Security News
Researcher Exposes Zero-Day Clickjacking Vulnerabilities in Major Password Managers
Hacker Demonstrates How Easy It Is To Steal Data From Popular Password Managers
By Jonathan Leitschuh - Aug 19, 2025
hypershield
Hypershield
:zap: Shield sensitive data in Postgres and MySQL
Great for business intelligence tools like Blazer
How It Works
Hypershield creates shielded views (in the hypershield schema by default) that hide sensitive tables and columns. The advantage of this approach over column-level privileges is you can use SELECT *.
By default, it hides columns with:
encryptedpasswordtokensecret
Give database users access to these views instead of the original tables.
Installation
Add this line to your application’s Gemfile:
gem "hypershield"
And run:
rails generate hypershield:install
Hypershield is disabled in non-production environments by default. You can do a dry run with:
rake hypershield:refresh:dry_run
Next, set up your production database.
When that’s done, deploy to production and run:
rails db:migrate
The schema will automatically refresh.
Database Setup
Postgres
Create a new schema in your database
CREATE SCHEMA hypershield;
Grant privileges
GRANT USAGE ON SCHEMA hypershield TO myuser;
-- replace migrations with the user who manages your schema
ALTER DEFAULT PRIVILEGES FOR ROLE migrations IN SCHEMA hypershield
GRANT SELECT ON TABLES TO myuser;
-- keep public in search path for functions
ALTER ROLE myuser SET search_path TO hypershield, public;
And connect as the user and make sure there’s no access the original tables
SELECT * FROM public.users LIMIT 1;
MySQL
Create a new schema in your database
CREATE SCHEMA hypershield;
Grant privileges
GRANT SELECT, SHOW VIEW ON hypershield.* TO myuser;
FLUSH PRIVILEGES;
And connect as the user and make sure there’s no access the original tables
SELECT * FROM mydb.users LIMIT 1;
Configuration
Set configuration in config/initializers/hypershield.rb.
Specify the schema to use and columns to show and hide
Hypershield.schemas = {
hypershield: {
hide: ["encrypted", "password", "token", "secret"],
show: ["ahoy_visits.visitor_token", "ahoy_visits.visit_token"]
}
}
Log Hypershield SQL statements
Hypershield.log_sql = true
Enable or disable Hypershield in an environment
Hypershield.enabled = Rails.env.production?
History
View the changelog
Contributing
Everyone is encouraged to help improve this project. Here are a few ways you can help:
- Report bugs
- Fix bugs and submit pull requests
- Write, clarify, or fix documentation
- Suggest or add new features
To get started with development:
git clone https://github.com/ankane/hypershield.git
cd hypershield
bundle install
# Postgres
createdb hypershield_test
bundle exec rake test
# MySQL
mysqladmin create hypershield_test
ADAPTER=mysql2 bundle exec rake test
FAQs
Unknown package
We found that hypershield demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 26 Apr 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Oxlint Introduces Type-Aware Linting Preview
Oxlint’s new preview brings type-aware linting powered by typescript-go, combining advanced TypeScript rules with native-speed performance.
By Sarah Gooding - Aug 18, 2025
Security News
New Website “Is It Really FOSS?” Tracks Transparency in Open Source Distribution Models
A new site reviews software projects to reveal if they’re truly FOSS, making complex licensing and distribution models easy to understand.
By Sarah Gooding - Aug 15, 2025