@geekmidas/logger 0.0.1 → 0.2.0

package/dist/index.d.cts

@@ -1,2 +1,2 @@
-import { CreateLoggerOptions, LogFn, LogLevel, Logger } from "./types-DXdmn7h5.cjs";
-export { CreateLoggerOptions, LogFn, LogLevel, Logger };
+import { CreateLoggerOptions, LogFn, LogLevel, Logger, RedactOptions } from "./types-JxCFymH0.cjs";
+export { CreateLoggerOptions, LogFn, LogLevel, Logger, RedactOptions };

package/dist/index.d.mts

@@ -1,2 +1,2 @@
-import { CreateLoggerOptions, LogFn, LogLevel, Logger } from "./types-C1RfRbo6.mjs";
-export { CreateLoggerOptions, LogFn, LogLevel, Logger };
+import { CreateLoggerOptions, LogFn, LogLevel, Logger, RedactOptions } from "./types-Bga8WDuP.mjs";
+export { CreateLoggerOptions, LogFn, LogLevel, Logger, RedactOptions };

package/dist/pino.cjs

@@ -21,17 +21,57 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
 }) : target, mod));
 
 //#endregion
+const require_redact_paths = require('./redact-paths-D0m0DIuQ.cjs');
 const pino = __toESM(require("pino"));
 
 //#region src/pino.ts
-function createLogger(options) {
+/**
+* Resolves redaction configuration from options.
+* Returns undefined if redaction is disabled, or a pino-compatible redact config.
+*
+* By default (resolution: 'merge'), custom paths are merged with DEFAULT_REDACT_PATHS.
+* With resolution: 'override', only the custom paths are used.
+*/
+function resolveRedactConfig(redact) {
+	if (redact === void 0 || redact === false) return void 0;
+	if (redact === true) return require_redact_paths.DEFAULT_REDACT_PATHS;
+	if (Array.isArray(redact)) return [...require_redact_paths.DEFAULT_REDACT_PATHS, ...redact];
+	const { resolution = "merge", paths, censor, remove } = redact;
+	const resolvedPaths = resolution === "override" ? paths : [...require_redact_paths.DEFAULT_REDACT_PATHS, ...paths];
+	const config = { paths: resolvedPaths };
+	if (censor !== void 0) config.censor = censor;
+	if (remove !== void 0) config.remove = remove;
+	return config;
+}
+/**
+* Creates a pino logger instance with optional redaction support.
+*
+* @param options - Logger configuration options
+* @returns A configured pino logger instance
+*
+* @example
+* ```typescript
+* // Basic logger
+* const logger = createLogger({ level: 'debug' });
+*
+* // With redaction enabled
+* const secureLogger = createLogger({ redact: true });
+*
+* // Pretty printing in development
+* const devLogger = createLogger({ pretty: true, redact: true });
+* ```
+*/
+function createLogger(options = {}) {
 	const pretty = options?.pretty && process.NODE_ENV !== "production";
 	const baseOptions = pretty ? { transport: {
 		target: "pino-pretty",
 		options: { colorize: true }
 	} } : {};
+	const redact = resolveRedactConfig(options.redact);
 	return (0, pino.pino)({
 		...baseOptions,
+		...options.level && { level: options.level },
+		...redact && { redact },
 		formatters: {
 			bindings() {
 				return { nodeVersion: process.version };
@@ -44,5 +84,6 @@ function createLogger(options) {
 }
 
 //#endregion
+exports.DEFAULT_REDACT_PATHS = require_redact_paths.DEFAULT_REDACT_PATHS;
 exports.createLogger = createLogger;
 //# sourceMappingURL=pino.cjs.map

package/dist/pino.cjs.map

@@ -1 +1 @@
-{"version":3,"file":"pino.cjs","names":["options: CreateLoggerOptions"],"sources":["../src/pino.ts"],"sourcesContent":["import { pino } from 'pino';\nimport type { CreateLoggerOptions } from './types';\n\nexport function createLogger(options: CreateLoggerOptions) {\n  // @ts-ignore\n  const pretty = options?.pretty && process.NODE_ENV !== 'production';\n  const baseOptions = pretty\n    ? {\n        transport: {\n          target: 'pino-pretty',\n          options: { colorize: true },\n        },\n      }\n    : {};\n  return pino({\n    ...baseOptions,\n    formatters: {\n      bindings() {\n        return { nodeVersion: process.version };\n      },\n      level: (label) => {\n        return { level: label.toUpperCase() };\n      },\n    },\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAGA,SAAgB,aAAaA,SAA8B;CAEzD,MAAM,SAAS,SAAS,UAAU,QAAQ,aAAa;CACvD,MAAM,cAAc,SAChB,EACE,WAAW;EACT,QAAQ;EACR,SAAS,EAAE,UAAU,KAAM;CAC5B,EACF,IACD,CAAE;AACN,QAAO,eAAK;EACV,GAAG;EACH,YAAY;GACV,WAAW;AACT,WAAO,EAAE,aAAa,QAAQ,QAAS;GACxC;GACD,OAAO,CAAC,UAAU;AAChB,WAAO,EAAE,OAAO,MAAM,aAAa,CAAE;GACtC;EACF;CACF,EAAC;AACH"}
+{"version":3,"file":"pino.cjs","names":["redact: boolean | RedactOptions | undefined","DEFAULT_REDACT_PATHS","config: PinoRedactConfig","options: CreateLoggerOptions"],"sources":["../src/pino.ts"],"sourcesContent":["/**\n * Pino logger with built-in redaction support for sensitive data.\n *\n * @example\n * ```typescript\n * import { createLogger, DEFAULT_REDACT_PATHS } from '@geekmidas/logger/pino';\n *\n * // Enable redaction with sensible defaults\n * const logger = createLogger({ redact: true });\n *\n * // Sensitive data is automatically masked\n * logger.info({ password: 'secret123', user: 'john' }, 'Login');\n * // Output: { password: '[Redacted]', user: 'john' } Login\n *\n * // Add custom paths (merged with defaults)\n * const logger2 = createLogger({ redact: ['user.ssn'] });\n *\n * // Override defaults for full control\n * const logger3 = createLogger({\n *   redact: {\n *     paths: ['onlyThis'],\n *     resolution: 'override',\n *   }\n * });\n * ```\n *\n * @module\n */\nimport { pino } from 'pino';\nimport { DEFAULT_REDACT_PATHS } from './redact-paths';\nimport type { CreateLoggerOptions, RedactOptions } from './types';\n\n// Re-export for backwards compatibility\nexport { DEFAULT_REDACT_PATHS } from './redact-paths';\n\n/**\n * Type for the resolved pino redact config (without our custom resolution field).\n */\ntype PinoRedactConfig =\n  | string[]\n  | {\n      paths: string[];\n      censor?: string | ((value: unknown, path: string[]) => unknown);\n      remove?: boolean;\n    };\n\n/**\n * Resolves redaction configuration from options.\n * Returns undefined if redaction is disabled, or a pino-compatible redact config.\n *\n * By default (resolution: 'merge'), custom paths are merged with DEFAULT_REDACT_PATHS.\n * With resolution: 'override', only the custom paths are used.\n */\nfunction resolveRedactConfig(\n  redact: boolean | RedactOptions | undefined,\n): PinoRedactConfig | undefined {\n  if (redact === undefined || redact === false) {\n    return undefined;\n  }\n\n  if (redact === true) {\n    return DEFAULT_REDACT_PATHS;\n  }\n\n  // Array syntax - merge with defaults\n  if (Array.isArray(redact)) {\n    return [...DEFAULT_REDACT_PATHS, ...redact];\n  }\n\n  // Object syntax - check resolution mode\n  const { resolution = 'merge', paths, censor, remove } = redact;\n\n  const resolvedPaths =\n    resolution === 'override' ? paths : [...DEFAULT_REDACT_PATHS, ...paths];\n\n  // Return clean pino config without our resolution field\n  const config: PinoRedactConfig = { paths: resolvedPaths };\n  if (censor !== undefined) config.censor = censor;\n  if (remove !== undefined) config.remove = remove;\n\n  return config;\n}\n\n/**\n * Creates a pino logger instance with optional redaction support.\n *\n * @param options - Logger configuration options\n * @returns A configured pino logger instance\n *\n * @example\n * ```typescript\n * // Basic logger\n * const logger = createLogger({ level: 'debug' });\n *\n * // With redaction enabled\n * const secureLogger = createLogger({ redact: true });\n *\n * // Pretty printing in development\n * const devLogger = createLogger({ pretty: true, redact: true });\n * ```\n */\nexport function createLogger(options: CreateLoggerOptions = {}) {\n  // @ts-ignore\n  const pretty = options?.pretty && process.NODE_ENV !== 'production';\n  const baseOptions = pretty\n    ? {\n        transport: {\n          target: 'pino-pretty',\n          options: { colorize: true },\n        },\n      }\n    : {};\n\n  const redact = resolveRedactConfig(options.redact);\n\n  return pino({\n    ...baseOptions,\n    ...(options.level && { level: options.level }),\n    ...(redact && { redact }),\n    formatters: {\n      bindings() {\n        return { nodeVersion: process.version };\n      },\n      level: (label) => {\n        return { level: label.toUpperCase() };\n      },\n    },\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqDA,SAAS,oBACPA,QAC8B;AAC9B,KAAI,qBAAwB,WAAW,MACrC;AAGF,KAAI,WAAW,KACb,QAAOC;AAIT,KAAI,MAAM,QAAQ,OAAO,CACvB,QAAO,CAAC,GAAGA,2CAAsB,GAAG,MAAO;CAI7C,MAAM,EAAE,aAAa,SAAS,OAAO,QAAQ,QAAQ,GAAG;CAExD,MAAM,gBACJ,eAAe,aAAa,QAAQ,CAAC,GAAGA,2CAAsB,GAAG,KAAM;CAGzE,MAAMC,SAA2B,EAAE,OAAO,cAAe;AACzD,KAAI,kBAAsB,QAAO,SAAS;AAC1C,KAAI,kBAAsB,QAAO,SAAS;AAE1C,QAAO;AACR;;;;;;;;;;;;;;;;;;;AAoBD,SAAgB,aAAaC,UAA+B,CAAE,GAAE;CAE9D,MAAM,SAAS,SAAS,UAAU,QAAQ,aAAa;CACvD,MAAM,cAAc,SAChB,EACE,WAAW;EACT,QAAQ;EACR,SAAS,EAAE,UAAU,KAAM;CAC5B,EACF,IACD,CAAE;CAEN,MAAM,SAAS,oBAAoB,QAAQ,OAAO;AAElD,QAAO,eAAK;EACV,GAAG;EACH,GAAI,QAAQ,SAAS,EAAE,OAAO,QAAQ,MAAO;EAC7C,GAAI,UAAU,EAAE,OAAQ;EACxB,YAAY;GACV,WAAW;AACT,WAAO,EAAE,aAAa,QAAQ,QAAS;GACxC;GACD,OAAO,CAAC,UAAU;AAChB,WAAO,EAAE,OAAO,MAAM,aAAa,CAAE;GACtC;EACF;CACF,EAAC;AACH"}

package/dist/pino.d.cts

@@ -1,8 +1,28 @@
-import { CreateLoggerOptions } from "./types-DXdmn7h5.cjs";
+import { CreateLoggerOptions } from "./types-JxCFymH0.cjs";
+import { DEFAULT_REDACT_PATHS } from "./redact-paths-Br-tI2GZ.cjs";
 import * as pino0 from "pino";
 
 //#region src/pino.d.ts
-declare function createLogger(options: CreateLoggerOptions): pino0.Logger<never, boolean>;
+
+/**
+ * Creates a pino logger instance with optional redaction support.
+ *
+ * @param options - Logger configuration options
+ * @returns A configured pino logger instance
+ *
+ * @example
+ * ```typescript
+ * // Basic logger
+ * const logger = createLogger({ level: 'debug' });
+ *
+ * // With redaction enabled
+ * const secureLogger = createLogger({ redact: true });
+ *
+ * // Pretty printing in development
+ * const devLogger = createLogger({ pretty: true, redact: true });
+ * ```
+ */
+declare function createLogger(options?: CreateLoggerOptions): pino0.Logger<never, boolean>;
 //#endregion
-export { createLogger };
+export { DEFAULT_REDACT_PATHS, createLogger };
 //# sourceMappingURL=pino.d.cts.map

package/dist/pino.d.mts

@@ -1,8 +1,28 @@
-import { CreateLoggerOptions } from "./types-C1RfRbo6.mjs";
+import { CreateLoggerOptions } from "./types-Bga8WDuP.mjs";
+import { DEFAULT_REDACT_PATHS } from "./redact-paths-CIsuxHH7.mjs";
 import * as pino0 from "pino";
 
 //#region src/pino.d.ts
-declare function createLogger(options: CreateLoggerOptions): pino0.Logger<never, boolean>;
+
+/**
+ * Creates a pino logger instance with optional redaction support.
+ *
+ * @param options - Logger configuration options
+ * @returns A configured pino logger instance
+ *
+ * @example
+ * ```typescript
+ * // Basic logger
+ * const logger = createLogger({ level: 'debug' });
+ *
+ * // With redaction enabled
+ * const secureLogger = createLogger({ redact: true });
+ *
+ * // Pretty printing in development
+ * const devLogger = createLogger({ pretty: true, redact: true });
+ * ```
+ */
+declare function createLogger(options?: CreateLoggerOptions): pino0.Logger<never, boolean>;
 //#endregion
-export { createLogger };
+export { DEFAULT_REDACT_PATHS, createLogger };
 //# sourceMappingURL=pino.d.mts.map

package/dist/pino.mjs

@@ -1,14 +1,54 @@
+import { DEFAULT_REDACT_PATHS } from "./redact-paths-DQoIXhkS.mjs";
 import { pino } from "pino";
 
 //#region src/pino.ts
-function createLogger(options) {
+/**
+* Resolves redaction configuration from options.
+* Returns undefined if redaction is disabled, or a pino-compatible redact config.
+*
+* By default (resolution: 'merge'), custom paths are merged with DEFAULT_REDACT_PATHS.
+* With resolution: 'override', only the custom paths are used.
+*/
+function resolveRedactConfig(redact) {
+	if (redact === void 0 || redact === false) return void 0;
+	if (redact === true) return DEFAULT_REDACT_PATHS;
+	if (Array.isArray(redact)) return [...DEFAULT_REDACT_PATHS, ...redact];
+	const { resolution = "merge", paths, censor, remove } = redact;
+	const resolvedPaths = resolution === "override" ? paths : [...DEFAULT_REDACT_PATHS, ...paths];
+	const config = { paths: resolvedPaths };
+	if (censor !== void 0) config.censor = censor;
+	if (remove !== void 0) config.remove = remove;
+	return config;
+}
+/**
+* Creates a pino logger instance with optional redaction support.
+*
+* @param options - Logger configuration options
+* @returns A configured pino logger instance
+*
+* @example
+* ```typescript
+* // Basic logger
+* const logger = createLogger({ level: 'debug' });
+*
+* // With redaction enabled
+* const secureLogger = createLogger({ redact: true });
+*
+* // Pretty printing in development
+* const devLogger = createLogger({ pretty: true, redact: true });
+* ```
+*/
+function createLogger(options = {}) {
 	const pretty = options?.pretty && process.NODE_ENV !== "production";
 	const baseOptions = pretty ? { transport: {
 		target: "pino-pretty",
 		options: { colorize: true }
 	} } : {};
+	const redact = resolveRedactConfig(options.redact);
 	return pino({
 		...baseOptions,
+		...options.level && { level: options.level },
+		...redact && { redact },
 		formatters: {
 			bindings() {
 				return { nodeVersion: process.version };
@@ -21,5 +61,5 @@ function createLogger(options) {
 }
 
 //#endregion
-export { createLogger };
+export { DEFAULT_REDACT_PATHS, createLogger };
 //# sourceMappingURL=pino.mjs.map

package/dist/pino.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"pino.mjs","names":["options: CreateLoggerOptions"],"sources":["../src/pino.ts"],"sourcesContent":["import { pino } from 'pino';\nimport type { CreateLoggerOptions } from './types';\n\nexport function createLogger(options: CreateLoggerOptions) {\n  // @ts-ignore\n  const pretty = options?.pretty && process.NODE_ENV !== 'production';\n  const baseOptions = pretty\n    ? {\n        transport: {\n          target: 'pino-pretty',\n          options: { colorize: true },\n        },\n      }\n    : {};\n  return pino({\n    ...baseOptions,\n    formatters: {\n      bindings() {\n        return { nodeVersion: process.version };\n      },\n      level: (label) => {\n        return { level: label.toUpperCase() };\n      },\n    },\n  });\n}\n"],"mappings":";;;AAGA,SAAgB,aAAaA,SAA8B;CAEzD,MAAM,SAAS,SAAS,UAAU,QAAQ,aAAa;CACvD,MAAM,cAAc,SAChB,EACE,WAAW;EACT,QAAQ;EACR,SAAS,EAAE,UAAU,KAAM;CAC5B,EACF,IACD,CAAE;AACN,QAAO,KAAK;EACV,GAAG;EACH,YAAY;GACV,WAAW;AACT,WAAO,EAAE,aAAa,QAAQ,QAAS;GACxC;GACD,OAAO,CAAC,UAAU;AAChB,WAAO,EAAE,OAAO,MAAM,aAAa,CAAE;GACtC;EACF;CACF,EAAC;AACH"}
+{"version":3,"file":"pino.mjs","names":["redact: boolean | RedactOptions | undefined","config: PinoRedactConfig","options: CreateLoggerOptions"],"sources":["../src/pino.ts"],"sourcesContent":["/**\n * Pino logger with built-in redaction support for sensitive data.\n *\n * @example\n * ```typescript\n * import { createLogger, DEFAULT_REDACT_PATHS } from '@geekmidas/logger/pino';\n *\n * // Enable redaction with sensible defaults\n * const logger = createLogger({ redact: true });\n *\n * // Sensitive data is automatically masked\n * logger.info({ password: 'secret123', user: 'john' }, 'Login');\n * // Output: { password: '[Redacted]', user: 'john' } Login\n *\n * // Add custom paths (merged with defaults)\n * const logger2 = createLogger({ redact: ['user.ssn'] });\n *\n * // Override defaults for full control\n * const logger3 = createLogger({\n *   redact: {\n *     paths: ['onlyThis'],\n *     resolution: 'override',\n *   }\n * });\n * ```\n *\n * @module\n */\nimport { pino } from 'pino';\nimport { DEFAULT_REDACT_PATHS } from './redact-paths';\nimport type { CreateLoggerOptions, RedactOptions } from './types';\n\n// Re-export for backwards compatibility\nexport { DEFAULT_REDACT_PATHS } from './redact-paths';\n\n/**\n * Type for the resolved pino redact config (without our custom resolution field).\n */\ntype PinoRedactConfig =\n  | string[]\n  | {\n      paths: string[];\n      censor?: string | ((value: unknown, path: string[]) => unknown);\n      remove?: boolean;\n    };\n\n/**\n * Resolves redaction configuration from options.\n * Returns undefined if redaction is disabled, or a pino-compatible redact config.\n *\n * By default (resolution: 'merge'), custom paths are merged with DEFAULT_REDACT_PATHS.\n * With resolution: 'override', only the custom paths are used.\n */\nfunction resolveRedactConfig(\n  redact: boolean | RedactOptions | undefined,\n): PinoRedactConfig | undefined {\n  if (redact === undefined || redact === false) {\n    return undefined;\n  }\n\n  if (redact === true) {\n    return DEFAULT_REDACT_PATHS;\n  }\n\n  // Array syntax - merge with defaults\n  if (Array.isArray(redact)) {\n    return [...DEFAULT_REDACT_PATHS, ...redact];\n  }\n\n  // Object syntax - check resolution mode\n  const { resolution = 'merge', paths, censor, remove } = redact;\n\n  const resolvedPaths =\n    resolution === 'override' ? paths : [...DEFAULT_REDACT_PATHS, ...paths];\n\n  // Return clean pino config without our resolution field\n  const config: PinoRedactConfig = { paths: resolvedPaths };\n  if (censor !== undefined) config.censor = censor;\n  if (remove !== undefined) config.remove = remove;\n\n  return config;\n}\n\n/**\n * Creates a pino logger instance with optional redaction support.\n *\n * @param options - Logger configuration options\n * @returns A configured pino logger instance\n *\n * @example\n * ```typescript\n * // Basic logger\n * const logger = createLogger({ level: 'debug' });\n *\n * // With redaction enabled\n * const secureLogger = createLogger({ redact: true });\n *\n * // Pretty printing in development\n * const devLogger = createLogger({ pretty: true, redact: true });\n * ```\n */\nexport function createLogger(options: CreateLoggerOptions = {}) {\n  // @ts-ignore\n  const pretty = options?.pretty && process.NODE_ENV !== 'production';\n  const baseOptions = pretty\n    ? {\n        transport: {\n          target: 'pino-pretty',\n          options: { colorize: true },\n        },\n      }\n    : {};\n\n  const redact = resolveRedactConfig(options.redact);\n\n  return pino({\n    ...baseOptions,\n    ...(options.level && { level: options.level }),\n    ...(redact && { redact }),\n    formatters: {\n      bindings() {\n        return { nodeVersion: process.version };\n      },\n      level: (label) => {\n        return { level: label.toUpperCase() };\n      },\n    },\n  });\n}\n"],"mappings":";;;;;;;;;;;AAqDA,SAAS,oBACPA,QAC8B;AAC9B,KAAI,qBAAwB,WAAW,MACrC;AAGF,KAAI,WAAW,KACb,QAAO;AAIT,KAAI,MAAM,QAAQ,OAAO,CACvB,QAAO,CAAC,GAAG,sBAAsB,GAAG,MAAO;CAI7C,MAAM,EAAE,aAAa,SAAS,OAAO,QAAQ,QAAQ,GAAG;CAExD,MAAM,gBACJ,eAAe,aAAa,QAAQ,CAAC,GAAG,sBAAsB,GAAG,KAAM;CAGzE,MAAMC,SAA2B,EAAE,OAAO,cAAe;AACzD,KAAI,kBAAsB,QAAO,SAAS;AAC1C,KAAI,kBAAsB,QAAO,SAAS;AAE1C,QAAO;AACR;;;;;;;;;;;;;;;;;;;AAoBD,SAAgB,aAAaC,UAA+B,CAAE,GAAE;CAE9D,MAAM,SAAS,SAAS,UAAU,QAAQ,aAAa;CACvD,MAAM,cAAc,SAChB,EACE,WAAW;EACT,QAAQ;EACR,SAAS,EAAE,UAAU,KAAM;CAC5B,EACF,IACD,CAAE;CAEN,MAAM,SAAS,oBAAoB,QAAQ,OAAO;AAElD,QAAO,KAAK;EACV,GAAG;EACH,GAAI,QAAQ,SAAS,EAAE,OAAO,QAAQ,MAAO;EAC7C,GAAI,UAAU,EAAE,OAAQ;EACxB,YAAY;GACV,WAAW;AACT,WAAO,EAAE,aAAa,QAAQ,QAAS;GACxC;GACD,OAAO,CAAC,UAAU;AAChB,WAAO,EAAE,OAAO,MAAM,aAAa,CAAE;GACtC;EACF;CACF,EAAC;AACH"}

package/dist/redact-paths-Br-tI2GZ.d.cts

@@ -0,0 +1,18 @@
+//#region src/redact-paths.d.ts
+/**
+ * Default sensitive field paths for redaction.
+ *
+ * These paths are automatically used when `redact: true` is set,
+ * and merged with custom paths unless `resolution: 'override'` is specified.
+ *
+ * Includes:
+ * - Authentication: password, token, apiKey, authorization, credentials
+ * - Headers: authorization, cookie, x-api-key, x-auth-token
+ * - Personal data: ssn, creditCard, cvv, pin
+ * - Secrets: secret, connectionString, databaseUrl
+ * - Wildcards: *.password, *.secret, *.token (catches nested fields)
+ */
+declare const DEFAULT_REDACT_PATHS: string[];
+//#endregion
+export { DEFAULT_REDACT_PATHS };
+//# sourceMappingURL=redact-paths-Br-tI2GZ.d.cts.map

package/dist/redact-paths-CIsuxHH7.d.mts

@@ -0,0 +1,18 @@
+//#region src/redact-paths.d.ts
+/**
+ * Default sensitive field paths for redaction.
+ *
+ * These paths are automatically used when `redact: true` is set,
+ * and merged with custom paths unless `resolution: 'override'` is specified.
+ *
+ * Includes:
+ * - Authentication: password, token, apiKey, authorization, credentials
+ * - Headers: authorization, cookie, x-api-key, x-auth-token
+ * - Personal data: ssn, creditCard, cvv, pin
+ * - Secrets: secret, connectionString, databaseUrl
+ * - Wildcards: *.password, *.secret, *.token (catches nested fields)
+ */
+declare const DEFAULT_REDACT_PATHS: string[];
+//#endregion
+export { DEFAULT_REDACT_PATHS };
+//# sourceMappingURL=redact-paths-CIsuxHH7.d.mts.map

package/dist/redact-paths-D0m0DIuQ.cjs

@@ -0,0 +1,73 @@
+
+//#region src/redact-paths.ts
+/**
+* Default sensitive field paths for redaction.
+*
+* These paths are automatically used when `redact: true` is set,
+* and merged with custom paths unless `resolution: 'override'` is specified.
+*
+* Includes:
+* - Authentication: password, token, apiKey, authorization, credentials
+* - Headers: authorization, cookie, x-api-key, x-auth-token
+* - Personal data: ssn, creditCard, cvv, pin
+* - Secrets: secret, connectionString, databaseUrl
+* - Wildcards: *.password, *.secret, *.token (catches nested fields)
+*/
+const DEFAULT_REDACT_PATHS = [
+	"password",
+	"pass",
+	"passwd",
+	"secret",
+	"token",
+	"accessToken",
+	"refreshToken",
+	"idToken",
+	"apiKey",
+	"api_key",
+	"apikey",
+	"auth",
+	"authorization",
+	"credential",
+	"credentials",
+	"*.password",
+	"*.secret",
+	"*.token",
+	"*.apiKey",
+	"*.api_key",
+	"*.authorization",
+	"*.accessToken",
+	"*.refreshToken",
+	"headers.authorization",
+	"headers.Authorization",
+	"headers[\"authorization\"]",
+	"headers[\"Authorization\"]",
+	"headers.cookie",
+	"headers.Cookie",
+	"headers[\"x-api-key\"]",
+	"headers[\"X-Api-Key\"]",
+	"headers[\"x-auth-token\"]",
+	"headers[\"X-Auth-Token\"]",
+	"ssn",
+	"socialSecurityNumber",
+	"social_security_number",
+	"creditCard",
+	"credit_card",
+	"cardNumber",
+	"card_number",
+	"cvv",
+	"cvc",
+	"pin",
+	"connectionString",
+	"connection_string",
+	"databaseUrl",
+	"database_url"
+];
+
+//#endregion
+Object.defineProperty(exports, 'DEFAULT_REDACT_PATHS', {
+  enumerable: true,
+  get: function () {
+    return DEFAULT_REDACT_PATHS;
+  }
+});
+//# sourceMappingURL=redact-paths-D0m0DIuQ.cjs.map

package/dist/redact-paths-D0m0DIuQ.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"redact-paths-D0m0DIuQ.cjs","names":["DEFAULT_REDACT_PATHS: string[]"],"sources":["../src/redact-paths.ts"],"sourcesContent":["/**\n * Default sensitive field paths for redaction.\n *\n * These paths are automatically used when `redact: true` is set,\n * and merged with custom paths unless `resolution: 'override'` is specified.\n *\n * Includes:\n * - Authentication: password, token, apiKey, authorization, credentials\n * - Headers: authorization, cookie, x-api-key, x-auth-token\n * - Personal data: ssn, creditCard, cvv, pin\n * - Secrets: secret, connectionString, databaseUrl\n * - Wildcards: *.password, *.secret, *.token (catches nested fields)\n */\nexport const DEFAULT_REDACT_PATHS: string[] = [\n  // Authentication & authorization\n  'password',\n  'pass',\n  'passwd',\n  'secret',\n  'token',\n  'accessToken',\n  'refreshToken',\n  'idToken',\n  'apiKey',\n  'api_key',\n  'apikey',\n  'auth',\n  'authorization',\n  'credential',\n  'credentials',\n\n  // Common nested patterns (headers, body, etc.)\n  '*.password',\n  '*.secret',\n  '*.token',\n  '*.apiKey',\n  '*.api_key',\n  '*.authorization',\n  '*.accessToken',\n  '*.refreshToken',\n\n  // HTTP headers (case variations)\n  'headers.authorization',\n  'headers.Authorization',\n  'headers[\"authorization\"]',\n  'headers[\"Authorization\"]',\n  'headers.cookie',\n  'headers.Cookie',\n  'headers[\"x-api-key\"]',\n  'headers[\"X-Api-Key\"]',\n  'headers[\"x-auth-token\"]',\n  'headers[\"X-Auth-Token\"]',\n\n  // Common sensitive data fields\n  'ssn',\n  'socialSecurityNumber',\n  'social_security_number',\n  'creditCard',\n  'credit_card',\n  'cardNumber',\n  'card_number',\n  'cvv',\n  'cvc',\n  'pin',\n\n  // Database & connection strings\n  'connectionString',\n  'connection_string',\n  'databaseUrl',\n  'database_url',\n];\n"],"mappings":";;;;;;;;;;;;;;;AAaA,MAAaA,uBAAiC;CAE5C;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CAGA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CAGA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CAGA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CAGA;CACA;CACA;CACA;AACD"}

package/dist/redact-paths-DQoIXhkS.mjs

@@ -0,0 +1,67 @@
+//#region src/redact-paths.ts
+/**
+* Default sensitive field paths for redaction.
+*
+* These paths are automatically used when `redact: true` is set,
+* and merged with custom paths unless `resolution: 'override'` is specified.
+*
+* Includes:
+* - Authentication: password, token, apiKey, authorization, credentials
+* - Headers: authorization, cookie, x-api-key, x-auth-token
+* - Personal data: ssn, creditCard, cvv, pin
+* - Secrets: secret, connectionString, databaseUrl
+* - Wildcards: *.password, *.secret, *.token (catches nested fields)
+*/
+const DEFAULT_REDACT_PATHS = [
+	"password",
+	"pass",
+	"passwd",
+	"secret",
+	"token",
+	"accessToken",
+	"refreshToken",
+	"idToken",
+	"apiKey",
+	"api_key",
+	"apikey",
+	"auth",
+	"authorization",
+	"credential",
+	"credentials",
+	"*.password",
+	"*.secret",
+	"*.token",
+	"*.apiKey",
+	"*.api_key",
+	"*.authorization",
+	"*.accessToken",
+	"*.refreshToken",
+	"headers.authorization",
+	"headers.Authorization",
+	"headers[\"authorization\"]",
+	"headers[\"Authorization\"]",
+	"headers.cookie",
+	"headers.Cookie",
+	"headers[\"x-api-key\"]",
+	"headers[\"X-Api-Key\"]",
+	"headers[\"x-auth-token\"]",
+	"headers[\"X-Auth-Token\"]",
+	"ssn",
+	"socialSecurityNumber",
+	"social_security_number",
+	"creditCard",
+	"credit_card",
+	"cardNumber",
+	"card_number",
+	"cvv",
+	"cvc",
+	"pin",
+	"connectionString",
+	"connection_string",
+	"databaseUrl",
+	"database_url"
+];
+
+//#endregion
+export { DEFAULT_REDACT_PATHS };
+//# sourceMappingURL=redact-paths-DQoIXhkS.mjs.map

package/dist/redact-paths-DQoIXhkS.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"redact-paths-DQoIXhkS.mjs","names":["DEFAULT_REDACT_PATHS: string[]"],"sources":["../src/redact-paths.ts"],"sourcesContent":["/**\n * Default sensitive field paths for redaction.\n *\n * These paths are automatically used when `redact: true` is set,\n * and merged with custom paths unless `resolution: 'override'` is specified.\n *\n * Includes:\n * - Authentication: password, token, apiKey, authorization, credentials\n * - Headers: authorization, cookie, x-api-key, x-auth-token\n * - Personal data: ssn, creditCard, cvv, pin\n * - Secrets: secret, connectionString, databaseUrl\n * - Wildcards: *.password, *.secret, *.token (catches nested fields)\n */\nexport const DEFAULT_REDACT_PATHS: string[] = [\n  // Authentication & authorization\n  'password',\n  'pass',\n  'passwd',\n  'secret',\n  'token',\n  'accessToken',\n  'refreshToken',\n  'idToken',\n  'apiKey',\n  'api_key',\n  'apikey',\n  'auth',\n  'authorization',\n  'credential',\n  'credentials',\n\n  // Common nested patterns (headers, body, etc.)\n  '*.password',\n  '*.secret',\n  '*.token',\n  '*.apiKey',\n  '*.api_key',\n  '*.authorization',\n  '*.accessToken',\n  '*.refreshToken',\n\n  // HTTP headers (case variations)\n  'headers.authorization',\n  'headers.Authorization',\n  'headers[\"authorization\"]',\n  'headers[\"Authorization\"]',\n  'headers.cookie',\n  'headers.Cookie',\n  'headers[\"x-api-key\"]',\n  'headers[\"X-Api-Key\"]',\n  'headers[\"x-auth-token\"]',\n  'headers[\"X-Auth-Token\"]',\n\n  // Common sensitive data fields\n  'ssn',\n  'socialSecurityNumber',\n  'social_security_number',\n  'creditCard',\n  'credit_card',\n  'cardNumber',\n  'card_number',\n  'cvv',\n  'cvc',\n  'pin',\n\n  // Database & connection strings\n  'connectionString',\n  'connection_string',\n  'databaseUrl',\n  'database_url',\n];\n"],"mappings":";;;;;;;;;;;;;;AAaA,MAAaA,uBAAiC;CAE5C;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CAGA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CAGA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CAGA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CAGA;CACA;CACA;CACA;AACD"}

package/dist/redact-paths.cjs

@@ -0,0 +1,3 @@
+const require_redact_paths = require('./redact-paths-D0m0DIuQ.cjs');
+
+exports.DEFAULT_REDACT_PATHS = require_redact_paths.DEFAULT_REDACT_PATHS;

package/dist/redact-paths.d.cts

@@ -0,0 +1,2 @@
+import { DEFAULT_REDACT_PATHS } from "./redact-paths-Br-tI2GZ.cjs";
+export { DEFAULT_REDACT_PATHS };

package/dist/redact-paths.d.mts

@@ -0,0 +1,2 @@
+import { DEFAULT_REDACT_PATHS } from "./redact-paths-CIsuxHH7.mjs";
+export { DEFAULT_REDACT_PATHS };

package/dist/redact-paths.mjs

@@ -0,0 +1,3 @@
+import { DEFAULT_REDACT_PATHS } from "./redact-paths-DQoIXhkS.mjs";
+
+export { DEFAULT_REDACT_PATHS };

package/dist/{types-C1RfRbo6.d.mts → types-Bga8WDuP.d.mts}

@@ -72,10 +72,94 @@ declare enum LogLevel {
   Fatal = "fatal",
   Silent = "silent",
 }
+/**
+ * Redaction configuration for masking sensitive data in logs.
+ * Uses pino's fast-redact library under the hood.
+ *
+ * By default, custom paths are merged with the default sensitive paths.
+ * Use `resolution: 'override'` to use only your custom paths.
+ *
+ * @example
+ * ```typescript
+ * // Simple path array (merges with defaults)
+ * redact: ['user.ssn', 'custom.field']
+ *
+ * // Override defaults completely
+ * redact: {
+ *   paths: ['only.these.paths'],
+ *   resolution: 'override',
+ * }
+ *
+ * // With custom censor
+ * redact: {
+ *   paths: ['extra.secret'],
+ *   censor: '***',
+ * }
+ *
+ * // Remove fields entirely
+ * redact: {
+ *   paths: ['temporary.data'],
+ *   remove: true,
+ * }
+ * ```
+ */
+type RedactOptions = string[] | {
+  /** Paths to redact using dot notation or bracket notation for special chars */
+  paths: string[];
+  /** Custom replacement text (default: '[REDACTED]') */
+  censor?: string | ((value: unknown, path: string[]) => unknown);
+  /** Remove the field entirely instead of replacing (default: false) */
+  remove?: boolean;
+  /**
+   * How to combine custom paths with default sensitive paths.
+   * - 'merge': Custom paths are added to default paths (default)
+   * - 'override': Only custom paths are used, defaults are ignored
+   */
+  resolution?: 'merge' | 'override';
+};
 type CreateLoggerOptions = {
+  /** Enable pretty printing with colors (disabled in production) */
   pretty?: boolean;
+  /** Minimum log level to output */
   level?: LogLevel;
+  /**
+   * Redaction configuration for masking sensitive data.
+   *
+   * - `true`: Uses default sensitive paths (password, token, secret, etc.)
+   * - `false` or `undefined`: No redaction applied
+   * - `string[]`: Custom paths merged with defaults
+   * - `object`: Advanced config with paths, censor, remove, and resolution options
+   *
+   * By default, custom paths are **merged** with the default sensitive paths.
+   * Use `resolution: 'override'` to disable defaults and use only your paths.
+   *
+   * @example
+   * ```typescript
+   * // Use defaults only
+   * createLogger({ redact: true });
+   *
+   * // Add custom paths (merged with defaults)
+   * createLogger({ redact: ['user.ssn', 'custom.field'] });
+   *
+   * // Override defaults completely
+   * createLogger({
+   *   redact: {
+   *     paths: ['only.these.paths'],
+   *     resolution: 'override',
+   *   }
+   * });
+   *
+   * // Merge with custom censor
+   * createLogger({
+   *   redact: {
+   *     paths: ['extra.secret'],
+   *     censor: '***',
+   *   }
+   * });
+   * ```
+   */
+  redact?: boolean | RedactOptions;
 };
 //#endregion
-export { CreateLoggerOptions, LogFn, LogLevel, Logger };
-//# sourceMappingURL=types-C1RfRbo6.d.mts.map
+export { CreateLoggerOptions, LogFn, LogLevel, Logger, RedactOptions };
+//# sourceMappingURL=types-Bga8WDuP.d.mts.map

package/dist/{types-DXdmn7h5.d.cts → types-JxCFymH0.d.cts}

@@ -72,10 +72,94 @@ declare enum LogLevel {
   Fatal = "fatal",
   Silent = "silent",
 }
+/**
+ * Redaction configuration for masking sensitive data in logs.
+ * Uses pino's fast-redact library under the hood.
+ *
+ * By default, custom paths are merged with the default sensitive paths.
+ * Use `resolution: 'override'` to use only your custom paths.
+ *
+ * @example
+ * ```typescript
+ * // Simple path array (merges with defaults)
+ * redact: ['user.ssn', 'custom.field']
+ *
+ * // Override defaults completely
+ * redact: {
+ *   paths: ['only.these.paths'],
+ *   resolution: 'override',
+ * }
+ *
+ * // With custom censor
+ * redact: {
+ *   paths: ['extra.secret'],
+ *   censor: '***',
+ * }
+ *
+ * // Remove fields entirely
+ * redact: {
+ *   paths: ['temporary.data'],
+ *   remove: true,
+ * }
+ * ```
+ */
+type RedactOptions = string[] | {
+  /** Paths to redact using dot notation or bracket notation for special chars */
+  paths: string[];
+  /** Custom replacement text (default: '[REDACTED]') */
+  censor?: string | ((value: unknown, path: string[]) => unknown);
+  /** Remove the field entirely instead of replacing (default: false) */
+  remove?: boolean;
+  /**
+   * How to combine custom paths with default sensitive paths.
+   * - 'merge': Custom paths are added to default paths (default)
+   * - 'override': Only custom paths are used, defaults are ignored
+   */
+  resolution?: 'merge' | 'override';
+};
 type CreateLoggerOptions = {
+  /** Enable pretty printing with colors (disabled in production) */
   pretty?: boolean;
+  /** Minimum log level to output */
   level?: LogLevel;
+  /**
+   * Redaction configuration for masking sensitive data.
+   *
+   * - `true`: Uses default sensitive paths (password, token, secret, etc.)
+   * - `false` or `undefined`: No redaction applied
+   * - `string[]`: Custom paths merged with defaults
+   * - `object`: Advanced config with paths, censor, remove, and resolution options
+   *
+   * By default, custom paths are **merged** with the default sensitive paths.
+   * Use `resolution: 'override'` to disable defaults and use only your paths.
+   *
+   * @example
+   * ```typescript
+   * // Use defaults only
+   * createLogger({ redact: true });
+   *
+   * // Add custom paths (merged with defaults)
+   * createLogger({ redact: ['user.ssn', 'custom.field'] });
+   *
+   * // Override defaults completely
+   * createLogger({
+   *   redact: {
+   *     paths: ['only.these.paths'],
+   *     resolution: 'override',
+   *   }
+   * });
+   *
+   * // Merge with custom censor
+   * createLogger({
+   *   redact: {
+   *     paths: ['extra.secret'],
+   *     censor: '***',
+   *   }
+   * });
+   * ```
+   */
+  redact?: boolean | RedactOptions;
 };
 //#endregion
-export { CreateLoggerOptions, LogFn, LogLevel, Logger };
-//# sourceMappingURL=types-DXdmn7h5.d.cts.map
+export { CreateLoggerOptions, LogFn, LogLevel, Logger, RedactOptions };
+//# sourceMappingURL=types-JxCFymH0.d.cts.map