{"id":18141537,"url":"https://github.com/skjolber/xml-log-filter","last_synced_at":"2025-10-28T00:04:34.165Z","repository":{"id":18802665,"uuid":"85347139","full_name":"skjolber/xml-log-filter","owner":"skjolber","description":"High-performance filtering of to-be-logged XML","archived":false,"fork":false,"pushed_at":"2025-10-26T11:30:46.000Z","size":2274,"stargazers_count":4,"open_issues_count":5,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-10-26T13:19:20.681Z","etag":null,"topics":["dom","filter","gdpr","high-performance","log","logging","soap","stax","xml"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/skjolber.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":"support/README.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2017-03-17T19:19:37.000Z","updated_at":"2025-10-26T11:30:44.000Z","dependencies_parsed_at":"2025-10-26T13:10:50.640Z","dependency_job_id":null,"html_url":"https://github.com/skjolber/xml-log-filter","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/skjolber/xml-log-filter","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skjolber%2Fxml-log-filter","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skjolber%2Fxml-log-filter/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skjolber%2Fxml-log-filter/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skjolber%2Fxml-log-filter/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/skjolber","download_url":"https://codeload.github.com/skjolber/xml-log-filter/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skjolber%2Fxml-log-filter/sbom","scorecard":{"id":568311,"data":{"date":"2025-08-11","repo":{"name":"github.com/skjolber/xml-log-filter","commit":"b79d78baa22c5ad4bb4a531a423df2828a8c96da"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.2,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/17 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/maven.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/skjolber/xml-log-filter/maven.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/skjolber/xml-log-filter/maven.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/skjolber/xml-log-filter/maven.yml/master?enable=pin","Info:   0 out of   3 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 13 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"33 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-vmq6-5m68-f53m","Warn: Project is vulnerable to: GHSA-668q-qrv7-99fm","Warn: Project is vulnerable to: GHSA-6v67-2wr5-gvf4","Warn: Project is vulnerable to: GHSA-pr98-23f8-jwxv","Warn: Project is vulnerable to: GHSA-h46c-h94j-95f3","Warn: Project is vulnerable to: GHSA-wf8f-6423-gfxg","Warn: Project is vulnerable to: GHSA-3x8x-79m2-3w2w","Warn: Project is vulnerable to: GHSA-57j2-w4cx-62h2","Warn: Project is vulnerable to: GHSA-jjjh-jjxp-wpff","Warn: Project is vulnerable to: GHSA-rgv9-q543-rqg4","Warn: Project is vulnerable to: GHSA-9vjp-v76f-g363","Warn: Project is vulnerable to: GHSA-grg4-wf29-r9vv","Warn: Project is vulnerable to: GHSA-269q-hmxg-m83q","Warn: Project is vulnerable to: GHSA-5jpm-x58v-624v","Warn: Project is vulnerable to: GHSA-5mcr-gq6c-3hq2","Warn: Project is vulnerable to: GHSA-wx5j-54mm-rqqq","Warn: Project is vulnerable to: GHSA-f256-j965-7f32","Warn: Project is vulnerable to: GHSA-prj3-ccx8-p6x4","Warn: Project is vulnerable to: GHSA-wm47-8v5p-wjpj","Warn: Project is vulnerable to: GHSA-xpw8-rcwv-8f8p","Warn: Project is vulnerable to: GHSA-389x-839f-4rhx","Warn: Project is vulnerable to: GHSA-xq3w-v528-46rv","Warn: Project is vulnerable to: GHSA-6mjq-h674-j845","Warn: Project is vulnerable to: GHSA-p75g-cxfj-7wrx","Warn: Project is vulnerable to: GHSA-wxx5-w9jc-48wx","Warn: Project is vulnerable to: GHSA-4cx2-fc23-5wg6","Warn: Project is vulnerable to: GHSA-73xv-w5gp-frxh","Warn: Project is vulnerable to: GHSA-8xfc-gm6g-vgpv","Warn: Project is vulnerable to: GHSA-hr8g-6v94-x4m9","Warn: Project is vulnerable to: GHSA-v435-xc8x-wvr9","Warn: Project is vulnerable to: GHSA-wjxj-5m7g-mg7q","Warn: Project is vulnerable to: GHSA-78wr-2p64-hpwj","Warn: Project is vulnerable to: GHSA-h65f-jvqw-m9fj"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-20T15:35:43.210Z","repository_id":18802665,"created_at":"2025-08-20T15:35:43.211Z","updated_at":"2025-08-20T15:35:43.211Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":281361348,"owners_count":26487881,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-27T02:00:05.855Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dom","filter","gdpr","high-performance","log","logging","soap","stax","xml"],"created_at":"2024-11-01T17:07:30.182Z","updated_at":"2025-10-28T00:04:34.159Z","avatar_url":"https://github.com/skjolber.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# xml-log-filter\nHigh-performance filtering of to-be-logged XML. Reads, filters, formats and writes XML in a single step -  drastically increasing throughput. Typical use-cases\n\n  * Filter sensitive values from logs \n     * technical details like passwords and so on\n     * sensitive personal information, for [GDPR](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation) compliance and such\n  * Remove big elements (i..e base64 encoded binary data) from logs\n     * low or no informational value\n     * consuming unnecessary log accumulation tool resources\n\nIn a typical bare-bones system, this could translate to something like 5-10% overall performance improvement.\n\nFeatures:\n\n  * [High-performance] filtering of XML\n    * Max text and/or CDATA node sizes\n    * Anonymize of element and/or attribute contents\n    * Removal of subtrees\n    * Indenting (pretty-printing) for use in testing\n  * Custom processors\n    * SOAP header filter\n  * Support for popular frameworks\n    * CXF \n    * JAX-RS\n  * Examples\n    * Spring\n    * CXF\n\nThe processors have all been validated to handle valid documents using the [latest] W3C XML test suite.\n\nBugs, feature suggestions and help requests can be filed with the [issue-tracker].\n\n## License\n[Apache 2.0]\n\n## Obtain\nThe project is built with [Maven] and is available on the central Maven repository.\n\n```xml\n\u003cdependency\u003e\n    \u003cgroupId\u003ecom.github.skjolber.xml-log-filter\u003c/groupId\u003e\n    \u003cartifactId\u003exml-log-filter-core\u003c/artifactId\u003e\n    \u003cversion\u003e1.0.8\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n# Usage\nSee individual sub-modules for detailed usage instructions and examples.\n\n### Max CDATA node sizes\nConfiguring\n\n```java\nfactory.setMaxTextNodeLength(1024);\nfactory.setMaxCDATANodeLength(1024);\n```\n\nyields output like (at a smaller max length)\n\n```xml\n\u003cparent\u003e\n    \u003cchild\u003e\u003c![CDATA[QUJDREVGR0hJSktMTU5PUFFSU1...[TRUNCATED BY 46]]]\u003e\u003c/child\u003e\n\u003c/parent\u003e\n```\n\nfor CDATA and correspondingly for text nodes.\n\n### Anonymizing attributes and/or elements\nConfiguring\n\n```java\nfactory.setAnonymizeFilters(new String[]{\"/parent/child\"}); // multiple paths supported\n```\n\nresults in \n\n```xml\n\u003cparent\u003e\n    \u003cchild\u003e[*****]\u003c/child\u003e\n\u003c/parent\u003e\n```\n\nSee below for supported XPath syntax.\n\n### Removing subtrees\nConfiguring\n\n```java\nfactory.setPruneFilters(new String[]{\"/parent/child\"}); // multiple paths supported\n```\n\nresults in\n\n```xml\n\u003cparent\u003e\n    \u003cchild\u003e\u003c!-- [SUBTREE REMOVED] --\u003e\u003c/child\u003e\n\u003c/parent\u003e\n```\n\nSee below for supported XPath syntax.\n\n### XPath expressions\nA minor subset of the XPath syntax is supported. However multiple expressions can be used at once. Namespace prefixes in the XML are simply ignored, only local names at used to determine a match. Expressions are case-sensitive.\n\n#### Anonymize \nSupported syntax:\n\n    /my/xml/element\n    /my/xml/@attribute\n\nwith support for wildcards; \n\n    /my/xml/*\n    /my/xml/@*\n\nor a simple any-level element search \n\n    //myElement\n\nwhich cannot target attributes.\n\n#### Prune\nSupported syntax:\n\n    /my/xml/element\n\nwith support for wildcards; \n\n    /my/xml/*\n\nor a simple any-level element search \n\n    //myElement\n\n## Performance\nThe processors within this project are much faster than stock processors. This is expected as parser/serializer features have been traded for performance. \n\nThe project has DOM- and StAX-based equivalents for feature and performance comparison. \nDepending on the implementation, benchmarks show throughput is approximately 5x-10x compared to stock processors. \n\nMemory use will be approximately two times the XML string size.\n\nSee this [visualization] and the [JMH] module for running detailed benchmarks.\n\n## Background\nThe project is intended as a complimentary tool for use alongside XML frameworks, such as SOAP- or XML-based REST stacks. Its primary use-case is processing to-be logged XML. The project relies on the fact that such frameworks have very good error handling, like schema validation, to apply a simplified view of the XML syntax, basically handling only the happy-case of a well-formed document. The frameworks themselves detect invalid documents and handle them as raw content. \n\n# See also\nSee projects\n\n * [xml-formatter] for additional indenting/formatting of inner XML. \n * [json-log-filter] for filtering of JSON.\n\n# History\n- 2.0.0: Maintenance release, Jakarta JAXB.\n- 1.0.8: Maintenance release.\n- 1.0.5: Support for CXF 3.4, with good help from [TomEvers](https://github.com/TomEvers). CXF 3.3 users: Use version 1.0.4.\n- 1.0.4: Maintenance release\n- 1.0.3: Maintenance release\n- 1.0.2: Initial Java 11 (modules) support.\n\n[1.0.5]:                https://github.com/skjolber/xml-log-filter/releases\n[Aalto]:                https://github.com/FasterXML/aalto-xml\n[Apache 2.0]:           http://www.apache.org/licenses/LICENSE-2.0.html\n[issue-tracker]:        https://github.com/skjolber/xml-log-filter/issues\n[Maven]:                http://maven.apache.org/\n[latest]:               https://www.w3.org/XML/Test/\n[JMH]:                  benchmark/jmh\n[xml-formatter]:        https://github.com/greenbird/xml-formatter-core\n[visualization]:\thttps://jmh.morethan.io/?source=https://raw.githubusercontent.com/skjolber/xml-log-filter/master/docs/benchmark/jmh-result.json\u0026topBar=off\n[High-performance]:\thttps://jmh.morethan.io/?source=https://raw.githubusercontent.com/skjolber/xml-log-filter/master/docs/benchmark/jmh-result.json\u0026topBar=off\n [json-log-filter]: https://github.com/skjolber/json-log-filter\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fskjolber%2Fxml-log-filter","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fskjolber%2Fxml-log-filter","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fskjolber%2Fxml-log-filter/lists"}