@hackylabs/deep-redact 1.0.0 → 2.0.0

package/dist/esm/index.mjs

@@ -0,0 +1,137 @@
+import RedactorUtils from './utils/redactorUtils';
+class DeepRedact {
+    /**
+     * The redactorUtils instance to handle the redaction.
+     * @private
+     */
+    redactorUtils;
+    /**
+     * A WeakSet to store circular references during redaction. Reset to null after redaction is complete.
+     * @private
+     */
+    circularReference = null;
+    /**
+     * The configuration for the redaction.
+     * @private
+     */
+    config = {
+        serialise: false,
+    };
+    /**
+     * Create a new DeepRedact instance with the provided configuration.
+     * The configuration will be merged with the default configuration.
+     * `blacklistedKeys` will be normalised to an array inherited from the default configuration as the default values.
+     * @param {DeepRedactConfig} config. The configuration for the redaction.
+     */
+    constructor(config) {
+        const { serialise, serialize, ...rest } = config;
+        this.redactorUtils = new RedactorUtils(rest);
+        if (serialise !== undefined)
+            this.config.serialise = serialise;
+        if (serialize !== undefined)
+            this.config.serialise = serialize;
+    }
+    /**
+     * A transformer for unsupported data types. If `serialise` is false, the value will be returned as is,
+     * otherwise it will transform the value into a format that is supported by JSON.stringify.
+     *
+     * Error, RegExp, and Date instances are technically supported by JSON.stringify,
+     * but they returned as empty objects, therefore they are also transformed here.
+     * @protected
+     * @param {unknown} value The value that is not supported by JSON.stringify.
+     * @returns {unknown} The value in a format that is supported by JSON.stringify.
+     */
+    unsupportedTransformer = (value) => {
+        if (!this.config.serialise)
+            return value;
+        if (typeof value === 'bigint') {
+            return {
+                __unsupported: {
+                    type: 'bigint',
+                    value: value.toString(),
+                    radix: 10,
+                },
+            };
+        }
+        if (value instanceof Error) {
+            return {
+                __unsupported: {
+                    type: 'error',
+                    name: value.name,
+                    message: value.message,
+                    stack: value.stack,
+                },
+            };
+        }
+        if (value instanceof RegExp) {
+            return {
+                __unsupported: {
+                    type: 'regexp',
+                    source: value.source,
+                    flags: value.flags,
+                },
+            };
+        }
+        if (value instanceof Date)
+            return value.toISOString();
+        return value;
+    };
+    /**
+     * Calls `unsupportedTransformer` on the provided value and rewrites any circular references.
+     *
+     * Circular references will always be removed to avoid infinite recursion.
+     * When a circular reference is found, the value will be replaced with `[[CIRCULAR_REFERENCE: path.to.original.value]]`.
+     * @protected
+     * @param {unknown} value The value to rewrite.
+     * @param {string | undefined} path The path to the value in the object.
+     * @returns {unknown} The rewritten value.
+     */
+    rewriteUnsupported = (value, path) => {
+        const safeValue = this.unsupportedTransformer(value);
+        if (!(safeValue instanceof Object))
+            return safeValue;
+        if (this.circularReference === null)
+            this.circularReference = new WeakSet();
+        if (Array.isArray(safeValue)) {
+            return safeValue.map((val, index) => {
+                const newPath = path ? `${path}.[${index}]` : `[${index}]`;
+                if (this.circularReference?.has(val))
+                    return `[[CIRCULAR_REFERENCE: ${newPath}]]`;
+                if (val instanceof Object) {
+                    this.circularReference?.add(val);
+                    return this.rewriteUnsupported(val, newPath);
+                }
+                return val;
+            });
+        }
+        return Object.fromEntries(Object.entries(safeValue).map(([key, val]) => {
+            const newPath = path ? `${path}.${key}` : key;
+            if (this.circularReference?.has(val))
+                return [key, `[[CIRCULAR_REFERENCE: ${newPath}]]`];
+            if (val instanceof Object)
+                this.circularReference?.add(val);
+            return [key, this.rewriteUnsupported(val, path ? `${path}.${key}` : key)];
+        }));
+    };
+    /**
+     * Depending on the value of `serialise`, return the value as a JSON string or as the provided value.
+     *
+     * Also resets the `circularReference` property to null after redaction is complete.
+     * This is to ensure that the WeakSet doesn't cause memory leaks.
+     * @private
+     * @param value
+     */
+    maybeSerialise = (value) => {
+        this.circularReference = null;
+        return this.config.serialise ? JSON.stringify(value) : value;
+    };
+    /**
+     * Redact the provided value. The value will be stripped of any circular references and other unsupported data types, before being redacted according to the configuration and finally serialised if required.
+     * @param {unknown} value The value to redact.
+     * @returns {unknown} The redacted value.
+     */
+    redact = (value) => {
+        return this.maybeSerialise(this.redactorUtils.recurse(this.rewriteUnsupported(value)));
+    };
+}
+export { DeepRedact as default, DeepRedact };

package/dist/esm/types.mjs

@@ -0,0 +1 @@
+export {};

package/dist/esm/utils/redactorUtils.js

@@ -0,0 +1,219 @@
+const defaultConfig = {
+    stringTests: [],
+    blacklistedKeys: [],
+    blacklistedKeysTransformed: [],
+    fuzzyKeyMatch: false,
+    caseSensitiveKeyMatch: true,
+    retainStructure: false,
+    remove: false,
+    replaceStringByLength: false,
+    replacement: '[REDACTED]',
+    types: ['string'],
+};
+class RedactorUtils {
+    /**
+     * The configuration for the redaction.
+     * @private
+     */
+    config = defaultConfig;
+    constructor(customConfig) {
+        this.config = {
+            ...defaultConfig,
+            ...customConfig,
+            blacklistedKeys: customConfig.blacklistedKeys ?? [],
+            blacklistedKeysTransformed: customConfig.blacklistedKeys?.map((key) => {
+                const isObject = !(typeof key === 'string' || key instanceof RegExp);
+                const setKey = isObject ? key.key : key;
+                const fallback = {
+                    fuzzyKeyMatch: customConfig.fuzzyKeyMatch ?? defaultConfig.fuzzyKeyMatch,
+                    caseSensitiveKeyMatch: customConfig.caseSensitiveKeyMatch ?? defaultConfig.caseSensitiveKeyMatch,
+                    retainStructure: customConfig.retainStructure ?? defaultConfig.retainStructure,
+                    replacement: customConfig.replacement ?? defaultConfig.replacement,
+                    remove: customConfig.remove ?? defaultConfig.remove,
+                    key: setKey,
+                };
+                if (isObject) {
+                    return {
+                        fuzzyKeyMatch: key.fuzzyKeyMatch ?? fallback.fuzzyKeyMatch,
+                        caseSensitiveKeyMatch: key.caseSensitiveKeyMatch ?? fallback.caseSensitiveKeyMatch,
+                        retainStructure: key.retainStructure ?? fallback.retainStructure,
+                        replacement: key.replacement ?? fallback.replacement,
+                        remove: key.remove ?? fallback.remove,
+                        key: setKey,
+                    };
+                }
+                return fallback;
+            }) ?? [],
+        };
+    }
+    /**
+     * Normalise a string for comparison. This will convert the string to lowercase and remove any non-word characters.
+     * @private
+     * @param str The string to normalise.
+     * @returns {string} The normalised string.
+     */
+    static normaliseString = (str) => str.toLowerCase().replace(/\W/g, '');
+    /**
+     * Determine if a key matches a given blacklistedKeyConfig. This will check the key against the blacklisted keys,
+     * using the configuration option for the given key falling back to the default configuration.
+     * @private
+     * @param {string} key The key to check.
+     * @param {BlacklistKeyConfig} blacklistKeyConfig The configuration for the key.
+     * @returns {boolean} Whether the key should be redacted.
+     */
+    static complexKeyMatch = (key, blacklistKeyConfig) => {
+        if (blacklistKeyConfig.key instanceof RegExp)
+            return blacklistKeyConfig.key.test(key);
+        if (blacklistKeyConfig.fuzzyKeyMatch && blacklistKeyConfig.caseSensitiveKeyMatch)
+            return key.includes(blacklistKeyConfig.key);
+        if (blacklistKeyConfig.fuzzyKeyMatch && !blacklistKeyConfig.caseSensitiveKeyMatch)
+            return RedactorUtils.normaliseString(key).includes(RedactorUtils.normaliseString(blacklistKeyConfig.key));
+        if (!blacklistKeyConfig.fuzzyKeyMatch && blacklistKeyConfig.caseSensitiveKeyMatch)
+            return key === blacklistKeyConfig.key;
+        return RedactorUtils.normaliseString(blacklistKeyConfig.key) === RedactorUtils.normaliseString(key);
+    };
+    /**
+     * Get the configuration for an object key. This will check the key against the transformed blacklisted keys.
+     * @private
+     * @param {string} key The key of the configuration to get.
+     * @returns {Required<BlacklistKeyConfig> | undefined} The configuration for the key.
+     */
+    getBlacklistedKeyConfig = (key) => {
+        if (!key)
+            return undefined;
+        return this.config.blacklistedKeysTransformed?.find((redactableKey) => {
+            return RedactorUtils.complexKeyMatch(key, redactableKey);
+        });
+    };
+    /**
+     * Get the recursion configuration for a key. This will check the key against the transformed blacklisted keys.
+     * If the key is found, the configuration for the key will be returned, otherwise undefined.
+     * @private
+     * @param {string} key The key of the configuration to get.
+     * @returns {Required<Pick<BlacklistKeyConfig, 'remove' | 'replacement' | 'retainStructure'>>} The configuration for the key.
+     */
+    getRecursionConfig = (key) => {
+        const fallback = {
+            remove: this.config.remove,
+            replacement: this.config.replacement,
+            retainStructure: this.config.retainStructure,
+        };
+        if (!key)
+            return fallback;
+        const blacklistedKeyConfig = this.getBlacklistedKeyConfig(key);
+        if (!blacklistedKeyConfig)
+            return fallback;
+        return {
+            remove: blacklistedKeyConfig.remove,
+            replacement: blacklistedKeyConfig.replacement,
+            retainStructure: blacklistedKeyConfig.retainStructure,
+        };
+    };
+    /**
+     * Determine if a key should be redacted. This will check the key against the blacklisted keys, using the default configuration.
+     * @private
+     * @param {string} key The key to check.
+     * @returns {boolean} Whether the key should be redacted.
+     */
+    shouldRedactObjectValue = (key) => {
+        if (!key)
+            return false;
+        return this.config.blacklistedKeysTransformed.some((redactableKey) => {
+            return RedactorUtils.complexKeyMatch(key, redactableKey);
+        });
+    };
+    /**
+     * Redact a string. This will redact the string based on the configuration, redacting the string if it matches a pattern or if the parent key should be redacted.
+     * @private
+     * @param value
+     * @param replacement
+     * @param remove
+     * @param shouldRedact
+     */
+    redactString = (value, replacement, remove, shouldRedact) => {
+        if (!value)
+            return value;
+        const { stringTests } = this.config;
+        if (!shouldRedact && !stringTests?.some((pattern) => pattern.test(value)))
+            return value;
+        if (remove)
+            return undefined;
+        if (typeof replacement === 'function')
+            return replacement(value);
+        if (this.config.replaceStringByLength)
+            return replacement.repeat(value.length);
+        return replacement;
+    };
+    /**
+     * Redact a primitive value. This will redact the value if it is a supported type, not an object or array, otherwise it will return the value unchanged.
+     * @private
+     * @param {unknown} value The value to redact.
+     * @param {Transformer | string} replacement The replacement value for redacted data.
+     * @param {boolean} remove Whether the redacted data should be removed.
+     * @param {boolean} shouldRedact Whether the value should be redacted based on the parent key.
+     * @returns {unknown} The redacted value.
+     */
+    redactPrimitive = (value, replacement, remove, shouldRedact) => {
+        if (!this.config.types.includes(typeof value))
+            return value;
+        if (remove && shouldRedact && typeof value !== 'string')
+            return undefined;
+        if (typeof value === 'string')
+            return this.redactString(value, replacement, remove, shouldRedact);
+        if (!shouldRedact)
+            return value;
+        if (typeof replacement === 'function')
+            return replacement(value);
+        return replacement;
+    };
+    /**
+     * Redact an array. This will redact each value in the array using the `recurse` method.
+     * @private
+     * @param {unknown[]} value The array to redact.
+     * @returns {unknown[]} The redacted array.
+     */
+    redactArray = (value) => value.map((val) => this.recurse(val));
+    /**
+     * Redact an object. This will recursively redact the object based on the configuration, redacting the keys and values as required.
+     * @param {Object} value The object to redact.
+     * @param {string | null} key The key of the object if it is part of another object.
+     * @param {boolean} parentShouldRedact Whether the item should be redacted based on the key within the parent object.
+     */
+    redactObject = (value, key, parentShouldRedact) => {
+        return Object.fromEntries(Object.entries(value).map(([prop, val]) => {
+            const shouldRedact = parentShouldRedact || this.shouldRedactObjectValue(prop);
+            if (shouldRedact) {
+                const { remove } = this.getRecursionConfig(prop);
+                if (remove)
+                    return [];
+            }
+            return [prop, this.recurse(val, key ?? prop, shouldRedact)];
+        }).filter(([prop]) => prop !== undefined));
+    };
+    /**
+     * Redact a value. If the value is an object or array, the redaction will be performed recursively, otherwise the value will be redacted if it is a supported type using the `replace` method.
+     * @private
+     * @param {unknown} value The value to redact.
+     * @param {string | null} key The key of the value if it is part of an object.
+     * @param {boolean} parentShouldRedact Whether the parent object should be redacted.
+     * @returns {unknown} The redacted value.
+     */
+    recurse = (value, key, parentShouldRedact) => {
+        if (value === null)
+            return value;
+        const { remove, replacement, retainStructure } = this.getRecursionConfig(key);
+        if (!(value instanceof Object))
+            return this.redactPrimitive(value, replacement, remove, Boolean(key && parentShouldRedact));
+        if (parentShouldRedact) {
+            if (!retainStructure) {
+                return typeof replacement === 'function'
+                    ? replacement(value)
+                    : replacement;
+            }
+        }
+        if (Array.isArray(value))
+            return this.redactArray(value);
+        return this.redactObject(value, key, parentShouldRedact);
+    };
+}
+export default RedactorUtils;

package/dist/types/index.d.ts

@@ -0,0 +1,63 @@
+import { DeepRedactConfig } from './types';
+declare class DeepRedact {
+    /**
+     * The redactorUtils instance to handle the redaction.
+     * @private
+     */
+    private redactorUtils;
+    /**
+     * A WeakSet to store circular references during redaction. Reset to null after redaction is complete.
+     * @private
+     */
+    private circularReference;
+    /**
+     * The configuration for the redaction.
+     * @private
+     */
+    private readonly config;
+    /**
+     * Create a new DeepRedact instance with the provided configuration.
+     * The configuration will be merged with the default configuration.
+     * `blacklistedKeys` will be normalised to an array inherited from the default configuration as the default values.
+     * @param {DeepRedactConfig} config. The configuration for the redaction.
+     */
+    constructor(config: DeepRedactConfig);
+    /**
+     * A transformer for unsupported data types. If `serialise` is false, the value will be returned as is,
+     * otherwise it will transform the value into a format that is supported by JSON.stringify.
+     *
+     * Error, RegExp, and Date instances are technically supported by JSON.stringify,
+     * but they returned as empty objects, therefore they are also transformed here.
+     * @protected
+     * @param {unknown} value The value that is not supported by JSON.stringify.
+     * @returns {unknown} The value in a format that is supported by JSON.stringify.
+     */
+    protected unsupportedTransformer: (value: unknown) => unknown;
+    /**
+     * Calls `unsupportedTransformer` on the provided value and rewrites any circular references.
+     *
+     * Circular references will always be removed to avoid infinite recursion.
+     * When a circular reference is found, the value will be replaced with `[[CIRCULAR_REFERENCE: path.to.original.value]]`.
+     * @protected
+     * @param {unknown} value The value to rewrite.
+     * @param {string | undefined} path The path to the value in the object.
+     * @returns {unknown} The rewritten value.
+     */
+    protected rewriteUnsupported: (value: unknown, path?: string) => unknown;
+    /**
+     * Depending on the value of `serialise`, return the value as a JSON string or as the provided value.
+     *
+     * Also resets the `circularReference` property to null after redaction is complete.
+     * This is to ensure that the WeakSet doesn't cause memory leaks.
+     * @private
+     * @param value
+     */
+    private maybeSerialise;
+    /**
+     * Redact the provided value. The value will be stripped of any circular references and other unsupported data types, before being redacted according to the configuration and finally serialised if required.
+     * @param {unknown} value The value to redact.
+     * @returns {unknown} The redacted value.
+     */
+    redact: (value: unknown) => unknown;
+}
+export { DeepRedact as default, DeepRedact };

package/dist/types/types.d.ts

@@ -0,0 +1,129 @@
+export type Types = 'string' | 'number' | 'bigint' | 'boolean' | 'object' | 'function' | 'symbol' | 'undefined';
+export type Transformer = (value: unknown) => unknown;
+export interface BlacklistKeyConfig {
+    /**
+     * Perform a fuzzy match on the key. This will match any key that contains the string, rather than a case-sensitive match.
+     * @default false
+     * @example true // match any key that contains the string 'address', such as 'homeAddress', 'workAddress', 'addressLine1', etc.
+     * @example false // match only keys that contain 'address' from start to end.
+     */
+    fuzzyKeyMatch?: boolean;
+    /**
+     * Perform a case-sensitive match on the key
+     * @default true
+     * @example false // match any key that contains the string 'address' regardless of upper, lower, snake, camel or any other case.
+     * @example true // match only keys that are exactly 'address' in the same case.
+     */
+    caseSensitiveKeyMatch?: boolean;
+    /**
+     * Retain the structure of the object, but redact the values.
+     * @default false
+     * @example true // retain the structure of the object, but redact the values. { a: '1' } => becomes { a: '[REDACTED]' }
+     * @example false // redact the entire object. { a: '1' } => becomes '[REDACTED]'
+     */
+    retainStructure?: boolean;
+    /**
+     * Remove the redacted data instead of replacing it with the `replacement` value.
+     * @default false // replace the redacted data with the `replacement` value.
+     * @example true // remove the redacted data.
+     */
+    remove?: boolean;
+    /**
+     * Replace string values with a redacted string of the same length, using the `replacement` option. Ignored if `remove` is true, `replacement` is a function, or the value is not a string.
+     * @default false
+     * @example true // if `replacement` equals `*` then `joe.bloggs@example.com` becomes `**********************`
+     * @example false // if `replacement` equals `*` then `joe.bloggs@example.com` becomes `*`
+     */
+    replacement?: string | ((value: unknown) => unknown);
+    /**
+     * The key to redact. Can be a string or a RegExp.
+     * @example 'address' // redact any key that is 'address'.
+     * @example /^address$/ // redact any key that is exactly 'address'.
+     */
+    key: string | RegExp;
+}
+export interface BaseDeepRedactConfig {
+    /**
+     * Keys that should be redacted. Can be a string, or an object with additional configuration options.
+     * @default []
+     * @example ['password', 'ssn'] // redact any key that is 'password' or 'ssn'.
+     * @example [{ key: 'address', fuzzyKeyMatch: true, caseSensitiveKeyMatch: false }] // redact any key that contains 'address' regardless of case.
+     */
+    blacklistedKeys?: Array<string | RegExp | BlacklistKeyConfig>;
+    blacklistedKeysTransformed: Array<Required<BlacklistKeyConfig>>;
+    /**
+     * Redact a string value that matches a test pattern.
+     * @default []
+     * @example [
+     *   /^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$/,  // redact any string that looks like an IP address.
+     * ]
+     */
+    stringTests?: RegExp[];
+    /**
+     * Perform a fuzzy match on the key. This will match any key that contains the string, rather than a case-sensitive match.
+     * @default false
+     * @example true // match any key that contains the string 'address', such as 'homeAddress', 'workAddress', 'addressLine1', etc.
+     * @example false // match only keys that contain 'address' from start to end.
+     */
+    fuzzyKeyMatch?: boolean;
+    /**
+     * Perform a case-sensitive match on the key
+     * @default true
+     * @example false // match any key that contains the string 'address' regardless of upper, lower, snake, camel or any other case.
+     * @example true // match only keys that are exactly 'address' in the same case.
+     */
+    caseSensitiveKeyMatch?: boolean;
+    /**
+     * Retain the structure of the object, but redact the values.
+     * @default false
+     * @example true // retain the structure of the object, but redact the values. { a: '1' } => becomes { a: '[REDACTED]' }
+     * @example false // redact the entire object. { a: '1' } => becomes '[REDACTED]'
+     */
+    retainStructure?: boolean;
+    /**
+     * Replace string values with a redacted string of the same length, using the `replacement` option. Ignored if `remove` is true, `replacement` is a function, or the value is not a string.
+     * @default false
+     * @example true // if `replacement` equals `*` then `joe.bloggs@example.com` becomes `**********************`
+     * @example false // if `replacement` equals `*` then `joe.bloggs@example.com` becomes `*`
+     */
+    replaceStringByLength?: boolean;
+    /**
+     * The replacement value for redacted data. Can be a string, or a function that takes the original value and returns any value.
+     * @default '[REDACTED]'
+     * @example (value) => `REDACTED: ${typeof value}` // redact the value with a prefix of 'REDACTED: ' and the type of the value.
+     * @example (value) => return typeof value === 'string' ? '*'.repeat(value.length) : '[REDACTED]' // redact the value with a string of the same length.
+     * @param value The original value that is being redacted.
+     * @returns The redacted value or undefined to remove the value.
+     */
+    replacement?: string | Transformer;
+    /**
+     * Remove the redacted data instead of replacing it with the `replacement` value.
+     */
+    remove?: boolean;
+    /**
+     * The types of values that should be redacted. If the value is not one of these types, it will not be redacted.
+     * @default ['string']
+     * @example ['string', 'number'] // redact only strings and numbers, leave other types unchanged.
+     */
+    types?: Types[];
+    /**
+     * Serialise the redacted data. If true, the redacted data will be returned as a JSON string. If false, it will be returned as an object.
+     * @default true
+     * @example true // return the redacted data as a JSON string.
+     * @example false // return the redacted data as the same type as the original data.
+     */
+    serialise?: boolean;
+    /**
+     * Alias of `serialise` for International-English users.
+     */
+    serialize?: boolean;
+}
+export type DeepRedactConfig = Partial<Omit<BaseDeepRedactConfig, 'blacklistedKeysTransformed' | 'blacklistedKeys' | 'stringTests'>> & ({
+    blacklistedKeys: BaseDeepRedactConfig['blacklistedKeys'];
+    stringTests: BaseDeepRedactConfig['stringTests'];
+} | {
+    blacklistedKeys: BaseDeepRedactConfig['blacklistedKeys'];
+} | {
+    stringTests: BaseDeepRedactConfig['stringTests'];
+});
+export type RedactorUtilsConfig = Omit<BaseDeepRedactConfig, 'serialise' | 'serialize'>;

package/dist/types/utils/redactorUtils.d.ts

@@ -0,0 +1,90 @@
+import { RedactorUtilsConfig } from '../types';
+declare class RedactorUtils {
+    /**
+     * The configuration for the redaction.
+     * @private
+     */
+    private readonly config;
+    constructor(customConfig: Omit<RedactorUtilsConfig, 'blacklistedKeysTransformed'>);
+    /**
+     * Normalise a string for comparison. This will convert the string to lowercase and remove any non-word characters.
+     * @private
+     * @param str The string to normalise.
+     * @returns {string} The normalised string.
+     */
+    private static normaliseString;
+    /**
+     * Determine if a key matches a given blacklistedKeyConfig. This will check the key against the blacklisted keys,
+     * using the configuration option for the given key falling back to the default configuration.
+     * @private
+     * @param {string} key The key to check.
+     * @param {BlacklistKeyConfig} blacklistKeyConfig The configuration for the key.
+     * @returns {boolean} Whether the key should be redacted.
+     */
+    private static complexKeyMatch;
+    /**
+     * Get the configuration for an object key. This will check the key against the transformed blacklisted keys.
+     * @private
+     * @param {string} key The key of the configuration to get.
+     * @returns {Required<BlacklistKeyConfig> | undefined} The configuration for the key.
+     */
+    private getBlacklistedKeyConfig;
+    /**
+     * Get the recursion configuration for a key. This will check the key against the transformed blacklisted keys.
+     * If the key is found, the configuration for the key will be returned, otherwise undefined.
+     * @private
+     * @param {string} key The key of the configuration to get.
+     * @returns {Required<Pick<BlacklistKeyConfig, 'remove' | 'replacement' | 'retainStructure'>>} The configuration for the key.
+     */
+    private getRecursionConfig;
+    /**
+     * Determine if a key should be redacted. This will check the key against the blacklisted keys, using the default configuration.
+     * @private
+     * @param {string} key The key to check.
+     * @returns {boolean} Whether the key should be redacted.
+     */
+    private shouldRedactObjectValue;
+    /**
+     * Redact a string. This will redact the string based on the configuration, redacting the string if it matches a pattern or if the parent key should be redacted.
+     * @private
+     * @param value
+     * @param replacement
+     * @param remove
+     * @param shouldRedact
+     */
+    private redactString;
+    /**
+     * Redact a primitive value. This will redact the value if it is a supported type, not an object or array, otherwise it will return the value unchanged.
+     * @private
+     * @param {unknown} value The value to redact.
+     * @param {Transformer | string} replacement The replacement value for redacted data.
+     * @param {boolean} remove Whether the redacted data should be removed.
+     * @param {boolean} shouldRedact Whether the value should be redacted based on the parent key.
+     * @returns {unknown} The redacted value.
+     */
+    private redactPrimitive;
+    /**
+     * Redact an array. This will redact each value in the array using the `recurse` method.
+     * @private
+     * @param {unknown[]} value The array to redact.
+     * @returns {unknown[]} The redacted array.
+     */
+    private redactArray;
+    /**
+     * Redact an object. This will recursively redact the object based on the configuration, redacting the keys and values as required.
+     * @param {Object} value The object to redact.
+     * @param {string | null} key The key of the object if it is part of another object.
+     * @param {boolean} parentShouldRedact Whether the item should be redacted based on the key within the parent object.
+     */
+    private redactObject;
+    /**
+     * Redact a value. If the value is an object or array, the redaction will be performed recursively, otherwise the value will be redacted if it is a supported type using the `replace` method.
+     * @private
+     * @param {unknown} value The value to redact.
+     * @param {string | null} key The key of the value if it is part of an object.
+     * @param {boolean} parentShouldRedact Whether the parent object should be redacted.
+     * @returns {unknown} The redacted value.
+     */
+    recurse: (value: unknown, key?: string | null, parentShouldRedact?: boolean) => unknown;
+}
+export default RedactorUtils;

package/package.json

@@ -1,10 +1,13 @@
 {
   "name": "@hackylabs/deep-redact",
-  "version": "1.0.0",
+  "version": "2.0.0",
   "description": "A fast, safe and configurable zero-dependency library for redacting strings or deeply redacting arrays and objects.",
   "private": false,
   "license": "MIT",
   "author": "Benjamin Green (https://bengreen.dev)",
+  "types": "./dist/types/index.d.ts",
+  "main": "./dist/cjs/index.js",
+  "module": "./dist/esm/index.mjs",
   "keywords": [
     "redact",
     "redaction",
@@ -26,7 +29,7 @@
     ".": {
       "import": "./dist/esm/index.js",
       "require": "./dist/cjs/index.js",
-      "types": "./dist/esm/index.d.ts"
+      "types": "./dist/types/index.d.ts"
     }
   },
   "files": [
@@ -39,7 +42,7 @@
   "scripts": {
     "lint": "eslint",
     "build": "npm run lint && npm run test && npm run bench && npm run build:esm && npm run build:cjs && npm run update-readme && npm run update-license",
-    "build:esm": "tsc --project tsconfig.esm.json",
+    "build:esm": "tsc --project tsconfig.esm.json && ./scripts/js-to-mjs.sh",
     "build:cjs": "tsc --project tsconfig.cjs.json",
     "bench": "npx vitest bench --watch=false",
     "bench:dev": "npx vitest bench",