UNPKG

@hackylabs/deep-redact

Version:

A fast, safe and configurable zero-dependency library for redacting strings or deeply redacting arrays and objects.

github.com/hackylabs/deep-redact

hackylabs/deep-redact

166 lines (165 loc) 6.46 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
import RedactorUtils from './utils/redactorUtils'; class DeepRedact { /** * The redactorUtils instance to handle the redaction. * @private */ redactorUtils; /** * A WeakSet to store circular references during redaction. Reset to null after redaction is complete. * @private */ circularReference = null; /** * The configuration for the redaction. * @private */ config = { serialise: false, }; /** * Create a new DeepRedact instance with the provided configuration. * The configuration will be merged with the default configuration. * `blacklistedKeys` will be normalised to an array inherited from the default configuration as the default values. * @param {DeepRedactConfig} config. The configuration for the redaction. */ constructor(config) { const { serialise, serialize, ...rest } = config; this.redactorUtils = new RedactorUtils(rest); if (serialise !== undefined) this.config.serialise = serialise; if (serialize !== undefined) this.config.serialise = serialize; } /** * A transformer for unsupported data types. If `serialise` is false, the value will be returned as is, * otherwise it will transform the value into a format that is supported by JSON.stringify. * * Error, RegExp, and Date instances are technically supported by JSON.stringify, * but they returned as empty objects, therefore they are also transformed here. * @protected * @param {unknown} value The value that is not supported by JSON.stringify. * @returns {unknown} The value in a format that is supported by JSON.stringify. */ unsupportedTransformer = (value) => { if (typeof value === 'bigint') { return { __unsupported: { type: 'bigint', value: value.toString(10), radix: 10, }, }; } if (value instanceof Error) { return { __unsupported: { type: 'error', name: value.name, message: value.message, stack: value.stack, }, }; } if (value instanceof RegExp) { return { __unsupported: { type: 'regexp', source: value.source, flags: value.flags, }, }; } if (value instanceof Set) { return { __unsupported: { type: 'set', values: Array.from(value), }, }; } if (value instanceof Map) { return { __unsupported: { type: 'map', entries: Object.fromEntries(value.entries()), }, }; } if (value instanceof URL) return value.toString(); if (value instanceof Date) return value.toISOString(); return value; }; /** * Calls `unsupportedTransformer` on the provided value and rewrites any circular references. * * Circular references will always be removed to avoid infinite recursion. * When a circular reference is found, the value will be replaced with `[[CIRCULAR_REFERENCE: path.to.original.value]]`. * @protected * @param {unknown} value The value to rewrite. * @param {string | undefined} path The path to the value in the object. * @returns {unknown} The rewritten value. */ rewriteUnsupported = (value, path) => { const safeValue = this.unsupportedTransformer(value); if (!(safeValue instanceof Object)) return safeValue; if (this.circularReference === null) this.circularReference = new WeakSet(); if (Array.isArray(safeValue)) { return safeValue.map((val, index) => { const newPath = path ? `${path}.[${index}]` : `[${index}]`; if (this.circularReference?.has(val)) return `[[CIRCULAR_REFERENCE: ${newPath}]]`; if (val instanceof Object) { this.circularReference?.add(val); return this.rewriteUnsupported(val, newPath); } return val; }); } return Object.fromEntries(Object.entries(safeValue).map(([key, val]) => { const newPath = path ? `${path}.${key}` : key; if (this.circularReference?.has(val)) return [key, `[[CIRCULAR_REFERENCE: ${newPath}]]`]; if (val instanceof Object) this.circularReference?.add(val); return [key, this.rewriteUnsupported(val, path ? `${path}.${key}` : key)]; })); }; /** * Depending on the value of `serialise`, return the value as a JSON string or as the provided value. * * Also resets the `circularReference` property to null after redaction is complete. * This is to ensure that the WeakSet doesn't cause memory leaks. * @private * @param value * @returns {unknown} The value as a JSON string or as the provided value. * @throws {Error} If the value cannot be serialised. */ maybeSerialise = (value) => { this.circularReference = null; if (!this.config.serialise) return value; if (typeof value === 'string') return value; try { return JSON.stringify(value); } catch (error) { throw new Error('Failed to serialise value. Did you override the `unsupportedTransformer` method and return a value that is not supported by JSON.stringify?'); } }; /** * Redact the provided value. The value will be stripped of any circular references and other unsupported data types, before being redacted according to the configuration and finally serialised if required. * @param {unknown} value The value to redact. * @returns {unknown} The redacted value. * @throws {Error} If the value cannot be serialised. */ redact = (value) => { return this.maybeSerialise(this.redactorUtils.recurse(this.rewriteUnsupported(value))); }; } export { DeepRedact as default, DeepRedact };