Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Sekret

maven

Kotlin compiler plugin that hides data class properties in generated toString() method

Motivation

In 2019 Facebook and Google admitted a leaking of millions of user passwords. It doesn't mean that they save our passwords as plain text, no - the passwords were found in log files. When a user enters a password it goes through hundreds of different services and each of has its logging system. It's very easy to make a mistake and save sensitive data, especially when you have no control on autogenerated code. That's why this plugin was created to help you to exclude some properties from autogenerated toString() method. If you do not want to use a compiler plugin please have a look to other ways.

Usage

Code:

data class Credentials(
    val login: String, 
    @Secret val password: String
)

println(Credentials("User", "12345")) 

Output:

Credentials(login=User, password=■■■)

Installation

Gradle

Apply plugin:

plugins {
    id 'net.afanasev.sekret' version '0.1.1-RC2'
}

Configure:

// Download @Secret annotation
dependencies {
    compile 'net.afanasev:sekret-annotation:0.1.1-RC2'
}

// OR use your own
sekret {
    // "■■■" by default
    mask = "***"    
    
    // true by default
    enabled = true

    // true by default
    maskNulls = false
    
    // "net.afanasev.sekret.Secret" by default
    annotations = ["com.sample.YourAnnotation"] 
}

Kotlin CLI

kotlinc \
    -Xplugin=kotlin-plugin.jar \
    -P plugin:sekret:annotations=com.sample.YourAnnotation \
    ...

Mentions

About

Kotlin compiler plugin to hide secret data

Topics

Resources

License

Packages

No packages published

Languages