UNPKG

@himorishige/noren-plugin-us

Version:

US-specific PII detection plugin for Noren (phone numbers, ZIP codes, SSN)

github.com/himorishige/noren

himorishige/noren

111 lines (110 loc) 4.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
import { validateSSN } from './validators.js'; // Pre-compiled regex patterns for US detectors const US_PATTERNS = { phone: /\b(?:\+1[-.\s]?)?(?:\(?[2-9]\d{2}\)?[-.\s]?)\d{3}[-.\s]?\d{4}\b/g, zip: /\b\d{5}(?:-\d{4})?\b/g, ssn: /\b(?!000|666|9\d{2})\d{3}-(?!00)\d{2}-(?!0000)\d{4}\b/g, }; // Context hints as Sets for better performance (O(1) lookup) const US_CONTEXTS = { zip: new Set(['zip', 'ZIP', 'postal', 'address']), ssn: new Set(['SSN', 'social', 'security']), phone: new Set(['phone', 'tel', 'call', 'contact']), }; export const detectors = [ { id: 'us.phone', match: ({ src, push, hasCtx }) => { const hasContext = hasCtx(Array.from(US_CONTEXTS.phone)); for (const m of src.matchAll(US_PATTERNS.phone)) { if (m.index == null) continue; const confidence = hasContext ? 0.8 : 0.65; push({ type: 'phone_us', start: m.index, end: m.index + m[0].length, value: m[0], risk: 'medium', confidence, reasons: ['us_phone_pattern', hasContext ? 'context_match' : 'no_context'], features: { hasContext, normalized: m[0].replace(/[^\d]/g, '').replace(/(\d{3})(\d{3})(\d{4})/, '$1-$2-$3'), hasCountryCode: m[0].includes('+1'), }, }); } }, }, { id: 'us.zip', match: ({ src, push, hasCtx }) => { const hasContext = hasCtx(Array.from(US_CONTEXTS.zip)); if (!hasContext) return; for (const m of src.matchAll(US_PATTERNS.zip)) { if (m.index == null) continue; const isExtended = m[0].includes('-'); const confidence = hasContext ? (isExtended ? 0.85 : 0.75) : 0.5; push({ type: 'zip_us', start: m.index, end: m.index + m[0].length, value: m[0], risk: 'low', confidence, reasons: ['zip_pattern', hasContext ? 'context_match' : 'no_context'], features: { hasContext, isExtended, normalized: isExtended ? m[0] : `${m[0].slice(0, 5)}-${m[0].slice(5) || '0000'}`, }, }); } }, }, { id: 'us.ssn', priority: -10, match: ({ src, push, hasCtx }) => { const hasContext = hasCtx(Array.from(US_CONTEXTS.ssn)); if (!hasContext) return; for (const m of src.matchAll(US_PATTERNS.ssn)) { const validation = validateSSN(m[0]); // Only push if basic validation passes or context is very strong if (validation.basic || hasContext) { if (m.index == null) continue; push({ type: 'ssn_us', start: m.index, end: m.index + m[0].length, value: m[0], risk: 'high', confidence: validation.confidence || (hasContext ? 0.6 : 0.3), reasons: [ 'ssn_pattern', ...validation.reason, hasContext ? 'context_match' : 'no_context', ], features: { basicValid: validation.basic, strictValid: validation.strict, hasContext, normalized: validation.normalized || m[0], validationReasons: validation.reason, }, }); } } }, }, ]; export const maskers = { phone_us: (h) => h.value.replace(/\d/g, '•'), zip_us: (h) => (h.value.length > 5 ? '•••••-••••' : '•••••'), ssn_us: (h) => `***-**-${h.value.replace(/\D/g, '').slice(-4)}`, };