Production-ready PII detection and redaction library with 571+ built-in patterns, multiple redaction modes, compliance presets, enterprise SaaS features, and zero dependencies.
npm install openredaction-minus-reactProduction-ready PII detection and redaction library with 571+ built-in patterns, multiple redaction modes, compliance presets, enterprise SaaS features, and zero dependencies.
``bash`
npm install openredaction
`typescript
import { OpenRedaction } from 'openredaction';
const shield = new OpenRedaction();
const result = shield.detect("Email john@example.com or call 07700900123");
console.log(result.redacted);
// "Email [EMAIL_9619] or call [PHONE_UK_MOBILE_9478]"
`
OpenRedaction supports an optional AI-assisted detection mode that enhances regex-based detection by calling a hosted AI endpoint. This feature is OFF by default and requires explicit configuration.
`typescript
import { OpenRedaction } from 'openredaction';
const detector = new OpenRedaction({
// ... other options ...
ai: {
enabled: true,
endpoint: 'https://your-api.example.com' // Optional: defaults to OPENREDACTION_AI_ENDPOINT env var
}
});
// detect() is now async when AI is enabled
const result = await detector.detect('Contact John Doe at john@example.com');
`
1. Regex Detection First: The library always runs regex detection first (existing behavior)
2. AI Enhancement: If ai.enabled === true and an endpoint is configured, the library calls the /ai-detect endpoint
3. Smart Merging: AI entities are merged with regex detections, with regex taking precedence on conflicts
4. Graceful Fallback: If the AI endpoint fails or is unavailable, the library silently falls back to regex-only detection
In Node.js environments, you can set the endpoint via environment variable:
`bash`
export OPENREDACTION_AI_ENDPOINT=https://your-api.example.com
- AI is optional: The library works exactly as before when ai.enabled is false or omittedai.endpoint
- Regex is primary: AI only adds additional entities; regex detections always take precedence
- No breaking changes: When AI is disabled, behavior is identical to previous versions
- Browser support: In browsers, you must provide an explicit (env vars not available)
- Network dependency: AI mode requires network access to the endpoint
For maximum security and privacy, keep AI disabled and rely purely on regex detection:
`typescript``
const detector = new OpenRedaction({
// AI not configured = pure regex detection
includeNames: true,
includeEmails: true
});
Full documentation available at GitHub
- ๐ Fast & Accurate - 10-20ms for 2-3KB text
- ๐ฏ 571+ PII Patterns - Comprehensive coverage across multiple categories
- ๐ Enterprise SaaS Ready - Multi-tenancy, persistent audit logging, webhooks, REST API
- ๐ Production Monitoring - Prometheus metrics, Grafana dashboards, health checks
- ๐ง Semantic Detection - Hybrid NER + regex with 40+ contextual rules
- ๐จ Multiple Redaction Modes - Placeholder, mask-middle, mask-all, format-preserving, token-replace
- โ
Built-in Validators - Luhn, IBAN, NHS, National ID checksums
- ๐ Compliance Presets - GDPR, HIPAA, CCPA plus finance, education, healthcare, and transport presets
- ๐ญ Deterministic Placeholders - Consistent redaction for same values
- ๐ Global Coverage - 50+ countries
- ๐ Structured Data Support - JSON, CSV, XLSX with path/cell tracking
- ๐ณ Zero Dependencies - No external packages required (core)
- ๐ TypeScript Native - Full type safety and IntelliSense
- ๐งช Battle Tested - 276+ passing tests
- Persistent Audit Logging - SQLite/PostgreSQL with cryptographic hashing
- Multi-Tenancy - Tenant isolation, quotas, usage tracking
- Prometheus Metrics - HTTP server with Grafana dashboards
- Webhook System - Event-driven alerts with retry logic
- REST API - Production-ready HTTP API with authentication
MIT