configorama 0.11.2 → 1.0.0

package/src/utils/parsing/enrichMetadata.js

@@ -3,6 +3,8 @@ const fs = require('fs')
 const path = require('path')
 const { normalizePath, extractFilePath, normalizeFileVariable, resolveInnerVariables } = require('../paths/filePathUtils')
 const { preResolveString, preResolveSingle } = require('../resolution/preResolveVariable')
+const { parseOneOfFilter } = require('../filters/oneOf')
+const { extractComment } = require('./extractComment')
 
 // Type filters that indicate expected value types
 const TYPE_FILTERS = ['Boolean', 'String', 'Number', 'Array', 'Object', 'Json']
@@ -61,6 +63,8 @@ function createOccurrence(instance, varMatch, options = {}) {
 
   // Extract type from filters
   const type = extractTypeFromFilters(filters)
+  const oneOfFilter = filters && filters.find(filter => typeof filter === 'string' && filter.match(/^oneOf\(/))
+  const oneOf = parseOneOfFilter(oneOfFilter)
 
   const occurrence = {
     originalString: instance.originalStringValue,
@@ -79,6 +83,11 @@ function createOccurrence(instance, varMatch, options = {}) {
 
   if (description) {
     occurrence.description = description
+    occurrence.descriptionSource = 'help'
+  }
+
+  if (oneOf && oneOf.allowedValues) {
+    occurrence.allowedValues = oneOf.allowedValues
   }
 
   if (instance.defaultValueSrc) {
@@ -133,6 +142,56 @@ async function enrichMetadata(
   // Create resolve context early for resolving descriptions
   const configDir = configPath ? path.dirname(configPath) : undefined
   const resolveContext = { config: originalConfig, variableSyntax, configDir, options }
+  const commentFileType = configPath ? path.extname(configPath) : ''
+  let commentLines = []
+  if (configPath) {
+    try {
+      commentLines = fs.readFileSync(configPath, 'utf8').split('\n')
+    } catch (error) {
+      commentLines = []
+    }
+  }
+
+  function applyCommentFallback(occurrence) {
+    if (!occurrence) return occurrence
+    const comment = extractComment(occurrence.path, commentLines, commentFileType)
+    if (comment) {
+      if (comment.description && (!occurrence.description || comment.descriptionSource === 'commentTag')) {
+        occurrence.description = comment.description
+        occurrence.descriptionSource = comment.descriptionSource
+      }
+      if (comment.obtainHint) occurrence.obtainHint = comment.obtainHint
+      if (comment.examples) occurrence.examples = comment.examples
+      if (comment.defaultHint) occurrence.defaultHint = comment.defaultHint
+      if (comment.sensitive !== undefined) {
+        occurrence.sensitive = comment.sensitive
+        occurrence.sensitiveSource = 'commentTag'
+      }
+      if (comment.group) occurrence.group = comment.group
+      if (comment.deprecationMessage) occurrence.deprecationMessage = comment.deprecationMessage
+    }
+    return occurrence
+  }
+
+  async function applyDynamicOneOfAllowedValues(occurrence) {
+    if (!occurrence || occurrence.allowedValues || !occurrence.filters) return occurrence
+    const oneOfFilter = occurrence.filters.find(filter => typeof filter === 'string' && filter.match(/^oneOf\(/))
+    if (!oneOfFilter) return occurrence
+
+    const match = oneOfFilter.match(/^oneOf\(\s*\$\{([^}]+)\}\s*\)$/)
+    if (!match) return occurrence
+
+    try {
+      const resolved = await preResolveSingle(match[1], resolveContext)
+      if (Array.isArray(resolved)) {
+        occurrence.allowedValues = resolved.map(String)
+      }
+    } catch (error) {
+      // Leave unresolved dynamic oneOf args without allowedValues; runtime will report errors.
+    }
+
+    return occurrence
+  }
 
   const varKeys = Object.keys(metadata.variables)
 
@@ -439,6 +498,8 @@ async function enrichMetadata(
     for (const instance of varInstances) {
       // Add this occurrence with its full context
       const occurrence = createOccurrence(instance, key)
+      applyCommentFallback(occurrence)
+      await applyDynamicOneOfAllowedValues(occurrence)
       entry.occurrences.push(occurrence)
 
       // Find inner variables in resolveDetails (excluding the outermost variable itself)
@@ -511,6 +572,8 @@ async function enrichMetadata(
               hasFallback: !!detail.hasFallback,
               defaultValue: siblingDefaultValue,
             })
+            applyCommentFallback(siblingOccurrence)
+            await applyDynamicOneOfAllowedValues(siblingOccurrence)
             if (siblingDefaultValueSrc) {
               siblingOccurrence.defaultValueSrc = siblingDefaultValueSrc
             }
@@ -763,4 +826,4 @@ async function enrichMetadata(
   return metadata
 }
 
-module.exports = enrichMetadata
+module.exports = enrichMetadata

package/src/utils/parsing/enrichMetadata.test.js

@@ -0,0 +1,84 @@
+/* eslint-disable no-template-curly-in-string */
+const { test } = require('uvu')
+const assert = require('uvu/assert')
+const fs = require('fs')
+const os = require('os')
+const path = require('path')
+const configorama = require('../../index')
+
+function writeTempConfig(lines) {
+  const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'configorama-annotations-'))
+  const configPath = path.join(dir, 'config.yml')
+  fs.writeFileSync(configPath, lines.join('\n'))
+  return { dir, configPath }
+}
+
+test('enriched metadata maps comment annotations onto occurrences', async () => {
+  const { dir, configPath } = writeTempConfig([
+    '# Stripe live secret key',
+    '# @from Stripe dashboard > Developers > API keys',
+    '# @example sk_live_...',
+    '# @default Set in CI',
+    '# @sensitive false',
+    '# @group Payments',
+    '# @deprecated Use STRIPE_RESTRICTED_KEY instead',
+    'stripeSecret: ${env:STRIPE_SECRET_KEY}',
+  ])
+
+  try {
+    const analysis = await configorama.analyze(configPath, { options: {} })
+    const occurrence = analysis.uniqueVariables['env:STRIPE_SECRET_KEY'].occurrences[0]
+
+    assert.is(occurrence.description, 'Stripe live secret key')
+    assert.is(occurrence.descriptionSource, 'leadingComment')
+    assert.is(occurrence.obtainHint, 'Stripe dashboard > Developers > API keys')
+    assert.equal(occurrence.examples, ['sk_live_...'])
+    assert.is(occurrence.defaultHint, 'Set in CI')
+    assert.is(occurrence.defaultValue, undefined)
+    assert.is(occurrence.sensitive, false)
+    assert.is(occurrence.sensitiveSource, 'commentTag')
+    assert.is(occurrence.group, 'Payments')
+    assert.is(occurrence.deprecationMessage, 'Use STRIPE_RESTRICTED_KEY instead')
+  } finally {
+    fs.rmSync(dir, { recursive: true, force: true })
+  }
+})
+
+test('enriched metadata lets @description override help on the same occurrence', async () => {
+  const { dir, configPath } = writeTempConfig([
+    '# Plain comment loses',
+    '# @description Comment tag wins',
+    'apiKey: ${env:CONFIGORAMA_ANNOTATED_API_KEY | help("Help loses")}',
+  ])
+
+  try {
+    const analysis = await configorama.analyze(configPath, { options: {} })
+    const occurrence = analysis.uniqueVariables['env:CONFIGORAMA_ANNOTATED_API_KEY'].occurrences[0]
+
+    assert.is(occurrence.description, 'Comment tag wins')
+    assert.is(occurrence.descriptionSource, 'commentTag')
+  } finally {
+    fs.rmSync(dir, { recursive: true, force: true })
+  }
+})
+
+test('enriched metadata keeps normal comment below help while preserving independent tags', async () => {
+  const { dir, configPath } = writeTempConfig([
+    '# Plain comment loses to help',
+    '# @from Dashboard > Tokens',
+    'apiToken: ${env:CONFIGORAMA_ANNOTATED_TOKEN | help("Help wins")}',
+  ])
+
+  try {
+    const analysis = await configorama.analyze(configPath, { options: {} })
+    const occurrence = analysis.uniqueVariables['env:CONFIGORAMA_ANNOTATED_TOKEN'].occurrences[0]
+
+    assert.is(occurrence.description, 'Help wins')
+    assert.is(occurrence.descriptionSource, 'help')
+    assert.is(occurrence.obtainHint, 'Dashboard > Tokens')
+  } finally {
+    fs.rmSync(dir, { recursive: true, force: true })
+  }
+})
+
+test.run()

package/src/utils/parsing/extractComment.js

@@ -0,0 +1,145 @@
+const { findLineByPath, findLineForKey } = require('../paths/findLineForKey')
+const { parseCommentAnnotations } = require('./commentAnnotations')
+
+function getCommentMarkers(fileType) {
+  if (fileType === '.json') return []
+  if (fileType === '.json5' || fileType === '.jsonc') return ['//']
+  if (fileType === '.hcl') return ['//', '#']
+  if (['.yml', '.yaml', '.toml', '.ini'].includes(fileType)) return ['#']
+  return ['#', '//']
+}
+
+function isDecorationComment(text) {
+  return /^[\s\-=_*]{3,}$/.test(text)
+}
+
+function stripCommentMarker(line, marker) {
+  return line.trim().slice(marker.length).replace(/^\s?/, '')
+}
+
+function findCommentStart(line, markers) {
+  let quote = null
+  let variableDepth = 0
+
+  for (let i = 0; i < line.length; i++) {
+    const char = line[i]
+    const prev = i > 0 ? line[i - 1] : ''
+
+    if (!quote && char === '$' && line[i + 1] === '{') {
+      variableDepth++
+      i++
+      continue
+    }
+    if (!quote && variableDepth > 0 && char === '}') {
+      variableDepth--
+      continue
+    }
+    if ((char === "'" || char === '"') && prev !== '\\') {
+      if (!quote) quote = char
+      else if (quote === char) quote = null
+      continue
+    }
+    if (quote || variableDepth > 0) continue
+
+    for (const marker of markers) {
+      if (line.slice(i, i + marker.length) === marker) {
+        return { index: i, marker }
+      }
+    }
+  }
+
+  return null
+}
+
+function getLineNumber(configPath, lines, fileType) {
+  if (['.yml', '.yaml', '.json5', '.jsonc'].includes(fileType)) {
+    const byPath = findLineByPath(configPath, lines, fileType)
+    if (byPath) return byPath
+  }
+
+  if (fileType === '.json') return 0
+  const key = String(configPath).split('.').pop()
+  return findLineForKey(key, lines, fileType)
+}
+
+function getLeadingComment(lines, lineIndex, markers) {
+  const comments = getLeadingCommentLines(lines, lineIndex, markers)
+  return comments.length ? comments.join(' ') : null
+}
+
+function getLeadingCommentLines(lines, lineIndex, markers) {
+  const comments = []
+  for (let i = lineIndex - 1; i >= 0; i--) {
+    const line = lines[i]
+    if (!line || line.trim() === '') break
+
+    const trimmed = line.trim()
+    const marker = markers.find(item => trimmed.startsWith(item))
+    if (!marker) break
+
+    const text = stripCommentMarker(trimmed, marker).trim()
+    if (text && !isDecorationComment(text)) comments.unshift(text)
+  }
+
+  return comments
+}
+
+function hasAnnotations(annotations) {
+  return annotations && Object.keys(annotations).length > 0
+}
+
+function buildCommentResult(commentLines, fallbackDescriptionSource) {
+  const parsed = parseCommentAnnotations(commentLines)
+  if (!parsed.description && !hasAnnotations(parsed.annotations)) return null
+
+  const result = {}
+  if (parsed.description) {
+    result.description = parsed.description
+    result.descriptionSource = parsed.descriptionSource || fallbackDescriptionSource
+  }
+
+  if (hasAnnotations(parsed.annotations)) {
+    result.annotations = parsed.annotations
+    for (const [key, value] of Object.entries(parsed.annotations)) {
+      if (key === 'description') continue
+      result[key] = value
+    }
+  }
+
+  return result
+}
+
+function extractComment(configPath, lines, fileType) {
+  try {
+    const markers = getCommentMarkers(fileType)
+    if (!markers.length || !configPath || !Array.isArray(lines) || !lines.length) return null
+
+    const lineNumber = getLineNumber(configPath, lines, fileType)
+    if (!lineNumber) return null
+
+    const lineIndex = lineNumber - 1
+    const line = lines[lineIndex] || ''
+    const inlineStart = findCommentStart(line, markers)
+    if (inlineStart) {
+      const text = stripCommentMarker(line.slice(inlineStart.index), inlineStart.marker).trim()
+      if (text && !isDecorationComment(text)) {
+        return buildCommentResult([text], 'comment')
+      }
+    }
+
+    const leading = getLeadingCommentLines(lines, lineIndex, markers)
+    const result = buildCommentResult(leading, 'leadingComment')
+    if (result) return result
+  } catch (error) {
+    return null
+  }
+
+  return null
+}
+
+module.exports = {
+  extractComment,
+  findCommentStart,
+  getCommentMarkers,
+  getLeadingComment,
+}

package/src/utils/parsing/extractComment.test.js

@@ -0,0 +1,182 @@
+/* eslint-disable no-template-curly-in-string */
+const { test } = require('uvu')
+const assert = require('uvu/assert')
+const fs = require('fs')
+const os = require('os')
+const path = require('path')
+const configorama = require('../../index')
+const { extractComment, findCommentStart, getCommentMarkers } = require('./extractComment')
+
+test('extractComment reads trailing inline YAML comments', () => {
+  const lines = ['apiKey: ${env:API_KEY} # API key from dashboard']
+  assert.equal(extractComment('apiKey', lines, '.yml'), {
+    description: 'API key from dashboard',
+    descriptionSource: 'comment',
+  })
+})
+
+test('extractComment reads leading block comments and drops decoration', () => {
+  const lines = [
+    '# --------',
+    '# Database host',
+    '# Used by app startup',
+    'host: ${env:DB_HOST}',
+  ]
+  assert.equal(extractComment('host', lines, '.yaml'), {
+    description: 'Database host Used by app startup',
+    descriptionSource: 'leadingComment',
+  })
+})
+
+test('extractComment ignores comment markers inside variables and quotes', () => {
+  const lines = ['apiKey: ${env:API_KEY, "abc#123"} # Real comment']
+  const start = findCommentStart(lines[0], getCommentMarkers('.yml'))
+  assert.is(lines[0].slice(start.index), '# Real comment')
+})
+
+test('extractComment uses path-aware lookup for nested duplicate YAML keys', () => {
+  const lines = [
+    'first:',
+    '  apiKey: ${env:FIRST_KEY} # First key',
+    'second:',
+    '  apiKey: ${env:SECOND_KEY} # Second key',
+  ]
+  assert.equal(extractComment('second.apiKey', lines, '.yml'), {
+    description: 'Second key',
+    descriptionSource: 'comment',
+  })
+})
+
+test('extractComment skips JSON comments and handles failures without throwing', () => {
+  assert.is(extractComment('apiKey', ['"apiKey": "${env:API_KEY}" // ignored'], '.json'), null)
+  assert.is(extractComment(null, null, '.yml'), null)
+})
+
+test('extractComment handles JSON5 line comments', () => {
+  const lines = [
+    '{',
+    '  "apiKey": "${env:API_KEY}" // API key',
+    '}',
+  ]
+  assert.equal(extractComment('apiKey', lines, '.json5'), {
+    description: 'API key',
+    descriptionSource: 'comment',
+  })
+})
+
+test('extractComment parses leading YAML annotation tags', () => {
+  const lines = [
+    '# Stripe live secret key',
+    '# @from Stripe dashboard > Developers > API keys',
+    '# @sensitive true',
+    'stripeSecret: ${env:STRIPE_SECRET_KEY}',
+  ]
+  assert.equal(extractComment('stripeSecret', lines, '.yml'), {
+    description: 'Stripe live secret key',
+    descriptionSource: 'leadingComment',
+    annotations: {
+      obtainHint: 'Stripe dashboard > Developers > API keys',
+      sensitive: true,
+    },
+    obtainHint: 'Stripe dashboard > Developers > API keys',
+    sensitive: true,
+  })
+})
+
+test('extractComment lets explicit @description override plain comment text', () => {
+  const lines = [
+    '# Plain comment loses to explicit description',
+    '# @description Stripe live secret key',
+    'stripeSecret: ${env:STRIPE_SECRET_KEY}',
+  ]
+  assert.equal(extractComment('stripeSecret', lines, '.yaml'), {
+    description: 'Stripe live secret key',
+    descriptionSource: 'commentTag',
+    annotations: {
+      description: 'Stripe live secret key',
+    },
+  })
+})
+
+test('extractComment parses inline tags without requiring a description', () => {
+  const lines = [
+    'stripeSecret: ${env:STRIPE_SECRET_KEY} # @from Stripe dashboard > Developers > API keys',
+  ]
+  assert.equal(extractComment('stripeSecret', lines, '.yaml'), {
+    annotations: {
+      obtainHint: 'Stripe dashboard > Developers > API keys',
+    },
+    obtainHint: 'Stripe dashboard > Developers > API keys',
+  })
+})
+
+test('extractComment parses JSONC and HCL annotation comments', () => {
+  const jsoncLines = [
+    '{',
+    '  // @group Payments',
+    '  "stripeSecret": "${env:STRIPE_SECRET_KEY}"',
+    '}',
+  ]
+  assert.equal(extractComment('stripeSecret', jsoncLines, '.jsonc'), {
+    annotations: {
+      group: 'Payments',
+    },
+    group: 'Payments',
+  })
+
+  const hclLines = [
+    '// Stripe live secret key',
+    '// @from Stripe dashboard > Developers > API keys',
+    'stripe_secret = "${env:STRIPE_SECRET_KEY}"',
+  ]
+  assert.equal(extractComment('stripe_secret', hclLines, '.hcl'), {
+    description: 'Stripe live secret key',
+    descriptionSource: 'leadingComment',
+    annotations: {
+      obtainHint: 'Stripe dashboard > Developers > API keys',
+    },
+    obtainHint: 'Stripe dashboard > Developers > API keys',
+  })
+})
+
+test('extractComment keeps unknown tag-shaped comments as plain description', () => {
+  const lines = [
+    '# @david rotate this key after launch',
+    'stripeSecret: ${env:STRIPE_SECRET_KEY}',
+  ]
+  assert.equal(extractComment('stripeSecret', lines, '.yaml'), {
+    description: '@david rotate this key after launch',
+    descriptionSource: 'leadingComment',
+  })
+})
+
+test('requirements model uses comments when help is absent and keeps help precedence', async () => {
+  const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'configorama-comments-'))
+  const configPath = path.join(dir, 'config.yml')
+  fs.writeFileSync(configPath, [
+    '# API key from dashboard',
+    'apiKey: ${env:CONFIGORAMA_COMMENT_API_KEY}',
+    'withHelp: ${env:CONFIGORAMA_COMMENT_HELP | help("Help wins")} # Comment loses',
+    'nested:',
+    '  apiKey: ${env:CONFIGORAMA_COMMENT_NESTED} # Nested key',
+  ].join('\n'))
+
+  try {
+    const result = await configorama.analyze(configPath, {
+      instructions: true,
+      options: {}
+    })
+    const byVariable = Object.fromEntries(result.requirements.map(req => [req.variable, req]))
+
+    assert.is(byVariable['env:CONFIGORAMA_COMMENT_API_KEY'].description, 'API key from dashboard')
+    assert.is(byVariable['env:CONFIGORAMA_COMMENT_API_KEY'].descriptionSource, 'leadingComment')
+    assert.is(byVariable['env:CONFIGORAMA_COMMENT_HELP'].description, 'Help wins')
+    assert.is(byVariable['env:CONFIGORAMA_COMMENT_HELP'].descriptionSource, 'help')
+    assert.is(byVariable['env:CONFIGORAMA_COMMENT_NESTED'].description, 'Nested key')
+    assert.is(byVariable['env:CONFIGORAMA_COMMENT_NESTED'].descriptionSource, 'comment')
+  } finally {
+    fs.rmSync(dir, { recursive: true, force: true })
+  }
+})
+
+test.run()

package/src/utils/parsing/preProcess.js

@@ -26,7 +26,8 @@ function preProcess(configObject, variableSyntax, variableTypes, options = {}) {
   // Extract reference prefixes from variable types, or use defaults
   const refPrefixes = variableTypes && variableTypes.length > 0
     ? variableTypes
-        .map(v => (v.prefix || v.type) + ':')
+        .flatMap(v => v.prefixes || [v.prefix || v.type])
+        .map(prefix => prefix + ':')
         .filter(p => p !== 'dot.prop:' && p !== 'string:' && p !== 'number:')
     : ['self:', 'opt:', 'env:', 'file:', 'text:', 'deep:']
 

package/src/utils/paths/findLineForKey.js

@@ -19,8 +19,8 @@ function findLineForKey(keyToFind, lines, fileType) {
     if (fileType === '.yml' || fileType === '.yaml') {
       return new RegExp(`^\\s*${escapedKey}\\s*:`).test(line)
     }
-    // TOML: key = or key=
-    if (fileType === '.toml') {
+    // TOML/HCL: key = or key=
+    if (fileType === '.toml' || fileType === '.hcl') {
       return new RegExp(`^\\s*${escapedKey}\\s*=`).test(line)
     }
     // JSON: "key": or "key" :

package/src/utils/paths/ignorePaths.js

@@ -30,17 +30,29 @@ function patternToSegments(pattern) {
 }
 
 function matchSegments(patternSegments, pathSegments) {
-  if (!patternSegments.length) return pathSegments.length === 0
+  return matchFrom(patternSegments, 0, pathSegments, 0)
+}
 
-  const [head, ...tail] = patternSegments
-  if (head === '**') {
-    if (matchSegments(tail, pathSegments)) return true
-    return pathSegments.length > 0 && matchSegments(patternSegments, pathSegments.slice(1))
+// Index-based glob match: '**' spans zero-or-more segments (with backtracking),
+// '*' matches one segment, anything else matches literally. Avoids per-call array
+// allocation (no destructuring/slice) that dominated resolution hot paths.
+function matchFrom(pattern, pi, path, si) {
+  while (pi < pattern.length) {
+    const head = pattern[pi]
+    if (head === '**') {
+      // '**' consumes zero segments here...
+      if (matchFrom(pattern, pi + 1, path, si)) return true
+      // ...or one more path segment, still anchored on '**'
+      if (si >= path.length) return false
+      si++
+      continue
+    }
+    if (si >= path.length) return false
+    if (head !== '*' && head !== path[si]) return false
+    pi++
+    si++
   }
-
-  if (!pathSegments.length) return false
-  if (head !== '*' && head !== pathSegments[0]) return false
-  return matchSegments(tail, pathSegments.slice(1))
+  return si === path.length
 }
 
 function normalizeIgnorePaths(options = {}) {

package/src/utils/redaction/redact.js

@@ -0,0 +1,78 @@
+const dotProp = require('dot-prop')
+
+const REDACTED_VALUE = '********'
+
+const DEFAULT_SENSITIVE_PATTERNS = [
+  /secret/i,
+  /password/i,
+  /token/i,
+  /key/i,
+  /credential/i,
+  /auth/i,
+  /private[-_]?key/i,
+  /client[-_]?secret/i,
+]
+
+function cloneJson(value) {
+  if (value === undefined) return undefined
+  return JSON.parse(JSON.stringify(value))
+}
+
+function toRegex(pattern) {
+  if (pattern instanceof RegExp) return pattern
+  return new RegExp(String(pattern), 'i')
+}
+
+function getSensitivePatterns(options = {}) {
+  const customPatterns = (options.patterns || options.sensitivePatterns || []).map(toRegex)
+  return DEFAULT_SENSITIVE_PATTERNS.concat(customPatterns)
+}
+
+function isSensitiveName(name, options = {}) {
+  if (!name) return false
+  const value = String(name)
+  return getSensitivePatterns(options).some(pattern => pattern.test(value))
+}
+
+function getSensitiveOverride(entries = []) {
+  const entry = entries.find(item => item && typeof item.value === 'boolean')
+  if (!entry) return null
+  return entry.value
+}
+
+function isSensitiveVariable(name, options = {}) {
+  const override = getSensitiveOverride(options.sensitiveEntries || [])
+  if (override !== null) return override
+  return isSensitiveName(name, options) || isSensitiveName(options.path, options)
+}
+
+function redactValue(value) {
+  if (value === undefined) return undefined
+  return REDACTED_VALUE
+}
+
+function redactObjectByPaths(value, paths = []) {
+  const redacted = cloneJson(value)
+  for (const configPath of paths || []) {
+    if (configPath && dotProp.has(redacted, configPath)) {
+      dotProp.set(redacted, configPath, REDACTED_VALUE)
+    }
+  }
+  return redacted
+}
+
+function redactRequirementValue(requirement, value) {
+  return requirement && requirement.sensitive === true ? REDACTED_VALUE : value
+}
+
+module.exports = {
+  DEFAULT_SENSITIVE_PATTERNS,
+  REDACTED_VALUE,
+  cloneJson,
+  getSensitivePatterns,
+  isSensitiveName,
+  isSensitiveVariable,
+  redactObjectByPaths,
+  redactRequirementValue,
+  redactValue,
+}