@wgtechlabs/log-engine
Version:
A lightweight, security-first logging utility with automatic data redaction for Node.js applications - the first logging library with built-in PII protection.
99 lines • 4.18 kB
TypeScript
/**
* Core data redaction engine
* Handles automatic detection and redaction of sensitive information in log data
*/
import { RedactionConfig, LogData } from '../types';
/**
* DataRedactor class - Core redaction logic for processing log data
* Automatically detects and redacts sensitive information while preserving structure
*/
export declare class DataRedactor {
private static config;
private static readonly MAX_RECURSION_DEPTH;
private static readonly MAX_REDACT_OBJECT_DEPTH;
/**
* Update the redaction configuration with new settings
* Merges provided config with existing settings and reloads environment variables
* @param newConfig - Partial configuration to merge with current settings
*/
static updateConfig(newConfig: Partial<RedactionConfig>): void;
/**
* Get the current redaction configuration
* @returns Deep copy of current redaction configuration
*/
static getConfig(): RedactionConfig;
/**
* Refresh configuration from environment variables
* Useful for picking up runtime environment changes
*/
static refreshConfig(): void;
/**
* Add custom regex patterns for advanced field detection
* @param patterns - Array of regex patterns to add
*/
static addCustomPatterns(patterns: RegExp[]): void;
/**
* Clear all custom regex patterns
*/
static clearCustomPatterns(): void;
/**
* Add custom sensitive field names to the existing list
* @param fields - Array of field names to add
*/
static addSensitiveFields(fields: string[]): void;
/**
* Test if a field name would be redacted with current configuration
* @param fieldName - Field name to test
* @returns true if field would be redacted, false otherwise
*/
static testFieldRedaction(fieldName: string): boolean;
/**
* Main entry point for data redaction
* Processes any type of data and returns a redacted version
* @param data - Data to be processed for redaction
* @returns Redacted version of the data
*/
static redactData(data: LogData): LogData;
/**
* Process a value of any type (primitive, object, array)
* Recursively handles nested structures when deepRedaction is enabled
* Includes circular reference protection and recursion depth limiting
* @param value - Value to process
* @param visited - Set to track visited objects (prevents circular references)
* @param depth - Current recursion depth (prevents stack overflow)
* @returns Processed value with redaction applied
*/
private static processValue;
/**
* Process an object and redact sensitive fields
* Handles field-level redaction and content truncation
* @param obj - Object to process
* @param visited - Set to track visited objects (prevents circular references)
* @param depth - Current recursion depth (prevents stack overflow)
* @returns Object with sensitive fields redacted
*/
private static redactObject;
/**
* Check if a field name indicates sensitive information
* Uses case-insensitive matching with exact and partial matches
* Includes smart filtering to avoid false positives and custom patterns
* @param fieldName - Field name to check
* @returns true if field should be redacted, false otherwise
*/
private static isSensitiveField;
/**
* Check if a field name indicates content that should be truncated
* Uses exact case-insensitive matching for content fields
* @param fieldName - Field name to check
* @returns true if field is a content field, false otherwise
*/
private static isContentField;
/**
* Truncate content that exceeds the maximum length
* Preserves readability while preventing log bloat
* @param content - Content string to potentially truncate
* @returns Original content or truncated version with indicator
*/
private static truncateContent;
}
//# sourceMappingURL=redactor.d.ts.map