Skip to content

Obscure sensitive information in standard output and standard error.

License

Notifications You must be signed in to change notification settings

awslabs/output-scrubber-nodejs

Output Scrubber

Overview

A tool to obscure sensitive output in stdout and stderr. Provide it a list of regular expressions and corresponding replacement strings, and when included in a program it will automatically do the replacement in stdout and stderr. The intent of this module is to make it easy to ensure certain types of sensitive info (such as SSNs or PINs) do not end up in log files.

Installation

npm i --save output-scrubber

Usage

First include the module:

const outputScrubber = require('output-scrubber');

Then create a list of filters, each of which is a list with 2 items, the regular expression pattern to be matched, and string to use for replacement:

const patterns = [
  [/\d{3}-\d{2}-\d{4}/g, 'XXX-XX-XXXX'],
  [/\$[0-9,.]+/g, '$XX.XX'],
  [/\d{4}/g, 'XXXX'],
];

Finally activate the filtering, passing the list of patterns:

outputScrubber.activate(patterns);

Any standard out or standard error output after this point will be filtered. To turn off filtering, use the following call:

outputScrubber.deactivate();

Testing

To execute a simple test script, run the following:

npm test

Contributing

Pull requests are welcomed. Please lint all changes with npm run lint before submitting. Also review the Contributing Guidelines and the Code of Conduct.

Authors

License

This project is licensed under the Apache 2.0 License. See the LICENSE file for details.

About

Obscure sensitive information in standard output and standard error.

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published