refactor: implement production guards and log level enforcement in secureLogger.ts

.github/workflows/production-checks.yml

@@ -0,0 +1,288 @@
+# .github/workflows/production-checks.yml - Production safety validation pipeline
+name: Production Safety Checks
+
+on:
+  push:
+    branches: [ main, develop, 'feature/*', 'hotfix/*' ]
+  pull_request:
+    branches: [ main, develop ]
+  workflow_dispatch:
+    inputs:
+      skip_console_validation:
+        description: 'Skip console validation (emergency bypass)'
+        required: false
+        default: false
+        type: boolean
+
+jobs:
+  console-validation:
+    name: Console Log Validation
+    runs-on: ubuntu-latest
+    if: ${{ !inputs.skip_console_validation }}
+    outputs:
+      validation_failed: ${{ steps.check-validation-result.outputs.validation_failed }}
+      total_issues: ${{ steps.check-validation-result.outputs.total_issues }}
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '18'
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm ci
+
+    - name: Initialize validation environment
+      run: |
+        echo "VALIDATION_START_TIME=$(date +%s)" >> $GITHUB_ENV
+        echo "🔍 Starting console log validation for production safety..."
+
+    - name: Validate console statements in pages
+      id: validate-pages
+      run: |
+        echo "🔍 Scanning page.tsx files for console statements..."
+        if npm run scan:console:pages; then
+          echo "✅ Pages validation passed - no console statements found"
+          echo "pages_status=passed" >> $GITHUB_OUTPUT
+          echo "pages_issues=0" >> $GITHUB_OUTPUT
+        else
+          echo "❌ Pages validation failed - console statements detected"
+          echo "pages_status=failed" >> $GITHUB_OUTPUT
+          echo "pages_issues=1" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Validate console statements in components
+      id: validate-components
+      run: |
+        echo "🔍 Scanning component files for console statements..."
+        if npm run scan:console:components; then
+          echo "✅ Components validation passed - no console statements found"
+          echo "components_status=passed" >> $GITHUB_OUTPUT
+          echo "components_issues=0" >> $GITHUB_OUTPUT
+        else
+          echo "❌ Components validation failed - console statements detected"
+          echo "components_status=failed" >> $GITHUB_OUTPUT
+          echo "components_issues=1" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Upload console validation reports
+      if: always()
+      uses: actions/upload-artifact@v4
+      with:
+        name: console-validation-reports
+        path: |
+          console-log-report.md
+          console-log-report-components.md
+        retention-days: 30
+
+    - name: Generate validation summary
+      if: always()
+      run: |
+        # Calculate total issues from step outputs
+        PAGES_ISSUES=${{ steps.validate-pages.outputs.pages_issues || 0 }}
+        COMPONENTS_ISSUES=${{ steps.validate-components.outputs.components_issues || 0 }}
+        TOTAL_ISSUES=$((PAGES_ISSUES + COMPONENTS_ISSUES))
+
+        echo "📊 Console Validation Summary" >> console-validation-summary.md
+        echo "==============================" >> console-validation-summary.md
+        echo "" >> console-validation-summary.md
+        echo "**Validation Date:** $(date)" >> console-validation-summary.md
+        echo "**Branch:** ${{ github.ref_name }}" >> console-validation-summary.md
+        echo "**Commit:** ${{ github.sha }}" >> console-validation-summary.md
+        echo "**Workflow:** ${{ github.workflow }}" >> console-validation-summary.md
+        echo "**Total Issues:** ${TOTAL_ISSUES}" >> console-validation-summary.md
+        echo "" >> console-validation-summary.md
+
+        echo "### Validation Results:" >> console-validation-summary.md
+        if [ "${{ steps.validate-pages.outputs.pages_status }}" = "passed" ]; then
+          echo "- ✅ **Pages**: No console statements detected" >> console-validation-summary.md
+        else
+          echo "- ❌ **Pages**: Console statements found (see report)" >> console-validation-summary.md
+        fi
+
+        if [ "${{ steps.validate-components.outputs.components_status }}" = "passed" ]; then
+          echo "- ✅ **Components**: No console statements detected" >> console-validation-summary.md
+        else
+          echo "- ❌ **Components**: Console statements found (see report)" >> console-validation-summary.md
+        fi
+
+        echo "" >> console-validation-summary.md
+
+        if [ "${TOTAL_ISSUES}" -gt 0 ]; then
+          echo "### 🚨 Action Required:" >> console-validation-summary.md
+          echo "Console statements were detected in your code. These must be removed before production deployment." >> console-validation-summary.md
+          echo "" >> console-validation-summary.md
+          echo "**Next Steps:**" >> console-validation-summary.md
+          echo "1. Download the validation reports from the artifacts section" >> console-validation-summary.md
+          echo "2. Review the specific files and line numbers listed" >> console-validation-summary.md
+          echo "3. Replace console statements with \`secureLogger\` imports" >> console-validation-summary.md
+          echo "4. Re-run the validation locally: \`npm run validate:console\`" >> console-validation-summary.md
+          echo "5. Commit and push your changes" >> console-validation-summary.md
+          echo "" >> console-validation-summary.md
+          echo "**Emergency Bypass (if needed):**" >> console-validation-summary.md
+          echo "- Re-run this workflow with 'Skip console validation' checked" >> console-validation-summary.md
+          echo "- Use \`npm run build:unsafe\` for local emergency builds" >> console-validation-summary.md
+        else
+          echo "### ✅ Validation Successful!" >> console-validation-summary.md
+          echo "No console statements detected. Your code is production-ready!" >> console-validation-summary.md
+        fi
+
+        echo "" >> console-validation-summary.md
+        echo "### Validation Performance:" >> console-validation-summary.md
+        validation_duration=$(($(date +%s) - ${VALIDATION_START_TIME}))
+        echo "- **Duration:** ${validation_duration} seconds" >> console-validation-summary.md
+        echo "- **Files Scanned:** $(find src/app src/components -name '*.tsx' -o -name '*.ts' | wc -l)" >> console-validation-summary.md
+
+        # Save total issues for later steps
+        echo "TOTAL_CONSOLE_ISSUES=${TOTAL_ISSUES}" >> $GITHUB_ENV
+
+    - name: Check validation result
+      id: check-validation-result
+      run: |
+        # Calculate total issues from step outputs
+        PAGES_ISSUES=${{ steps.validate-pages.outputs.pages_issues || 0 }}
+        COMPONENTS_ISSUES=${{ steps.validate-components.outputs.components_issues || 0 }}
+        TOTAL_ISSUES=$((PAGES_ISSUES + COMPONENTS_ISSUES))
+
+        echo "total_issues=${TOTAL_ISSUES}" >> $GITHUB_OUTPUT
+
+        if [ "${TOTAL_ISSUES}" -gt 0 ]; then
+          echo "validation_failed=true" >> $GITHUB_OUTPUT
+          echo "❌ Console validation failed with ${TOTAL_ISSUES} issues"
+        else
+          echo "validation_failed=false" >> $GITHUB_OUTPUT
+          echo "✅ Console validation passed - no issues found"
+        fi
+
+    - name: Upload validation summary
+      if: always()
+      uses: actions/upload-artifact@v4
+      with:
+        name: console-validation-summary
+        path: console-validation-summary.md
+        retention-days: 30
+
+    - name: Fail build if console statements detected
+      if: steps.check-validation-result.outputs.validation_failed == 'true'
+      run: |
+        TOTAL_ISSUES=${{ steps.check-validation-result.outputs.total_issues }}
+        echo "💥 Build failed due to console validation errors"
+        echo "Found ${TOTAL_ISSUES} console statement violations"
+        echo ""
+        echo "🔧 To fix this issue:"
+        echo "1. Run 'npm run scan:console:report' locally to see detailed reports"
+        echo "2. Replace console statements with secureLogger"
+        echo "3. Re-run validation with 'npm run validate:console'"
+        echo ""
+        echo "🚨 Emergency bypass available via workflow dispatch if needed"
+        exit 1
+
+    - name: Success notification
+      if: steps.check-validation-result.outputs.validation_failed == 'false'
+      run: |
+        echo "🎉 Console validation passed successfully!"
+        echo "Your code is ready for production deployment."
+
+  build-validation:
+    name: Code Quality Validation
+    runs-on: ubuntu-latest
+    needs: console-validation
+    if: ${{ !cancelled() && needs.console-validation.outputs.validation_failed != 'true' }}
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '18'
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm ci
+
+    - name: TypeScript type checking
+      run: |
+        echo "🔍 Running TypeScript type checking..."
+        npm run typecheck
+
+    - name: ESLint validation
+      run: |
+        echo "🔍 Running ESLint for code quality..."
+        npm run lint
+
+    - name: Code quality summary
+      run: |
+        echo "📊 Code Quality Validation Complete"
+        echo "==================================="
+        echo "✅ TypeScript compilation successful"
+        echo "✅ ESLint validation passed"
+        echo "✅ Console validation passed (from previous job)"
+        echo ""
+        echo "ℹ️  Build step skipped in CI/CD to avoid environment variable issues"
+        echo "ℹ️  Actual builds happen during deployment with real environment variables"
+
+  emergency-bypass:
+    name: Emergency Build (Console Validation Bypassed)
+    runs-on: ubuntu-latest
+    if: ${{ inputs.skip_console_validation }}
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '18'
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm ci
+
+    - name: Emergency bypass notification
+      run: |
+        echo "🚨 EMERGENCY BYPASS ACTIVATED"
+        echo "Console validation has been skipped for this build"
+        echo "⚠️  This should only be used for critical hotfixes"
+        echo "📋 Post-deployment actions required:"
+        echo "1. Schedule immediate console cleanup"
+        echo "2. Document bypass reason for audit"
+        echo "3. Run full validation on next deployment"
+
+    - name: Emergency build
+      run: |
+        echo "🏗️ Running emergency build without console validation..."
+        npm run build:unsafe
+        echo "✅ Emergency build completed"
+
+    - name: Log emergency bypass
+      run: |
+        echo "📋 Emergency Bypass Report" >> emergency-bypass-log.md
+        echo "=========================" >> emergency-bypass-log.md
+        echo "" >> emergency-bypass-log.md
+        echo "**Date:** $(date)" >> emergency-bypass-log.md
+        echo "**Triggered by:** ${{ github.actor }}" >> emergency-bypass-log.md
+        echo "**Branch:** ${{ github.ref_name }}" >> emergency-bypass-log.md
+        echo "**Commit:** ${{ github.sha }}" >> emergency-bypass-log.md
+        echo "**Reason:** Manual bypass via workflow dispatch" >> emergency-bypass-log.md
+        echo "" >> emergency-bypass-log.md
+        echo "**⚠️ Required Follow-up Actions:**" >> emergency-bypass-log.md
+        echo "- [ ] Run console validation: \`npm run validate:console\`" >> emergency-bypass-log.md
+        echo "- [ ] Clean up any console statements found" >> emergency-bypass-log.md
+        echo "- [ ] Re-enable validation for future builds" >> emergency-bypass-log.md
+        echo "- [ ] Update team on bypass usage" >> emergency-bypass-log.md
+
+    - name: Upload emergency bypass log
+      uses: actions/upload-artifact@v4
+      with:
+        name: emergency-bypass-log
+        path: emergency-bypass-log.md
+        retention-days: 90

.gitignore

@@ -40,3 +40,15 @@ yarn-error.log*
 *.tsbuildinfo
 next-env.d.ts
 rate-limit-test-results.txt
+
+# Husky Git hooks
+.husky/_
+
+
+# Console validation reports
+console-log-report.md
+console-log-report-components.md
+console-validation-report-*.md
+
+# backup files
+*.bak