julewire-redaction 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b67efb43089950743fb1e95f25c3086c2a6b7df60be5928df509f21807313d57
+  data.tar.gz: 73e0a830b9d4a325df1095f7a043caf3f7e80622caf0b6c23ad8f02d56d2a415
+SHA512:
+  metadata.gz: 832b8609e996a5bd201cf1c3418a0c02677b38bdc6623b8ee0dc85bacf56a37005a9929537c1e385ac667aabb606842b4cd4bee0bc663d1d32201eb2ffe68d0b
+  data.tar.gz: a8aee3f3baab8ba0e407c0124f30ddb1646d00a57631ec77712454fd2c74a9edf4542bd1fb14aa0b3f61f4c495bfe966b994a23852da513bd96e131ddd7142c3

data/CHANGELOG.md

@@ -0,0 +1,6 @@
+## Unreleased
+
+## 1.0.0 - 2026-06-21
+
+- Initial release: bounded record redaction, secret/PII profiles, path-aware
+  filters, proc filters, and optional string-value scrubbing.

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2026 Alexander Grebennik
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,42 @@
+# Julewire Redaction
+
+`julewire-redaction` is a structured redaction processor for Julewire records.
+
+It redacts data inside the core processor pipeline before records are frozen,
+formatted, encoded, and written.
+
+## Install
+
+```ruby
+gem "julewire-redaction"
+```
+
+## Quickstart
+
+```ruby
+Julewire::Redaction.configure do |config|
+  config.filters = Julewire::Redaction::DEFAULT_FILTERS + %i[session_id]
+  config.mask = "[FILTERED]"
+end
+
+Julewire.configure do |config|
+  config.processors.prepend :redaction, on_error: :fail_closed
+end
+```
+
+Configure redaction before `Julewire.configure`, or pass explicit options to
+the processor registration.
+
+`DEFAULT_FILTERS` combines `SECRET_FILTERS` and `PII_FILTERS`; use the narrower
+profile when fields such as email are acceptable in your logs.
+
+Prepend the processor when redaction should run before enrichment and output
+formatting.
+
+## Docs
+
+- [Configuration](docs/configuration.md)
+- [Advanced Configuration](docs/advanced-configuration.md)
+- [Filter Rules](docs/filter-rules.md)
+- [String Values](docs/string-values.md)
+- [Failure Semantics](docs/failure-semantics.md)

data/docs/advanced-configuration.md

@@ -0,0 +1,62 @@
+# Advanced Configuration
+
+## Traversal Limits
+
+The processor bounds its walk before the final core serializer runs.
+When a redaction walk hits these limits, it may truncate values and add
+`_julewire_truncation` metadata before later processors or destinations see the
+affected field or section.
+
+| Setting | Default |
+| --- | --- |
+| `max_depth` | `Julewire::Serializer::DEFAULT_MAX_DEPTH` |
+| `max_hash_keys` | `Julewire::Serializer::DEFAULT_MAX_HASH_KEYS` |
+| `max_array_items` | `Julewire::Serializer::DEFAULT_MAX_ARRAY_ITEMS` |
+| `max_string_bytes` | `Julewire::Serializer::DEFAULT_MAX_STRING_BYTES` |
+
+Override these only when the redaction walk must be tighter or looser than
+core's default serializer bounds:
+
+```ruby
+Julewire::Redaction.configure do |config|
+  config.max_depth = 8
+  config.max_hash_keys = 1_000
+  config.max_array_items = 1_000
+  config.max_string_bytes = 16_384
+end
+```
+
+`max_depth` must be positive. The other limits must be non-negative integers.
+
+## Per-Processor Options
+
+Global configuration is only the default. A processor registration can override
+the same options:
+
+```ruby
+Julewire.configure do |config|
+  config.processors.prepend(
+    :redaction,
+    %i[password api_key],
+    mask: "[SECRET]",
+    string_values: false,
+    on_error: :fail_closed
+  )
+end
+```
+
+Registration options:
+
+```ruby
+config.processors.use(
+  :redaction,
+  filters,
+  mask: "[FILTERED]",
+  max_array_items: 1_000,
+  max_depth: 8,
+  max_hash_keys: 1_000,
+  max_string_bytes: 16_384,
+  string_values: false,
+  authorization_header: true
+)
+```

data/docs/configuration.md

@@ -0,0 +1,40 @@
+# Configuration
+
+`Julewire::Redaction.configure` changes the defaults used by the registered
+`:redaction` processor. Configure redaction before building the core pipeline,
+or pass explicit options to `config.processors.use`.
+
+```ruby
+Julewire::Redaction.configure do |config|
+  config.filters = Julewire::Redaction::DEFAULT_FILTERS + %i[session_id]
+  config.mask = "[FILTERED]"
+  config.string_values = false
+end
+```
+
+## Defaults
+
+| Setting | Default | Meaning |
+| --- | --- | --- |
+| `filters` | `Julewire::Redaction::DEFAULT_FILTERS` | Structured keys to redact. |
+| `mask` | `"[FILTERED]"` | Replacement value. |
+| `string_values` | `false` | Also scrub embedded secrets in string values. |
+| `authorization_header` | `true` | Always redact `Authorization:` header lines when string scrubbing is enabled. |
+
+`DEFAULT_FILTERS` combines the secret and PII profiles:
+
+- auth keys: `access_token`, `refresh_token`, `id_token`, `client_secret`,
+  `assertion`, `code_verifier`, `token`, `authorization`, `cookie`,
+  `set_cookie`, `x_api_key`, `set-cookie`, `x-api-key`
+- common secret keys: `api_key`, `password`, `passwd`, `private_key`, `secret`
+- extra secret keys: `crypt`, `salt`, `certificate`, `otp`, `cvv`, `cvc`
+- PII keys: `email`, `ssn`
+
+Use `Julewire::Redaction::SECRET_FILTERS` without
+`Julewire::Redaction::PII_FILTERS` when PII fields are allowed in your logs.
+
+String and symbol filters are case-insensitive exact matches. Use regexes for
+partial matching.
+
+For traversal limits and per-processor overrides, see
+[Advanced Configuration](advanced-configuration.md).

data/docs/failure-semantics.md

@@ -0,0 +1,15 @@
+# Failure Semantics
+
+Redaction is fail-closed at the record boundary.
+
+Register redaction with core's default `on_error: :fail_closed` policy. If a
+custom filter proc raises, the processor raises. Core treats that as a processor
+failure and does not emit the original unredacted record. Core records the
+failure in health and emits its contained failure record when possible.
+
+The failure is record-level, not field-level. A failing custom filter loses the
+record rather than keeping the record with only that one field unredacted.
+
+The processor receives a `Julewire::RecordDraft` and applies its
+whole-record transform through `transform_record!`, so cache invalidation and
+lineage preservation stay inside core.

data/docs/filter-rules.md

@@ -0,0 +1,91 @@
+# Filter Rules
+
+The redaction processor walks the normalized Julewire record and replaces
+matching values.
+
+Matching applies wherever the key appears, including `execution`, `context`,
+`carry`, `neutral`, `attributes`, `labels`, `payload`, `metrics`, and `error`.
+Top-level record container fields keep their required Julewire shape even if a
+filter matches the section name.
+
+## Exact Keys
+
+String and symbol filters are exact, case-insensitive key matches:
+
+```ruby
+Julewire::Redaction.configure do |config|
+  config.filters = %i[password api_key]
+end
+```
+
+This redacts `password` and `api_key`, but not `old_password_hash` unless that
+key is listed or matched by a regex.
+
+## Nested Keys
+
+Dot notation scopes a filter to a nested structured path:
+
+```ruby
+Julewire::Redaction.configure do |config|
+  config.filters = ["credit_card.code"]
+end
+```
+
+This redacts:
+
+```ruby
+{ credit_card: { code: "123" } }
+```
+
+It does not redact:
+
+```ruby
+{ file: { code: "123" } }
+```
+
+## Regex Rules
+
+Use regexes for deliberate partial matching:
+
+```ruby
+Julewire::Redaction.configure do |config|
+  config.filters = Julewire::Redaction::DEFAULT_FILTERS + [/password|secret/i]
+end
+```
+
+Regexes match leaf keys. Use `Julewire::Redaction.path(...)` for path-aware
+regexes that match a dotted structured path:
+
+```ruby
+Julewire::Redaction.configure do |config|
+  config.filters = [Julewire::Redaction.path(/user.email/i)]
+end
+```
+
+Use `Julewire::Redaction::SECRET_FILTERS` when the default PII profile is too
+broad for your application.
+
+## Proc Rules
+
+Proc filters follow Rails' shape:
+
+- 2-arity procs receive `key, value`
+- 3-arity procs receive `key, value, original_record`
+
+`original_record` is the root normalized record hash.
+
+```ruby
+Julewire::Redaction.configure do |config|
+  config.filters = [
+    lambda do |key, value|
+      value.replace("[FILTERED]") if key == "customer_note" && value.include?("ssn=")
+    end
+  ]
+end
+```
+
+Proc rules mutate a duplicate of string scalar values. If a proc raises, the
+record is not emitted.
+
+String filters with dots are path-aware. Raw regexes are key matchers unless
+wrapped with `Julewire::Redaction.path(...)`.

data/docs/string-values.md

@@ -0,0 +1,37 @@
+# String Values
+
+Structured key/value redaction is the primary path.
+
+`string_values` defaults to `false`. When enabled, the processor also tries to
+scrub embedded secrets inside string values.
+
+```ruby
+Julewire::Redaction.configure do |config|
+  config.string_values = true
+end
+```
+
+The string scrubber handles common opaque-string shapes:
+
+- header lines such as `Authorization:`, `Cookie:`, `Set-Cookie:`, and
+  `X-Api-Key:`
+- JSON-like string pairs such as `"access_token": "abc"`
+- query/form pairs such as `access_token=abc&scope=read`
+
+This is defense-in-depth. It is not a JSON parser and it does not replace
+structured key/value redaction.
+
+String scrubbing scans the full string value before core output truncation. It
+is therefore proportional to captured body size. Avoid pairing
+`string_values: true` with unbounded request or response body capture unless the
+volume and body sizes are known to be small.
+
+Regexp filters disable the cheap string-key pre-scan, so every colon/equal style
+string is checked against the pair scrubbers when `string_values` is enabled.
+
+The matcher intentionally covers only simple string patterns. Escaped quotes,
+unquoted or numeric JSON values, multiline serialized data, and custom formats
+can remain unchanged unless the surrounding structured key is also redacted.
+
+When `authorization_header` is true, `Authorization:` header lines are redacted
+even if `authorization` is not present in the filter list.

data/julewire-redaction.gemspec

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+require_relative "lib/julewire/redaction/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "julewire-redaction"
+  spec.version = Julewire::Redaction::VERSION
+  spec.authors = ["Alexander Grebennik"]
+  spec.email = ["slbug@users.noreply.github.com", "sl.bug.sl@gmail.com"]
+
+  spec.summary = "Structured redaction processor for Julewire."
+  spec.description = "Structured key/value and string redaction processor for Julewire records."
+  spec.homepage = "https://github.com/slbug/julewire"
+  spec.license = "MIT"
+  spec.required_ruby_version = ">= 3.4"
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = "https://github.com/slbug/julewire/tree/main/gems/redaction"
+  spec.metadata["changelog_uri"] = "https://github.com/slbug/julewire/blob/main/gems/redaction/CHANGELOG.md"
+
+  spec.metadata["rubygems_mfa_required"] = "true"
+
+  spec.files = Dir.chdir(__dir__) do
+    Dir[
+      "CHANGELOG.md",
+      "LICENSE.txt",
+      "README.md",
+      "docs/**/*.md",
+      "julewire-redaction.gemspec",
+      "lib/**/*.rb"
+    ]
+  end
+  spec.executables = []
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "julewire-core", ">= 1.0"
+  spec.add_dependency "zeitwerk", ">= 2.8.1"
+end

data/lib/julewire/redaction/configuration.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Julewire
+  module Redaction
+    class Configuration
+      include Julewire::Core::Integration::Settings
+
+      setting :authorization_header, default: true
+      setting :filters, default: DEFAULT_FILTERS
+      setting :mask, default: DEFAULT_MASK
+      setting :max_array_items, default: Julewire::Serializer::DEFAULT_MAX_ARRAY_ITEMS,
+                                validate: integer_limit
+      setting :max_depth, default: Julewire::Serializer::DEFAULT_MAX_DEPTH,
+                          validate: integer_limit(positive: true)
+      setting :max_hash_keys, default: Julewire::Serializer::DEFAULT_MAX_HASH_KEYS,
+                              validate: integer_limit
+      setting :max_string_bytes, default: Julewire::Serializer::DEFAULT_MAX_STRING_BYTES,
+                                 validate: integer_limit
+      setting :string_values, default: false
+    end
+  end
+end

data/lib/julewire/redaction/matcher.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+module Julewire
+  module Redaction
+    class Matcher
+      attr_reader :blocks
+
+      def initialize(filters)
+        @blocks, patterns = Array(filters).partition { it.is_a?(Proc) }
+        normal_filters, deep_filters = patterns.partition { !deep_filter?(it) }
+        @pattern = compile(normal_filters, deep: false)
+        @deep_pattern = compile(deep_filters, deep: true)
+        @string_scan_pattern = string_scan_pattern(normal_filters)
+        @blocks.freeze
+      end
+
+      def match?(key, path: nil)
+        key_string = key.to_s
+        !!(pattern_match?(@pattern, key_string) || pattern_match?(@deep_pattern, path))
+      end
+
+      def empty? = @pattern.nil? && @deep_pattern.nil?
+
+      def path_dependent? = !@deep_pattern.nil?
+
+      def string_key_possible?(value)
+        return true unless @string_scan_pattern
+
+        @string_scan_pattern.match?(value)
+      end
+
+      private
+
+      def compile(filters, deep:)
+        patterns = filters.map do |filter|
+          filter = filter.filter if filter.instance_of?(PathFilter)
+          case filter
+          when Regexp
+            filter
+          else
+            escaped = Regexp.escape(filter.to_s)
+            pattern = deep ? "(?:\\A|\\.)#{escaped}\\z" : "\\A#{escaped}\\z"
+            Regexp.new(pattern, Regexp::IGNORECASE)
+          end
+        end
+        Regexp.union(patterns) unless patterns.empty?
+      end
+
+      def string_scan_pattern(filters)
+        return if filters.any?(Regexp)
+
+        Regexp.new(filters.map { Regexp.escape(it.to_s) }.join("|"), Regexp::IGNORECASE)
+      end
+
+      def pattern_match?(pattern, value)
+        pattern&.match?(value)
+      end
+
+      def deep_filter?(filter)
+        return true if filter.instance_of?(PathFilter)
+        return false if filter.instance_of?(Regexp)
+
+        filter.to_s.include?(".")
+      end
+    end
+  end
+end

data/lib/julewire/redaction/processor.rb

@@ -0,0 +1,110 @@
+# frozen_string_literal: true
+
+module Julewire
+  module Redaction
+    class Processor
+      PRESERVED_TOP_LEVEL_KEYS = (
+        Core::Fields::Bags.record_scalar_keys - %i[message]
+      ).freeze
+      private_constant :PRESERVED_TOP_LEVEL_KEYS
+
+      def initialize(
+        filters = Redaction.config.filters,
+        mask: Redaction.config.mask,
+        max_array_items: Redaction.config.max_array_items,
+        max_depth: Redaction.config.max_depth,
+        max_hash_keys: Redaction.config.max_hash_keys,
+        max_string_bytes: Redaction.config.max_string_bytes,
+        string_values: Redaction.config.string_values,
+        authorization_header: Redaction.config.authorization_header
+      )
+        @matcher = Matcher.new(filters)
+        @blocks = @matcher.blocks
+        @mask = mask.to_s
+        @max_array_items = Core::Validation.validate_integer_limit!(max_array_items, name: :max_array_items)
+        @max_depth = Core::Validation.validate_integer_limit!(max_depth, name: :max_depth, positive: true)
+        @max_hash_keys = Core::Validation.validate_integer_limit!(max_hash_keys, name: :max_hash_keys)
+        @max_string_bytes = Core::Validation.validate_integer_limit!(max_string_bytes, name: :max_string_bytes)
+        @string_redactor = if string_values
+                             StringRedactor.new(
+                               matcher: @matcher,
+                               mask: @mask,
+                               authorization_header: authorization_header
+                             )
+                           end
+        @redact_keys = !@matcher.empty?
+        @redact_scalars = @string_redactor || !@blocks.empty?
+        @enabled = @redact_keys || @redact_scalars
+        @record_transform = Core::Processing::RecordFieldTransform.new(
+          max_array_items: @max_array_items,
+          max_depth: @max_depth,
+          max_hash_keys: @max_hash_keys,
+          max_string_bytes: @max_string_bytes,
+          preserve_top_level_keys: PRESERVED_TOP_LEVEL_KEYS,
+          track_paths: @matcher.path_dependent?
+        )
+      end
+
+      def call(draft)
+        validate_draft!(draft)
+        return draft unless @enabled
+
+        draft.transform_record! { redact_record(it) }
+      end
+
+      private
+
+      def validate_draft!(draft)
+        return if draft.instance_of?(Julewire::RecordDraft)
+
+        raise TypeError, "expected Julewire::RecordDraft"
+      end
+
+      def redact_record(record)
+        @record_transform.call(record) do |item, key:, path:, prefixed_path:, original:, **|
+          redact_item(
+            item,
+            key: key,
+            path: path,
+            prefixed_path: prefixed_path,
+            original: original
+          )
+        end
+      end
+
+      def redact_item(item, key:, path:, original:, prefixed_path:, **)
+        return @mask if redacted_key?(key, path: path, prefixed_path: prefixed_path)
+        if @redact_scalars && !item.is_a?(Hash) && !item.is_a?(Array)
+          return redact_scalar(item, key: key, original: original)
+        end
+
+        Core::Serialization::BoundedTransform::CONTINUE
+      end
+
+      def redacted_key?(key, path:, prefixed_path:)
+        return false unless @redact_keys && key
+        return true if @matcher.match?(key, path: path)
+
+        prefixed_path && @matcher.match?(key, path: prefixed_path)
+      end
+
+      def redact_scalar(value, key:, original:)
+        value = apply_block_filters(key, value, original) if key && !@blocks.empty?
+        value.is_a?(String) && @string_redactor ? @string_redactor.call(value) : value
+      end
+
+      def apply_block_filters(key, value, original)
+        key_copy = key.to_s.dup
+        value_copy = duplicate_filter_value(value)
+        @blocks.each do |block|
+          block.arity == 2 ? block.call(key_copy, value_copy) : block.call(key_copy, value_copy, original)
+        end
+        value_copy
+      end
+
+      def duplicate_filter_value(value)
+        value.is_a?(String) ? value.dup : value
+      end
+    end
+  end
+end

data/lib/julewire/redaction/string_redactor.rb

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+
+module Julewire
+  module Redaction
+    class StringRedactor
+      def initialize(matcher:, mask:, authorization_header: true)
+        @matcher = matcher
+        @mask = mask.to_s
+        @authorization_header = authorization_header
+        @redact_headers = @authorization_header || !@matcher.empty?
+        @redact_pairs = !@matcher.empty?
+      end
+
+      def call(value)
+        return value unless value.is_a?(String)
+
+        has_colon = value.include?(":")
+        has_equals = value.include?("=")
+        return value unless redaction_possible?(has_colon, has_equals)
+
+        redacted = value.dup
+        redact_header_lines!(redacted) if header_redaction_possible?(has_colon)
+        return redacted unless @redact_pairs
+        return redacted unless @matcher.string_key_possible?(value)
+
+        redact_json_pairs!(redacted) if json_pair_possible?(value, has_colon)
+        redact_form_pairs!(redacted) if form_pair_possible?(has_equals)
+        redacted
+      end
+
+      private
+
+      def redaction_possible?(has_colon, has_equals)
+        header_redaction_possible?(has_colon) || (@redact_pairs && (has_colon || has_equals))
+      end
+
+      def header_redaction_possible?(has_colon)
+        @redact_headers && has_colon
+      end
+
+      def json_pair_possible?(value, has_colon)
+        @redact_pairs && has_colon && (value.include?('"') || value.include?("'"))
+      end
+
+      def form_pair_possible?(has_equals)
+        @redact_pairs && has_equals
+      end
+
+      def redact_header_lines!(value)
+        value.gsub!(/(^|[\r\n])([A-Za-z0-9-]+:\s*)(?:"[^"\r\n]*"|[^\r\n]*)/i) do |line|
+          name = Regexp.last_match(2).split(":", 2).fetch(0)
+          next line unless redact_header?(name)
+
+          "#{Regexp.last_match(1)}#{Regexp.last_match(2)}#{@mask}"
+        end
+      end
+
+      def redact_header?(name)
+        return true if @authorization_header && name.casecmp?("authorization")
+
+        @matcher.match?(name) || @matcher.match?(name.tr("-", "_"))
+      end
+
+      def redact_json_pairs!(value)
+        # Defense-in-depth for short log strings; large bodies should stay bounded.
+        value.gsub!(/(["'])([^"']+)\1(\s*:\s*)(["'])(.*?)\4/i) do |pair|
+          next pair unless @matcher.match?(Regexp.last_match(2))
+
+          "#{Regexp.last_match(1)}#{Regexp.last_match(2)}#{Regexp.last_match(1)}" \
+            "#{Regexp.last_match(3)}#{Regexp.last_match(4)}#{@mask}#{Regexp.last_match(4)}"
+        end
+      end
+
+      def redact_form_pairs!(value)
+        value.gsub!(/(^|[?&\s])([^?&\s"=]+)(=)([^&\s"]+)/i) do |pair|
+          next pair unless @matcher.match?(Regexp.last_match(2))
+
+          "#{Regexp.last_match(1)}#{Regexp.last_match(2)}#{Regexp.last_match(3)}#{@mask}"
+        end
+      end
+    end
+  end
+end

data/lib/julewire/redaction/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Julewire
+  module Redaction
+    VERSION = "1.0.0"
+  end
+end

data/lib/julewire/redaction.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+require "zeitwerk"
+require "julewire/core"
+
+module Julewire
+  module Redaction
+    # Header names may arrive as normalized symbols or literal HTTP spellings.
+    AUTH_FILTERS = %i[
+      access_token
+      refresh_token
+      id_token
+      client_secret
+      assertion
+      code_verifier
+      token
+      authorization
+      cookie
+      set_cookie
+      x_api_key
+      set-cookie
+      x-api-key
+    ].freeze
+
+    COMMON_FILTERS = %i[
+      api_key
+      password
+      passwd
+      private_key
+      secret
+    ].freeze
+
+    SECRET_FILTERS = (AUTH_FILTERS + COMMON_FILTERS + %i[
+      crypt
+      salt
+      certificate
+      otp
+      cvv
+      cvc
+    ]).uniq.freeze
+
+    PII_FILTERS = %i[
+      email
+      ssn
+    ].freeze
+
+    DEFAULT_FILTERS = (SECRET_FILTERS + PII_FILTERS).uniq.freeze
+    DEFAULT_MASK = "[FILTERED]"
+
+    PathFilter = Data.define(:filter)
+
+    class << self
+      def path(filter)
+        PathFilter.new(filter)
+      end
+    end
+
+    extend Core::Integration::Configurable
+
+    configurable_with { Configuration }
+  end
+
+  loader = Zeitwerk::Loader.for_gem_extension(self)
+  loader.setup
+  Core::Processing.register(:redaction) { |*args, **options| Redaction::Processor.new(*args, **options) }
+end

data/lib/julewire-redaction.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+require "julewire/redaction"

metadata

@@ -0,0 +1,89 @@
+--- !ruby/object:Gem::Specification
+name: julewire-redaction
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Alexander Grebennik
+bindir: bin
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: julewire-core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: zeitwerk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.8.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.8.1
+description: Structured key/value and string redaction processor for Julewire records.
+email:
+- slbug@users.noreply.github.com
+- sl.bug.sl@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- LICENSE.txt
+- README.md
+- docs/advanced-configuration.md
+- docs/configuration.md
+- docs/failure-semantics.md
+- docs/filter-rules.md
+- docs/string-values.md
+- julewire-redaction.gemspec
+- lib/julewire-redaction.rb
+- lib/julewire/redaction.rb
+- lib/julewire/redaction/configuration.rb
+- lib/julewire/redaction/matcher.rb
+- lib/julewire/redaction/processor.rb
+- lib/julewire/redaction/string_redactor.rb
+- lib/julewire/redaction/version.rb
+homepage: https://github.com/slbug/julewire
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/slbug/julewire
+  source_code_uri: https://github.com/slbug/julewire/tree/main/gems/redaction
+  changelog_uri: https://github.com/slbug/julewire/blob/main/gems/redaction/CHANGELOG.md
+  rubygems_mfa_required: 'true'
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '3.4'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 4.0.14
+specification_version: 4
+summary: Structured redaction processor for Julewire.
+test_files: []