Colorized attribute

[tommsawyer]

Hi! I'm trying to add syntax highlighting for my SQL queries in logs.

There is a library that does it pretty well:

package main

import (
	"bytes"
	"os"

	"github.com/alecthomas/chroma/quick"
)

func main() {
	var q bytes.Buffer
	quick.Highlight(&q, "SELECT 1 + 1", "sql", "terminal16m", "monokai")
	os.Stderr.Write(q.Bytes()) // output will be colorized, as expected
}

But when I try to add colorized SQL as slog.Attr, it will print escaped sequence instead:

package main

import (
	"bytes"
	"log/slog"
	"os"
	"time"

	"github.com/alecthomas/chroma/quick"
	"github.com/lmittmann/tint"
)

func main() {
	slog.SetDefault(slog.New(
		tint.NewHandler(os.Stderr, &tint.Options{
			Level:      slog.LevelDebug,
			TimeFormat: time.TimeOnly,
		}),
	))

	var q bytes.Buffer
	quick.Highlight(&q, "SELECT 1 + 1", "sql", "terminal16m", "monokai")

	// prints something like
	// 18:50:29 INF SQL query query="\x1b[38;2;102;217;239mSELECT\x1b[0m\x1b[38;2;248;248;242m \x1b[0m\x1b[38;2;174;129;255m1\x1b[0m\x1b[38;2;24
	slog.Info("SQL query", "query", q.String())
}

I believe this is happening because of strconv.AppendQuote, which you are using to quote strings here. AppendQuote escapes all the colors sequences.

Seems like you're passing "quote=true" everywhere and I cannot disable this behavior using ReplaceAttrs or something like that.

Am I missing something? Is there a way to preserve colors for some attributes? Thanks!

[jose-tim]

In case my idea is fine for the lib, I solved this issue for me with:

[mologie]

Careful though, if this is solved with just a prefix then an attacker could exploit this to make your terminal do funky things by if they merely control some to-be-logged value (which they usually do).

If this becomes a library feature then imo it should be 1) behind an off-by-default flag (for e.g. libraries) and 2) a special type to wrap unsafe "raw" strings with, that should not be escaped when being printed.