{"id":20258678,"url":"https://github.com/47ng/redact-env","last_synced_at":"2025-04-11T01:11:19.241Z","repository":{"id":34982378,"uuid":"194064294","full_name":"47ng/redact-env","owner":"47ng","description":"Redact values of critical environment variables in a string","archived":false,"fork":false,"pushed_at":"2023-03-06T08:58:20.000Z","size":943,"stargazers_count":6,"open_issues_count":6,"forks_count":0,"subscribers_count":2,"default_branch":"next","last_synced_at":"2025-03-24T21:51:10.851Z","etag":null,"topics":["environment-variables","logging","redact","redacted-values","secrets"],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/47ng.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["franky47"],"liberapay":"francoisbest","custom":["https://paypal.me/francoisbest?locale.x=fr_FR"]}},"created_at":"2019-06-27T09:21:04.000Z","updated_at":"2023-10-13T17:37:26.000Z","dependencies_parsed_at":"2024-06-19T02:26:02.358Z","dependency_job_id":"4d1a1197-922e-4175-bb9a-8e900344b3f5","html_url":"https://github.com/47ng/redact-env","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":"47ng/typescript-library-starter","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/47ng%2Fredact-env","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/47ng%2Fredact-env/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/47ng%2Fredact-env/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/47ng%2Fredact-env/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/47ng","download_url":"https://codeload.github.com/47ng/redact-env/tar.gz/refs/heads/next","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247877969,"owners_count":21011158,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["environment-variables","logging","redact","redacted-values","secrets"],"created_at":"2024-11-14T11:10:30.170Z","updated_at":"2025-04-11T01:11:19.213Z","avatar_url":"https://github.com/47ng.png","language":"TypeScript","funding_links":["https://github.com/sponsors/franky47","https://liberapay.com/francoisbest","https://paypal.me/francoisbest?locale.x=fr_FR"],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e🔒👀 \u003ccode\u003eredact-env\u003c/code\u003e\u003c/h1\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n[![NPM](https://img.shields.io/npm/v/redact-env?color=red)](https://www.npmjs.com/package/redact-env)\n[![MIT License](https://img.shields.io/github/license/47ng/redact-env.svg?color=blue)](https://github.com/47ng/redact-env/blob/next/LICENSE)\n[![CI/CD](https://github.com/47ng/redact-env/workflows/CI%2FCD/badge.svg?branch=next)](https://github.com/47ng/redact-env/actions)\n[![Coverage Status](https://coveralls.io/repos/github/47ng/redact-env/badge.svg?branch=next)](https://coveralls.io/github/47ng/redact-env?branch=next)\n\n\u003c/div\u003e\n\n\u003cp align=\"center\"\u003e\n  Redact values of critical environment variables in a string.\n\u003c/p\u003e\n\n## ⚠️ Disclaimer\n\nThis library might not do exactly what you want it to.\n\nAs for anything related to security, read the [caveats](#caveats), check\nout the [source code](./src/index.ts) and the [tests](./src/index.test.ts)\nbefore using it in production.\n\n## Installation\n\n```shell\n$ yarn add redact-env\n# or\n$ npm i redact-env\n```\n\n## Usage\n\n```ts\nimport * as redactEnv from 'redact-env'\n\nconst secrets = redactEnv.build(['SECRET_ENV_VAR', 'MY_API_KEY'])\n\nconst unsafeString = `\n  ${process.env.SECRET_ENV_VAR}\n  Oh no, the secrets are leaking !\n  ${process.env.MY_API_KEY}\n`\nconsole.log('unsafe:', unsafeString)\n\nconst safeString = redactEnv.redact(unsafeString, secrets)\nconsole.log('safe:', safeString)\n```\n\n```\nunsafe:\n  QfKcO7cjGoxnLg/28/E7meEu2QaS/wNtFB7wlz+hDZA=\n  Oh no, the secrets are leaking !\n  d9fd627cfd3d6cb597e8faeb2ef0e4583af924aee047125479b2438ee2a18b67\n\nsafe:\n  [secure]\n  Oh no, the secrets are leaking !\n  [secure]\n```\n\n## Caveats\n\n### Un-redacted values\n\n`redact-env` will **NOT** redact the following environment variable values:\n\n- `\"true\"`\n- `\"false\"`\n- `\"null\"`\n\nThis is because these string-encoded JSON values are not specific to a\nsingle environment variable, and redacting all the booleans and nulls in\na string seems overzealous. This is opinionated for a particular usage.\n\n### Parsed numbers in JSON object\n\n`redact-env` **WILL** redact numbers in environment variable values,\nwhich will pose a problem if you parse them and dump them as numbers in a\nJSON object:\n\n```ts\nimport * as redactEnv from 'redact-env'\n\nprocess.env.PIN = '1234'\n\nconst secrets = redactEnv.build(['PIN'], process.env)\n\nconst pin: number = parseInt(process.env.PIN)\n\nconst unsafe = JSON.stringify({ pin })\nconsole.log(unsafe)\n// {\"pin\":1234} =\u003e valid JSON\n\nconst safeButIncorrect = redactEnv.redact(unsafe, secrets)\n\nconsole.log(safeButIncorrect)\n// {\"pin\":[secure]}  =\u003e not valid JSON\n```\n\n### Windows paths in JSON objects\n\nBecause of backslash-delimited paths in Windows and string escaping\noccurring in `JSON.stringify`, Windows paths in environment variables\nwon't be redacted if present in JSON strings.\n\nIn a future release, we might consider detecting the presence of\nbackslashes in the environment variable value and having two regexp for\nthis secret (one for the plain value and one backslashed-escaped).\n\n## License\n\n[MIT](https://github.com/47ng/redact-env/blob/master/LICENSE) - Made with ❤️ by [François Best](https://francoisbest.com)\n\nUsing this package at work ? [Sponsor me](https://github.com/sponsors/franky47) to help with support and maintenance.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F47ng%2Fredact-env","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F47ng%2Fredact-env","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F47ng%2Fredact-env/lists"}