@npmcli/redact

@npmcli/redact

Redact sensitive npm information from output.

API

This will redact npm_ prefixed tokens and UUIDs from values.

It will also replace passwords in stringified URLs.

redact(string)

Redact values from a single value

const { redact } = require('@npmcli/redact')

redact('https://user:pass@registry.npmjs.org/')
// https://user:***@registry.npmjs.org/

redact(`https://registry.npmjs.org/path/npm_${'a'.repeat('36')}`)
// https://registry.npmjs.org/path/npm_***

redactLog(string | string[])

Redact values from a string or array of strings.

This method will also split all strings on \s and = and iterate over them.

const { redactLog } = require('@npmcli/redact')

redactLog([
  'Something --x=https://user:pass@registry.npmjs.org/ foo bar',
  '--url=http://foo:bar@registry.npmjs.org',
])
// [
//   'Something --x=https://user:***@registry.npmjs.org/ foo bar',
//   '--url=http://foo:***@registry.npmjs.org/',
// ]

Similar packages

Other packages similar to @npmcli/redact

redact-secrets

redact-secrets is a package that provides similar functionality for redacting sensitive information from strings. It allows for custom patterns and multiple redactions. Compared to @npmcli/redact, it offers a more flexible API for defining redaction rules.

redact-pii

redact-pii is focused on redacting personally identifiable information (PII) from strings. It comes with built-in patterns for common PII such as email addresses, phone numbers, and social security numbers. While @npmcli/redact is more general-purpose, redact-pii is specialized for PII.

log-sanitizer

log-sanitizer is a package designed to sanitize logs by redacting sensitive information. It supports custom patterns and multiple redactions similar to @npmcli/redact. However, it is specifically optimized for use in logging scenarios.