dpdp-erasure-cli 1.1.1 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +8 -8
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
|
|
5
5
|
**The DPDP Erasure Engine CLI** is an automated, AI-assisted privacy toolkit that helps you securely discover, map, and cryptographically shred PII (Personally Identifiable Information) in your database.
|
|
6
6
|
|
|
7
|
-
It acts as the control plane for the [DPDP Erasure Engine](https://github.com/devxdh/dpdp-erasure-engine)
|
|
7
|
+
It acts as the control plane for the [DPDP Erasure Engine](https://github.com/devxdh/dpdp-erasure-engine). We are an open-source DPDP-aligned data erasure engine that helps developers comply with India's Digital Personal Data Protection Act (DPDPA), 2023. Data erasure is one of the biggest hurdles under the law due to the complex conflict between data retention policies, Data Principal rights, and Data Fiduciary obligations—this engine helps you solve that without writing manual SQL deletion scripts.
|
|
8
8
|
|
|
9
9
|
---
|
|
10
10
|
|
|
@@ -37,7 +37,7 @@ While our Introspector is incredibly powerful at analyzing metadata, foreign key
|
|
|
37
37
|
|
|
38
38
|
This CLI relies on [Bun](https://bun.sh/) for native cryptographic bindings and high-performance execution.
|
|
39
39
|
|
|
40
|
-
```
|
|
40
|
+
```text
|
|
41
41
|
npm install -g dpdp-erasure-cli
|
|
42
42
|
```
|
|
43
43
|
|
|
@@ -47,7 +47,7 @@ npm install -g dpdp-erasure-cli
|
|
|
47
47
|
|
|
48
48
|
Don't want to memorize commands? Just run the CLI with no arguments to launch the interactive wizard:
|
|
49
49
|
|
|
50
|
-
```
|
|
50
|
+
```text
|
|
51
51
|
dpdp-cli
|
|
52
52
|
```
|
|
53
53
|
|
|
@@ -60,7 +60,7 @@ Setting up your database for privacy compliance follows this simple 5-step workf
|
|
|
60
60
|
### 1. Introspect Your Database
|
|
61
61
|
Safely analyze your schema to discover PII and draft the deletion manifest. The AI will even find logical links if you don't use strict Foreign Keys!
|
|
62
62
|
|
|
63
|
-
```
|
|
63
|
+
```text
|
|
64
64
|
dpdp-cli introspect \
|
|
65
65
|
--url "postgres://user:pass@localhost:5432/app_db" \
|
|
66
66
|
--root public.users \
|
|
@@ -73,19 +73,19 @@ Open the generated `compliance.worker.yml`. Review the `targets` and `join` cond
|
|
|
73
73
|
|
|
74
74
|
### 3. Generate Security Keys
|
|
75
75
|
Create a private/public keypair to securely sign your manifest for production environments.
|
|
76
|
-
```
|
|
76
|
+
```text
|
|
77
77
|
dpdp-cli keygen
|
|
78
78
|
```
|
|
79
79
|
|
|
80
80
|
### 4. Cryptographically Sign the Manifest
|
|
81
81
|
Lock down the rules to prevent unauthorized changes in your CI/CD pipeline.
|
|
82
|
-
```
|
|
82
|
+
```text
|
|
83
83
|
dpdp-cli sign --config ./compliance.worker.yml --key ./worker.pkcs8.key
|
|
84
84
|
```
|
|
85
85
|
|
|
86
86
|
### 5. Simulate an Erasure (Dry-Run)
|
|
87
87
|
Test the erasure on a specific user. This command runs entirely within an isolated transaction that is automatically rolled back, so it is 100% safe.
|
|
88
|
-
```
|
|
88
|
+
```text
|
|
89
89
|
dpdp-cli dry-run --id "user_12345" --url "postgres://user:pass@localhost:5432/app_db" --config ./compliance.worker.yml
|
|
90
90
|
```
|
|
91
91
|
|
|
@@ -95,7 +95,7 @@ dpdp-cli dry-run --id "user_12345" --url "postgres://user:pass@localhost:5432/ap
|
|
|
95
95
|
|
|
96
96
|
You can use the CLI in your GitHub Actions or GitLab CI to fail builds if a developer modifies the database schema without updating the signed compliance manifest:
|
|
97
97
|
|
|
98
|
-
```
|
|
98
|
+
```text
|
|
99
99
|
dpdp-cli check-integrity --url "postgres://..." --config ./compliance.worker.yml
|
|
100
100
|
```
|
|
101
101
|
|