doc.org/stdlib-1.9.3/libdoc/open-uri/rdoc/index.html)\n* [Patron](https://github.com/toland/patron)\n* [HTTPClient](https://github.com/nahi/httpclient)\n* [HTTParty](https://github.com/jnunemaker/httparty)\n* [HTTP](https://github.com/httprb/http)\n\nThese libraries are at least partially supported, where they use one of the above as adapters, but not explicitly tested - YMMV:\n\n* [Faraday](https://github.com/technoweenie/faraday)\n* [Typhoeus](https://github.com/typhoeus/typhoeus)\n\nIn theory, it should also work with any library built on top of these. But the difference between theory and practice is bigger in practice than in theory.\n\nThis is very much a development and debugging tool; it is **not recommended** to\nuse this in a production environment as it is monkey-patching the respective HTTP implementations.\nYou have been warned - use at your own risk.\n\n### Installation\n\n```bash\ngem install httplog\n```\n\n### Usage\n\n```ruby\nrequire 'httplog' # require this *after* your HTTP gem of choice\n```\n\nBy default, this will log all outgoing HTTP requests and their responses to $stdout on DEBUG level.\n\n### Notes on content types\n\n* Binary data from response bodies (as indicated by the `Content-Type` header)is not logged.\n* Text data (`text/*` and most `application/*` types) is encoded as UTF-8, with invalid characters replaced. If you need to inspect raw non-UTF data exactly as sent over the wire, this tool is probably not for you.\n\n### Configuration\n\nYou can override the following default options:\n\n```ruby\nHttpLog.configure do |config|\n\n  # Enable or disable all logging\n  config.enabled = true\n\n  # You can assign a different logger or method to call on that logger\n  config.logger = Logger.new($stdout)\n  config.logger_method = :log\n\n  # I really wouldn't change this...\n  config.severity = Logger::Severity::DEBUG\n\n  # Tweak which parts of the HTTP cycle to log...\n  config.log_connect   = true\n  config.log_request   = true\n  config.log_headers   = false\n  config.log_data      = true\n  config.log_status    = true\n  config.log_response  = true\n  config.log_benchmark = true\n\n  # ...or log all request as a single line by setting this to `true`\n  config.compact_log = false\n\n  # You can also log in JSON format\n  config.json_log = false\n\n  # Prettify the output - see below\n  config.color = false\n\n  # Limit logging based on URL patterns\n  config.url_allowlist_pattern = nil\n  config.url_denylist_pattern = nil\n\n  # Mask sensitive information in request and response JSON data.\n  # Enable global JSON masking by setting the parameter to `/.*/`\n  config.url_masked_body_pattern = nil\n\n  # You can specify any custom JSON serializer that implements `load` and `dump` class methods\n  # to parse JSON responses\n  config.json_parser = JSON\n\n  # When using graylog, you can supply a formatter here - see below for details\n  config.graylog_formatter = nil\n\n  # Mask the values of sensitive request parameters\n  config.filter_parameters = %w[password]\n  \n  # Customize the prefix with a proc or lambda\n  config.prefix = -\u003e{ \"[httplog] #{Time.now} \" }\nend\n```\n\nIf you want to use this in a Rails app, it is recommended to configure `HttpLog` in an initializer, as suggested by the official Rails documentation. This approach ensures that your configuration is loaded properly and only in the desired environments.\n\nFor example, you can create a file at `config/initializers/httplog.rb` with the following content:\n\n```ruby\n# config/initializers/httplog.rb\n\nif Rails.env.development?\n  HttpLog.configure do |config|\n    config.logger = Rails.logger\n  end\nend\n```\n\nIf you're running a (hopefully patched) legacy Rails 3 app, you may need to set\n`config.logger_method = :add` due to its somewhat unusual logger.\n\nYou can colorize the output to make it stand out in your logfile, either with a single color\nfor the text:\n\n```ruby\nHttpLog.configure do |config|\n  config.color = :red\nend\n```\n\nOr with a color hash for text and background:\n\n```ruby\nHttpLog.configure do |config|\n  config.color = {color: :black, background: :yellow}\nend\n```\n\nFor more color options please refer to the [rainbow documentation](https://github.com/sickill/rainbow)\n\n### Graylog logging\n\nIf you use Graylog and want to use its search features such as \"benchmark:\u003e1 AND method:PUT\",\nyou can use this configuration:\n\n```ruby\nFORMATTER = Lograge::Formatters::KeyValue.new\n\nHttpLog.configure do |config|\n  config.logger            = \u003cyour GELF::Logger\u003e\n  config.logger_method     = :add\n  config.severity          = GELF::Levels::DEBUG\n  config.graylog_formatter = FORMATTER\nend\n```\n\nYou also can use GELF Graylog format this way:\n\n```ruby\nclass Lograge::Formatters::Graylog2HttpLog \u003c Lograge::Formatters::Graylog2\n  def short_message data\n    data[:response_body] = data[:response_body].to_s.byteslice(0, 32_766) unless data[:response_body].blank?\n    \"[httplog] [#{data[:response_code]}] #{data[:method]} #{data[:url]}\"\n  end\nend\n\nFORMATTER = Lograge::Formatters::Graylog2HttpLog.new\n```\n\nOr define your own class that implements the `call` method\n\n### Compact logging\n\nIf the log is too noisy for you, but you don't want to completely disable it either, set the `compact_log` option to `true`. This will log each request in a single line with method, request URI, response status and time, but no data or headers. No need to disable any other options individually.\n\n### JSON logging\n\nIf you want to log HTTP requests in a JSON format, set the `json_log` option to `true`. You can combine this with `compact_log` to only log the basic request metrics without headers and bodies.\n\n### Parameter filtering\n\nJust like in Rails, you can filter the values of sensitive parameters by setting the `filter_parameters` to an array of (lower case) keys. The value for \"password\" is filtered by default.\n\n**Please note** that this will **only filter the request data** with well-formed parameters (in the URL, the headers, and the request data) but **not the response**. It does not currently filter JSON request data either, just standard \"key=value\" pairs in the request body.\n\n### Example\n\nWith the default configuration, the log output might look like this:\n\n    [httplog] Connecting: localhost:80\n    [httplog] Sending: GET http://localhost:9292/index.html\n    [httplog] Status: 200\n    [httplog] Benchmark: 0.00057 seconds\n    [httplog] Response:\n    \u003chtml\u003e\n      \u003chead\u003e\n        \u003ctitle\u003eTest Page\u003c/title\u003e\n      \u003c/head\u003e\n      \u003cbody\u003e\n        \u003ch1\u003eThis is the test page.\u003c/h1\u003e\n      \u003c/body\u003e\n    \u003c/html\u003e\n\nWith `log_headers = true` and a parameter 'password' in the request query and headers:\n\n\n    [httplog] Connecting: localhost:80\n    [httplog] Sending: GET http://localhost:9292/index.html?password=[FILTERED]\n    [httplog] Header: accept: *.*\n    [httplog] Header: password=[FILTERED]\n    [httplog] Status: 200\n    [httplog] Benchmark: 0.00057 seconds\n    [httplog] Response:\n    \u003chtml\u003e\n      \u003chead\u003e\n        \u003ctitle\u003eTest Page\u003c/title\u003e\n      \u003c/head\u003e\n      \u003cbody\u003e\n        \u003ch1\u003eThis is the test page.\u003c/h1\u003e\n      \u003c/body\u003e\n    \u003c/html\u003e\n\nWith `compact_log` enabled, the same request might look like this:\n\n    [httplog] GET http://localhost:9292/index.html completed with status code 200 in 0.00057 seconds\n\nWith `json_log` enabled:\n\n    [httplog] {\"method\":\"GET\",\"url\":\"localhost:80\",\"request_body\":null, \"request_headers\":{\"foo\":\"bar\"}, \"response_code\":200,\"response_body\":\"\u003chtml\u003e\\n      \u003chead\u003e\\n        \u003ctitle\u003eTest Page\u003c/title\u003e\\n      \u003c/head\u003e\\n      \u003cbody\u003e\\n        \u003ch1\u003eThis is the test page.\u003c/h1\u003e\\n      \u003c/body\u003e\\n    \u003c/html\u003e\",\"response_headers\":{\"foo\":\"bar\"},\"benchmark\":0.00057}\n\nAnd with `json_log` *and* `compact_log` enabled:\n\n    [httplog] {\"method\":\"GET\",\"url\":\"localhost:80\",\"response_code\":200,\"benchmark\":0.00057}\n\n### Known Issues\n\nFollowing are some known quirks and issues with particular libraries. If you know a workaround or have\na suggestion for a fix, please open an issue or, even better, submit a pull request!\n\n* Requests types other than GET and POST have not been explicitly tested.\n  They may or may not be logged, depending on the implementation details of the underlying library.\n  If they are not for a particular library, please feel free to open an issue with the details.\n\n* When using OpenURI, the reading of the HTTP response body is deferred,\n  so it is not available for logging. This will be noted in the logging statement:\n\n        [httplog] Connecting: localhost:80\n        [httplog] Sending: GET http://localhost:9292/index.html\n        [httplog] Status: 200\n        [httplog] Benchmark: 0.000617 seconds\n        [httplog] Response: (not available yet)\n\n*  When using HTTPClient, the TCP connection establishment will be logged\n   *after* the HTTP request and headers, due to the way HTTPClient is organized.\n\n        [httplog] Sending: GET http://localhost:9292/index.html\n        [httplog] Header: accept: */*\n        [httplog] Header: foo: bar\n        [httplog] Connecting: localhost:9292\n        [httplog] Status: 200\n        [httplog] Benchmark: 0.001562 seconds\n\n* Also when using HTTPClient, make sure you include `httplog` **after** `httpclient` in your `Gemfile`.\n\n* When using Ethon or Patron, and any library based on them (such as Typhoeus),\n  the TCP connection is not logged (since it's established by libcurl).\n\n* Benchmarking only covers the time between starting the HTTP request and receiving the response. It does *not* cover the time it takes to establish the TCP connection.\n\n### Running the specs\n\nMake sure you have the necessary dependencies installed by running `bundle install`.\nThen simply run `bundle exec rspec spec`.\nThis will launch a simple rack server on port 9292 and run all tests locally against that server.\n\n### Contributing\n\nIf you have any issues with or feature requests for httplog,\nplease [open an issue](https://github.com/trusche/httplog/issues) on GitHub\nor fork the project and send a pull request. **Please include passing specs with all pull requests.**\n\n","funding_links":["https://github.com/sponsors/trusche","https://buymeacoffee.com/thilorusche"],"categories":["Maintenance \u0026 Monitoring","Logging","Ruby"],"sub_categories":["Logging"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrusche%2Fhttplog","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrusche%2Fhttplog","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrusche%2Fhttplog/lists"}