Merge branch 'contrib' into private-main

Author: keelerm84

SECURITY.md

@@ -0,0 +1,5 @@
+# Reporting and Fixing Security Issues
+
+Please report all security issues to the LaunchDarkly security team by submitting a bug bounty report to our [HackerOne program](https://hackerone.com/launchdarkly?type=team). LaunchDarkly will triage and address all valid security issues following the response targets defined in our program policy. Valid security issues may be eligible for a bounty.
+
+Please do not open issues or pull requests for security issues. This makes the problem immediately visible to everyone, including potentially malicious actors.

src/LaunchDarkly/Impl/Util.php

@@ -59,8 +59,12 @@ public static function httpErrorMessage(int $status, string $context, string $re
 
     public static function logExceptionAtErrorLevel(LoggerInterface $logger, \Throwable $e, string $message): void
     {
-        $logger->error($message . ': ' . $e->getMessage());
-        $logger->debug("$e");
+        $logger->error(
+            $message . ': ' . $e->getMessage(),
+            [
+                'exception' => $e,
+            ]
+        );
     }
 
     public static function makeNullLogger(): LoggerInterface

src/LaunchDarkly/LDClient.php

@@ -247,7 +247,14 @@ private function variationDetailInternal(string $key, LDContext|LDUser $contextO
             $result = $errorDetail(EvaluationReason::USER_NOT_SPECIFIED_ERROR);
             $sendEvent(new EvalResult($result, false), null);
             $error = $context->getError();
-            $this->_logger->warning("Context was invalid for flag evaluation ($error); returning default value");
+
+            $this->_logger->warning(
+                "Context was invalid for flag evaluation ($error); returning default value",
+                [
+                    'flag' => $key,
+                ]
+            );
+
             return $result;
         }