Invisible data at ease
npm install invisi-datainvisi-data 
A lightweight, efficient utility for identifying and masking sensitive information in strings. Perfect for logging, debugging, and data sanitization without exposing sensitive data like API keys, tokens, passwords, and other credentials.
- ๐ฏ Smart Pattern Recognition: Uses predefined regex patterns to detect various types of sensitive data
- โก High Performance: Optimized for handling large strings efficiently
- ๐ง Customizable: Support for custom masking patterns alongside predefined ones
- ๐ก๏ธ Type-Safe: Full TypeScript support with comprehensive type definitions
- ๐ฆ Zero Dependencies: Lightweight with no external dependencies
- ๐ Universal: Works in Node.js, browsers, and other JavaScript environments
- ๐ Multiple Formats: Supports both ES modules and CommonJS
---
``bash`
npm install invisi-data
---
javascript
import { maskSensitiveData } from 'invisi-data';const input = JSON.stringify({
Authorization: "Bearer abc123token",
"api-key": "sk_live_sensitive_key_123",
password: "supersecret123"
});
const masked = maskSensitiveData(input);
console.log(masked);
// Output: {"Authorization": "Bearer *", "api-key": "", "password": "*"}
`$3
javascript
const { maskSensitiveData } = require('invisi-data');const logData = '{"Authorization": "Bearer jwt_token_here", "user": {"password": "userpass"}}';
const sanitized = maskSensitiveData(logData);
console.log(sanitized);
// Output: {"Authorization": "Bearer *", "user": {"password": "*"}}
`---
๐ API Reference
$3
Masks sensitive data in the provided string using predefined and custom patterns.
#### Parameters
| Parameter | Type | Required | Description |
|-----------|------|----------|-------------|
|
| string | โ
| The input string containing potential sensitive data |
| customPatterns | MaskingPattern[] | โ | Optional array of custom masking patterns |#### Returns
- Type:
string
- Description: A new string with sensitive data replaced by #### Throws
-
: When input is not a valid string or is empty/whitespace only$3
`typescript
type MaskingPattern = {
name: string; // Human-readable pattern name
regex: RegExp; // Regular expression to match sensitive data
mask: string; // Replacement string for matches
};class InvalidInputError extends Error {
name: 'InvalidInputError';
}
`---
๐ Supported Sensitive Data Patterns
The library automatically detects and masks the following types of sensitive information:
| Pattern Type | Example Match | Masked Result |
|-------------|---------------|---------------|
| Authorization Bearer |
| "Authorization": "Bearer **" |
| cURL Authorization | "Authorization Bearer abc123" | "Authorization Bearer **" |
| API Key | "api-key": "sk_live_123" | "api-key": "**" |
| Access Token | "access_token": "token123" | "access-token": "**" |
| Refresh Token | "refresh-token": "refresh123" | "refresh-token": "**" |
| Client ID | "client_id": "client123" | "client-id": "**" |
| ID Token | "id-token": "id123" | "id-token": "**" |
| Client Secret | "client_secret": "secret123" | "client-secret": "**" |
| Generic Token | "token": "abc123" | "token": "**" |
| Password | "password": "mypassword" | "password": "**" |
| Basic Auth | "Authorization": "Basic dXNlcjpwYXNz" | "Authorization": "Basic **" |Note: All patterns are case-insensitive and support both hyphen (
-) and underscore (_) variations.---
๐จ Advanced Usage
$3
Create your own masking patterns for domain-specific sensitive data:
`javascript
import { maskSensitiveData, createPattern } from 'invisi-data';// Create custom patterns
const customPatterns = [
createPattern(
'Database Password',
/"db_password"\s:\s"([^"]+)"/gi,
'"db_password": "**"'
),
createPattern(
'SSH Private Key',
/"ssh_key"\s:\s"([^"]+)"/gi,
'"ssh_key": "**"'
)
];
const config = JSON.stringify({
database: {
host: "localhost",
db_password: "super_secret_db_pass"
},
deployment: {
ssh_key: "-----BEGIN PRIVATE KEY-----\nMIIEvQ...",
api_key: "prod_api_key_123"
}
});
const masked = maskSensitiveData(config, customPatterns);
console.log(masked);
`$3
#### HTTP Request Logging
javascript
const httpLog = POST /api/auth - Headers: {"Authorization": "Bearer eyJhbGci...", "Content-Type": "application/json"} - Body: {"username": "user", "password": "secret123"};const sanitizedLog = maskSensitiveData(httpLog);
console.log(sanitizedLog);
// Output: POST /api/auth - Headers: {"Authorization": "Bearer *", "Content-Type": "application/json"} - Body: {"username": "user", "password": "*"}
`#### Configuration File Sanitization
javascript
const appConfig = {
server: { port: 3000, host: "localhost" },
auth: {
"client-secret": "oauth_client_secret_xyz",
"api-key": "prod_api_key_abc123"
},
database: {
url: "postgres://localhost:5432/myapp",
password: "db_password_456"
}
};const configString = JSON.stringify(appConfig);
const maskedConfig = maskSensitiveData(configString);
const parsedConfig = JSON.parse(maskedConfig);
console.log(parsedConfig);
// Sensitive values are now masked while preserving structure
`#### Error Logging
javascript
function logError(error, context) {
const errorInfo = {
message: error.message,
stack: error.stack,
context: context // May contain sensitive data
};
// Safely log without exposing sensitive information
console.error(maskSensitiveData(JSON.stringify(errorInfo)));
}
`---
โก Performance Characteristics
- Memory: Minimal memory footprint with pre-compiled regex patterns
- Speed: Optimized for large strings (tested with 1MB+ inputs)
- Scalability: Linear time complexity O(n) where n is input string length
- Efficiency: Single-pass string processing for all patterns
$3
- Small strings (< 1KB): ~0.1ms processing time
- Medium strings (1KB - 100KB): ~1-10ms processing time
- Large strings (100KB - 1MB): ~10-100ms processing time---
๐ ๏ธ Development
$3
bash
npm run buildcjs # Build CommonJS version
`$3
bash
npm test # Run all tests
npm run test:basic # Run basic functionality tests only
npm run test:extended # Run extended/edge case tests only
`$3
invisi-data/
โโโ index.js # Main module (ES6)
โโโ patterns.js # Pattern definitions
โโโ index.cjs # CommonJS build output
โโโ types.d.ts # TypeScript definitions
โโโ index_test.js # Basic test suite
โโโ test/
โโโ extended-tests.js # Extended test coverage
---
๐ค Contributing
We welcome contributions! Here's how you can help:
$3
- ๐ Report Bugs: Open an issue with reproduction steps
- ๐ก Suggest Features: Propose new patterns or functionality
- ๐ Improve Documentation: Help make our docs clearer
- ๐งช Add Tests: Increase test coverage for edge cases
- ๐ป Submit Code: Fix bugs or implement new features$3
1. Fork and clone the repository
2. Run to install dependencies
3. Make your changes
4. Run npm test to ensure all tests pass
5. Run npm run buildcjs to verify build works
6. Submit a pull request with a clear description$3
When adding new sensitive data patterns:1. Add the pattern to
patterns.js
2. Update if needed
3. Add comprehensive tests in test/extended-tests.js
4. Update this README with pattern documentation---
๐ Security Considerations
- False Negatives: Some sensitive data might not match predefined patterns
- False Positives: Non-sensitive data might occasionally be masked
- Custom Patterns: Always test custom patterns thoroughly
- Data Validation: The library masks but doesn't validate data formats
- Encoding: Assumes UTF-8 string encoding
---
๐ Changelog
$3
- โจ Added modular pattern system with
- ๐ก๏ธ Improved error handling with ---
This project is licensed under the MIT License - see the LICENSE file for details.
---
- Thanks to all contributors who help improve this library
- Inspired by the need for better sensitive data handling in logging systems
- Built with โค๏ธ for the JavaScript community
---
- ๐ Issues: GitHub Issues
- ๐ Documentation: This README and inline code comments
- ๐ฌ Discussions: GitHub Discussions
---
Made with โค๏ธ by kobenguyent
โญ Star this repo if you find it helpful!