npm - llm-mask - Versions diffs - 0.3.0 - Mend

llm-mask 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (88) hide show

package/.github/workflows/llm-mask-check.yml +62 -0
package/LICENSE +21 -0
package/README.md +549 -0
package/dist/audit.d.ts +56 -0
package/dist/audit.d.ts.map +1 -0
package/dist/audit.js +90 -0
package/dist/audit.js.map +1 -0
package/dist/cli-old.d.ts +12 -0
package/dist/cli-old.d.ts.map +1 -0
package/dist/cli-old.js +257 -0
package/dist/cli-old.js.map +1 -0
package/dist/cli.d.ts +19 -0
package/dist/cli.d.ts.map +1 -0
package/dist/cli.js +197 -0
package/dist/cli.js.map +1 -0
package/dist/commands.d.ts +9 -0
package/dist/commands.d.ts.map +1 -0
package/dist/commands.js +121 -0
package/dist/commands.js.map +1 -0
package/dist/config.d.ts +38 -0
package/dist/config.d.ts.map +1 -0
package/dist/config.js +81 -0
package/dist/config.js.map +1 -0
package/dist/context-detection.d.ts +54 -0
package/dist/context-detection.d.ts.map +1 -0
package/dist/context-detection.js +219 -0
package/dist/context-detection.js.map +1 -0
package/dist/diff-masking.d.ts +51 -0
package/dist/diff-masking.d.ts.map +1 -0
package/dist/diff-masking.js +121 -0
package/dist/diff-masking.js.map +1 -0
package/dist/executor.d.ts +105 -0
package/dist/executor.d.ts.map +1 -0
package/dist/executor.js +250 -0
package/dist/executor.js.map +1 -0
package/dist/executor.test.d.ts +5 -0
package/dist/executor.test.d.ts.map +1 -0
package/dist/executor.test.js +500 -0
package/dist/executor.test.js.map +1 -0
package/dist/features.test.d.ts +5 -0
package/dist/features.test.d.ts.map +1 -0
package/dist/features.test.js +118 -0
package/dist/features.test.js.map +1 -0
package/dist/formatter.d.ts +54 -0
package/dist/formatter.d.ts.map +1 -0
package/dist/formatter.js +139 -0
package/dist/formatter.js.map +1 -0
package/dist/index.d.ts +36 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +37 -0
package/dist/index.js.map +1 -0
package/dist/language-patterns.d.ts +39 -0
package/dist/language-patterns.d.ts.map +1 -0
package/dist/language-patterns.js +177 -0
package/dist/language-patterns.js.map +1 -0
package/dist/masker.d.ts +100 -0
package/dist/masker.d.ts.map +1 -0
package/dist/masker.js +255 -0
package/dist/masker.js.map +1 -0
package/dist/masker.test.d.ts +11 -0
package/dist/masker.test.d.ts.map +1 -0
package/dist/masker.test.js +162 -0
package/dist/masker.test.js.map +1 -0
package/dist/mcp-server.d.ts +9 -0
package/dist/mcp-server.d.ts.map +1 -0
package/dist/mcp-server.js +494 -0
package/dist/mcp-server.js.map +1 -0
package/dist/patterns.d.ts +25 -0
package/dist/patterns.d.ts.map +1 -0
package/dist/patterns.js +184 -0
package/dist/patterns.js.map +1 -0
package/dist/scanner.d.ts +75 -0
package/dist/scanner.d.ts.map +1 -0
package/dist/scanner.js +247 -0
package/dist/scanner.js.map +1 -0
package/dist/test-utils.d.ts +5 -0
package/dist/test-utils.d.ts.map +1 -0
package/dist/test-utils.js +6 -0
package/dist/test-utils.js.map +1 -0
package/dist/tokenizer.d.ts +62 -0
package/dist/tokenizer.d.ts.map +1 -0
package/dist/tokenizer.js +95 -0
package/dist/tokenizer.js.map +1 -0
package/dist/types.d.ts +63 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +16 -0
package/dist/types.js.map +1 -0
package/package.json +60 -0

package/dist/mcp-server.js ADDED Viewed

@@ -0,0 +1,494 @@
+/**
+ * Enhanced MCP Server for llm-mask
+ *
+ * Provides tools for Claude Code and other AI agents
+ *
+ * New in v0.3: Secure exec tools - run commands without exposing credentials to LLM
+ */
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { CallToolRequestSchema, ListToolsRequestSchema } from '@modelcontextprotocol/sdk/types.js';
+import { DataMasker } from './masker.js';
+import { Scanner } from './scanner.js';
+import { DiffMasker } from './diff-masking.js';
+import { ContextMasker } from './context-detection.js';
+import { BUILTIN_PATTERNS } from './patterns.js';
+import { SecureExecutor } from './executor.js';
+const masker = new DataMasker();
+const scanner = new Scanner();
+const diffMasker = new DiffMasker();
+const contextMasker = new ContextMasker();
+const executor = new SecureExecutor();
+const TOOLS = [
+    // === Original masking tools ===
+    {
+        name: 'mask_data',
+        description: `Mask sensitive data (API keys, emails, IPs, PII) before sending to LLM.`,
+        inputSchema: {
+            type: 'object',
+            properties: {
+                text: {
+                    type: 'string',
+                    description: 'The text to mask'
+                },
+                level: {
+                    type: 'string',
+                    enum: ['basic', 'standard', 'aggressive']
+                },
+                preserveFormat: {
+                    type: 'boolean',
+                    description: 'Preserve format (j***@a***.com instead of [EMAIL_1])'
+                }
+            },
+            required: ['text']
+        }
+    },
+    {
+        name: 'check_masking',
+        description: 'Dry-run: Check what WOULD be masked.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                text: { type: 'string' },
+                level: { type: 'string', enum: ['basic', 'standard', 'aggressive'] }
+            },
+            required: ['text']
+        }
+    },
+    {
+        name: 'scan_directory',
+        description: 'Scan a directory for sensitive data (secrets, API keys, PII).',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                directory: { type: 'string' },
+                level: { type: 'string', enum: ['basic', 'standard', 'aggressive'] },
+                extensions: { type: 'string' }
+            },
+            required: ['directory']
+        }
+    },
+    {
+        name: 'mask_diff',
+        description: 'Mask git diff output for safe LLM code review.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                base: { type: 'string' },
+                head: { type: 'string' },
+                path: { type: 'string' },
+                level: { type: 'string', enum: ['basic', 'standard', 'aggressive'] }
+            }
+        }
+    },
+    {
+        name: 'mask_context',
+        description: `Context-aware masking - detects SQL, JSON, YAML and masks only values while preserving structure.`,
+        inputSchema: {
+            type: 'object',
+            properties: {
+                text: { type: 'string' }
+            },
+            required: ['text']
+        }
+    },
+    {
+        name: 'list_patterns',
+        description: 'List all available masking patterns.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                filter: { type: 'string' }
+            }
+        }
+    },
+    {
+        name: 'clear_mappings',
+        description: 'Clear all in-memory mappings.',
+        inputSchema: {
+            type: 'object',
+            properties: {}
+        }
+    },
+    // === NEW: Secure exec tools ===
+    {
+        name: 'exec_redacted',
+        description: `Execute a command and return redacted output (safe for LLM).
+IMPORTANT: The command executes with REAL credentials, but the output
+is redacted before the LLM sees it. Useful for:
+- Running kubectl to inspect clusters
+- Running commands that might output secrets
+- Executing scripts with sensitive output
+The LLM never sees: actual passwords, API keys, IPs, etc.
+The command still works: credentials are functional`,
+        inputSchema: {
+            type: 'object',
+            properties: {
+                command: {
+                    type: 'string',
+                    description: 'Command to execute (e.g., "kubectl", "cat", "ls")'
+                },
+                args: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'Command arguments'
+                },
+                cwd: {
+                    type: 'string',
+                    description: 'Working directory'
+                },
+                timeout: {
+                    type: 'number',
+                    description: 'Timeout in milliseconds (default: 30000)'
+                },
+                level: {
+                    type: 'string',
+                    enum: ['basic', 'standard', 'aggressive'],
+                    description: 'Redaction level'
+                },
+                preserveFormat: {
+                    type: 'boolean',
+                    description: 'Preserve format in redacted output'
+                },
+                includeStderr: {
+                    type: 'boolean',
+                    description: 'Include stderr in output'
+                }
+            },
+            required: ['command']
+        }
+    },
+    {
+        name: 'kube_exec',
+        description: `Execute kubectl commands with redacted output.
+Supports:
+- Regular kubectl commands (get, describe, apply, etc.)
+- Pod exec (run commands in containers)
+- All kubectl flags (--namespace, --context, etc.)
+Example: { "command": "get", "args": ["pods", "-o", "wide"] }`,
+        inputSchema: {
+            type: 'object',
+            properties: {
+                args: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'kubectl arguments (e.g., ["get", "pods", "-o", "wide"])'
+                },
+                namespace: {
+                    type: 'string',
+                    description: 'Kubernetes namespace'
+                },
+                context: {
+                    type: 'string',
+                    description: 'kubectl context'
+                },
+                pod: {
+                    type: 'string',
+                    description: 'Pod name (for exec operations)'
+                },
+                container: {
+                    type: 'string',
+                    description: 'Container name (for pod exec)'
+                },
+                remoteCommand: {
+                    type: 'string',
+                    description: 'Command to execute in pod (for pod exec)'
+                },
+                level: {
+                    type: 'string',
+                    enum: ['basic', 'standard', 'aggressive']
+                },
+                preserveFormat: {
+                    type: 'boolean'
+                },
+                timeout: {
+                    type: 'number'
+                }
+            },
+            required: ['args']
+        }
+    },
+    {
+        name: 'ssh_exec',
+        description: `Execute SSH commands with redacted output.
+Supports:
+- Remote command execution
+- Custom identity files
+- Port and user specification
+- All SSH options
+Example: { "host": "server.example.com", "command": "ls -la /etc" }`,
+        inputSchema: {
+            type: 'object',
+            properties: {
+                host: {
+                    type: 'string',
+                    description: 'SSH host (required)'
+                },
+                user: {
+                    type: 'string',
+                    description: 'SSH user'
+                },
+                port: {
+                    type: 'number',
+                    description: 'SSH port'
+                },
+                identity: {
+                    type: 'string',
+                    description: 'Path to private key file'
+                },
+                command: {
+                    type: 'string',
+                    description: 'Command to execute on remote host'
+                },
+                level: {
+                    type: 'string',
+                    enum: ['basic', 'standard', 'aggressive']
+                },
+                preserveFormat: {
+                    type: 'boolean'
+                },
+                timeout: {
+                    type: 'number'
+                }
+            },
+            required: ['host']
+        }
+    }
+];
+const server = new Server({
+    name: 'llm-mask',
+    version: '0.3.0'
+}, {
+    capabilities: {
+        tools: {}
+    }
+});
+server.setRequestHandler(ListToolsRequestSchema, async () => {
+    return { tools: TOOLS };
+});
+server.setRequestHandler(CallToolRequestSchema, async (request) => {
+    const { name, arguments: args } = request.params;
+    try {
+        switch (name) {
+            // === Masking tools ===
+            case 'mask_data': {
+                const text = args?.text;
+                const result = masker.mask(text, {
+                    level: args?.level || 'standard',
+                    preserveFormat: args?.preserveFormat || false
+                });
+                return {
+                    content: [{
+                            type: 'text',
+                            text: JSON.stringify({
+                                masked: result.masked,
+                                stats: result.stats
+                            }, null, 2)
+                        }]
+                };
+            }
+            case 'check_masking': {
+                const text = args?.text;
+                const result = masker.mask(text, { level: args?.level || 'standard' });
+                return {
+                    content: [{
+                            type: 'text',
+                            text: JSON.stringify({
+                                wouldMask: result.stats
+                            }, null, 2)
+                        }]
+                };
+            }
+            case 'scan_directory': {
+                const report = await scanner.scan(args?.directory || '.');
+                return {
+                    content: [{
+                            type: 'text',
+                            text: JSON.stringify({
+                                scans: report.scans,
+                                summary: report.summary,
+                                findings: report.findings.slice(0, 50)
+                            }, null, 2)
+                        }]
+                };
+            }
+            case 'mask_diff': {
+                const result = diffMasker.maskDiff({
+                    base: args?.base,
+                    head: args?.head,
+                    level: args?.level || 'standard',
+                    path: args?.path
+                });
+                return {
+                    content: [{
+                            type: 'text',
+                            text: JSON.stringify({
+                                maskedDiff: result.maskedDiff,
+                                stats: result.stats
+                            }, null, 2)
+                        }]
+                };
+            }
+            case 'mask_context': {
+                const text = args?.text;
+                const result = contextMasker.mask(text);
+                return {
+                    content: [{
+                            type: 'text',
+                            text: JSON.stringify({
+                                masked: result.masked,
+                                context: result.context,
+                                stats: result.stats
+                            }, null, 2)
+                        }]
+                };
+            }
+            case 'list_patterns': {
+                const filter = args?.filter;
+                let patterns = BUILTIN_PATTERNS;
+                if (filter) {
+                    patterns = patterns.filter(p => p.name.includes(filter));
+                }
+                return {
+                    content: [{
+                            type: 'text',
+                            text: JSON.stringify({
+                                patterns: patterns.map(p => ({
+                                    name: p.name,
+                                    priority: p.priority,
+                                    example: p.placeholder(1)
+                                })),
+                                total: patterns.length
+                            }, null, 2)
+                        }]
+                };
+            }
+            case 'clear_mappings': {
+                const count = masker.getMappingCount();
+                masker.clear();
+                return {
+                    content: [{
+                            type: 'text',
+                            text: JSON.stringify({
+                                cleared: true,
+                                mappingsRemoved: count
+                            }, null, 2)
+                        }]
+                };
+            }
+            // === NEW: Secure exec tools ===
+            case 'exec_redacted': {
+                const result = await executor.exec({
+                    command: args?.command,
+                    args: args?.args,
+                    cwd: args?.cwd,
+                    timeout: args?.timeout,
+                    level: args?.level || 'standard',
+                    preserveFormat: args?.preserveFormat || false,
+                    includeStderr: args?.includeStderr !== false
+                });
+                return {
+                    content: [{
+                            type: 'text',
+                            text: JSON.stringify({
+                                redacted: {
+                                    output: result.redacted.stdout,
+                                    stderr: result.redacted.stderr,
+                                    stats: result.redacted.stats
+                                },
+                                exitCode: result.exitCode,
+                                signal: result.signal,
+                                timedOut: result.timedOut,
+                                warning: 'Original output contains sensitive data and was redacted'
+                            }, null, 2)
+                        }]
+                };
+            }
+            case 'kube_exec': {
+                const result = await executor.kubectl({
+                    args: args?.args,
+                    namespace: args?.namespace,
+                    context: args?.context,
+                    pod: args?.pod,
+                    container: args?.container,
+                    execCommand: args?.remoteCommand,
+                    level: args?.level || 'standard',
+                    preserveFormat: args?.preserveFormat || false,
+                    timeout: args?.timeout
+                });
+                return {
+                    content: [{
+                            type: 'text',
+                            text: JSON.stringify({
+                                redacted: {
+                                    output: result.redacted.stdout,
+                                    stderr: result.redacted.stderr,
+                                    stats: result.redacted.stats
+                                },
+                                exitCode: result.exitCode,
+                                signal: result.signal,
+                                timedOut: result.timedOut
+                            }, null, 2)
+                        }]
+                };
+            }
+            case 'ssh_exec': {
+                const result = await executor.ssh({
+                    host: args?.host,
+                    user: args?.user,
+                    port: args?.port,
+                    identity: args?.identity,
+                    remoteCommand: args?.command,
+                    level: args?.level || 'standard',
+                    preserveFormat: args?.preserveFormat || false,
+                    timeout: args?.timeout
+                });
+                return {
+                    content: [{
+                            type: 'text',
+                            text: JSON.stringify({
+                                redacted: {
+                                    output: result.redacted.stdout,
+                                    stderr: result.redacted.stderr,
+                                    stats: result.redacted.stats
+                                },
+                                exitCode: result.exitCode,
+                                signal: result.signal,
+                                timedOut: result.timedOut
+                            }, null, 2)
+                        }]
+                };
+            }
+            default:
+                throw new Error(`Unknown tool: ${name}`);
+        }
+    }
+    catch (error) {
+        return {
+            content: [{
+                    type: 'text',
+                    text: JSON.stringify({
+                        error: error instanceof Error ? error.message : String(error),
+                        tool: name
+                    })
+                }],
+            isError: true
+        };
+    }
+});
+async function main() {
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    console.error('llm-mask MCP server running (v0.3.0)');
+}
+main().catch((error) => {
+    console.error('Fatal error:', error);
+    process.exit(1);
+});
+//# sourceMappingURL=mcp-server.js.map

package/dist/mcp-server.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mcp-server.js","sourceRoot":"","sources":["../src/mcp-server.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAA;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAA;AAChF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EAEvB,MAAM,oCAAoC,CAAA;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAA;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAA;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAA;AAE9C,MAAM,MAAM,GAAG,IAAI,UAAU,EAAE,CAAA;AAC/B,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAA;AAC7B,MAAM,UAAU,GAAG,IAAI,UAAU,EAAE,CAAA;AACnC,MAAM,aAAa,GAAG,IAAI,aAAa,EAAE,CAAA;AACzC,MAAM,QAAQ,GAAG,IAAI,cAAc,EAAE,CAAA;AAErC,MAAM,KAAK,GAAW;IACpB,iCAAiC;IACjC;QACE,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,yEAAyE;QACtF,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,IAAI,EAAE;oBACJ,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,kBAAkB;iBAChC;gBACD,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC;iBAC1C;gBACD,cAAc,EAAE;oBACd,IAAI,EAAE,SAAS;oBACf,WAAW,EAAE,sDAAsD;iBACpE;aACF;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,sCAAsC;QACnD,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBACxB,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC,EAAE;aACrE;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,+DAA+D;QAC5E,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAC7B,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC,EAAE;gBACpE,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;aAC/B;YACD,QAAQ,EAAE,CAAC,WAAW,CAAC;SACxB;KACF;IACD;QACE,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,gDAAgD;QAC7D,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBACxB,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBACxB,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBACxB,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC,EAAE;aACrE;SACF;KACF;IACD;QACE,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,mGAAmG;QAChH,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;aACzB;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,sCAAsC;QACnD,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;aAC3B;SACF;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,+BAA+B;QAC5C,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE,EAAE;SACf;KACF;IAED,iCAAiC;IACjC;QACE,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE;;;;;;;;;oDASmC;QAChD,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,mDAAmD;iBACjE;gBACD,IAAI,EAAE;oBACJ,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,mBAAmB;iBACjC;gBACD,GAAG,EAAE;oBACH,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,mBAAmB;iBACjC;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,0CAA0C;iBACxD;gBACD,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC;oBACzC,WAAW,EAAE,iBAAiB;iBAC/B;gBACD,cAAc,EAAE;oBACd,IAAI,EAAE,SAAS;oBACf,WAAW,EAAE,oCAAoC;iBAClD;gBACD,aAAa,EAAE;oBACb,IAAI,EAAE,SAAS;oBACf,WAAW,EAAE,0BAA0B;iBACxC;aACF;YACD,QAAQ,EAAE,CAAC,SAAS,CAAC;SACtB;KACF;IACD;QACE,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE;;;;;;;8DAO6C;QAC1D,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,IAAI,EAAE;oBACJ,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,yDAAyD;iBACvE;gBACD,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,sBAAsB;iBACpC;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,iBAAiB;iBAC/B;gBACD,GAAG,EAAE;oBACH,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,gCAAgC;iBAC9C;gBACD,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,+BAA+B;iBAC7C;gBACD,aAAa,EAAE;oBACb,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,0CAA0C;iBACxD;gBACD,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC;iBAC1C;gBACD,cAAc,EAAE;oBACd,IAAI,EAAE,SAAS;iBAChB;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;iBACf;aACF;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE;;;;;;;;oEAQmD;QAChE,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,IAAI,EAAE;oBACJ,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,qBAAqB;iBACnC;gBACD,IAAI,EAAE;oBACJ,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,UAAU;iBACxB;gBACD,IAAI,EAAE;oBACJ,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,UAAU;iBACxB;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,0BAA0B;iBACxC;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,mCAAmC;iBACjD;gBACD,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC;iBAC1C;gBACD,cAAc,EAAE;oBACd,IAAI,EAAE,SAAS;iBAChB;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;iBACf;aACF;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;CACF,CAAA;AAED,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB;IACE,IAAI,EAAE,UAAU;IAChB,OAAO,EAAE,OAAO;CACjB,EACD;IACE,YAAY,EAAE;QACZ,KAAK,EAAE,EAAE;KACV;CACF,CACF,CAAA;AAED,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE;IAC1D,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAA;AACzB,CAAC,CAAC,CAAA;AAEF,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;IAChE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAEhD,IAAI,CAAC;QACH,QAAQ,IAAI,EAAE,CAAC;YACb,wBAAwB;YACxB,KAAK,WAAW,CAAC,CAAC,CAAC;gBACjB,MAAM,IAAI,GAAG,IAAI,EAAE,IAAc,CAAA;gBACjC,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE;oBAC/B,KAAK,EAAG,IAAI,EAAE,KAAa,IAAI,UAAU;oBACzC,cAAc,EAAE,IAAI,EAAE,cAAyB,IAAI,KAAK;iBACzD,CAAC,CAAA;gBAEF,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,MAAM,EAAE,MAAM,CAAC,MAAM;gCACrB,KAAK,EAAE,MAAM,CAAC,KAAK;6BACpB,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ,CAAC;iBACH,CAAA;YACH,CAAC;YAED,KAAK,eAAe,CAAC,CAAC,CAAC;gBACrB,MAAM,IAAI,GAAG,IAAI,EAAE,IAAc,CAAA;gBACjC,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,KAAK,EAAG,IAAI,EAAE,KAAa,IAAI,UAAU,EAAE,CAAC,CAAA;gBAE/E,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,SAAS,EAAE,MAAM,CAAC,KAAK;6BACxB,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ,CAAC;iBACH,CAAA;YACH,CAAC;YAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;gBACtB,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,SAAmB,IAAI,GAAG,CAAC,CAAA;gBACnE,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,KAAK,EAAE,MAAM,CAAC,KAAK;gCACnB,OAAO,EAAE,MAAM,CAAC,OAAO;gCACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;6BACvC,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ,CAAC;iBACH,CAAA;YACH,CAAC;YAED,KAAK,WAAW,CAAC,CAAC,CAAC;gBACjB,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC;oBACjC,IAAI,EAAE,IAAI,EAAE,IAA0B;oBACtC,IAAI,EAAE,IAAI,EAAE,IAA0B;oBACtC,KAAK,EAAG,IAAI,EAAE,KAAa,IAAI,UAAU;oBACzC,IAAI,EAAE,IAAI,EAAE,IAA0B;iBACvC,CAAC,CAAA;gBAEF,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,UAAU,EAAE,MAAM,CAAC,UAAU;gCAC7B,KAAK,EAAE,MAAM,CAAC,KAAK;6BACpB,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ,CAAC;iBACH,CAAA;YACH,CAAC;YAED,KAAK,cAAc,CAAC,CAAC,CAAC;gBACpB,MAAM,IAAI,GAAG,IAAI,EAAE,IAAc,CAAA;gBACjC,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBAEvC,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,MAAM,EAAE,MAAM,CAAC,MAAM;gCACrB,OAAO,EAAE,MAAM,CAAC,OAAO;gCACvB,KAAK,EAAE,MAAM,CAAC,KAAK;6BACpB,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ,CAAC;iBACH,CAAA;YACH,CAAC;YAED,KAAK,eAAe,CAAC,CAAC,CAAC;gBACrB,MAAM,MAAM,GAAG,IAAI,EAAE,MAA4B,CAAA;gBACjD,IAAI,QAAQ,GAAG,gBAAgB,CAAA;gBAC/B,IAAI,MAAM,EAAE,CAAC;oBACX,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAA;gBAC1D,CAAC;gBAED,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;oCAC3B,IAAI,EAAE,CAAC,CAAC,IAAI;oCACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;oCACpB,OAAO,EAAE,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;iCAC1B,CAAC,CAAC;gCACH,KAAK,EAAE,QAAQ,CAAC,MAAM;6BACvB,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ,CAAC;iBACH,CAAA;YACH,CAAC;YAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;gBACtB,MAAM,KAAK,GAAG,MAAM,CAAC,eAAe,EAAE,CAAA;gBACtC,MAAM,CAAC,KAAK,EAAE,CAAA;gBAEd,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,OAAO,EAAE,IAAI;gCACb,eAAe,EAAE,KAAK;6BACvB,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ,CAAC;iBACH,CAAA;YACH,CAAC;YAED,iCAAiC;YACjC,KAAK,eAAe,CAAC,CAAC,CAAC;gBACrB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC;oBACjC,OAAO,EAAE,IAAI,EAAE,OAAiB;oBAChC,IAAI,EAAE,IAAI,EAAE,IAA4B;oBACxC,GAAG,EAAE,IAAI,EAAE,GAAyB;oBACpC,OAAO,EAAE,IAAI,EAAE,OAA6B;oBAC5C,KAAK,EAAG,IAAI,EAAE,KAAa,IAAI,UAAU;oBACzC,cAAc,EAAE,IAAI,EAAE,cAAyB,IAAI,KAAK;oBACxD,aAAa,EAAE,IAAI,EAAE,aAAwB,KAAK,KAAK;iBACxD,CAAC,CAAA;gBAEF,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,QAAQ,EAAE;oCACR,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;oCAC9B,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;oCAC9B,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,KAAK;iCAC7B;gCACD,QAAQ,EAAE,MAAM,CAAC,QAAQ;gCACzB,MAAM,EAAE,MAAM,CAAC,MAAM;gCACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gCACzB,OAAO,EAAE,0DAA0D;6BACpE,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ,CAAC;iBACH,CAAA;YACH,CAAC;YAED,KAAK,WAAW,CAAC,CAAC,CAAC;gBACjB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;oBACpC,IAAI,EAAE,IAAI,EAAE,IAAgB;oBAC5B,SAAS,EAAE,IAAI,EAAE,SAA+B;oBAChD,OAAO,EAAE,IAAI,EAAE,OAA6B;oBAC5C,GAAG,EAAE,IAAI,EAAE,GAAyB;oBACpC,SAAS,EAAE,IAAI,EAAE,SAA+B;oBAChD,WAAW,EAAE,IAAI,EAAE,aAAmC;oBACtD,KAAK,EAAG,IAAI,EAAE,KAAa,IAAI,UAAU;oBACzC,cAAc,EAAE,IAAI,EAAE,cAAyB,IAAI,KAAK;oBACxD,OAAO,EAAE,IAAI,EAAE,OAA6B;iBAC7C,CAAC,CAAA;gBAEF,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,QAAQ,EAAE;oCACR,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;oCAC9B,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;oCAC9B,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,KAAK;iCAC7B;gCACD,QAAQ,EAAE,MAAM,CAAC,QAAQ;gCACzB,MAAM,EAAE,MAAM,CAAC,MAAM;gCACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;6BAC1B,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ,CAAC;iBACH,CAAA;YACH,CAAC;YAED,KAAK,UAAU,CAAC,CAAC,CAAC;gBAChB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC;oBAChC,IAAI,EAAE,IAAI,EAAE,IAAc;oBAC1B,IAAI,EAAE,IAAI,EAAE,IAA0B;oBACtC,IAAI,EAAE,IAAI,EAAE,IAA0B;oBACtC,QAAQ,EAAE,IAAI,EAAE,QAA8B;oBAC9C,aAAa,EAAE,IAAI,EAAE,OAA6B;oBAClD,KAAK,EAAG,IAAI,EAAE,KAAa,IAAI,UAAU;oBACzC,cAAc,EAAE,IAAI,EAAE,cAAyB,IAAI,KAAK;oBACxD,OAAO,EAAE,IAAI,EAAE,OAA6B;iBAC7C,CAAC,CAAA;gBAEF,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,QAAQ,EAAE;oCACR,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;oCAC9B,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;oCAC9B,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,KAAK;iCAC7B;gCACD,QAAQ,EAAE,MAAM,CAAC,QAAQ;gCACzB,MAAM,EAAE,MAAM,CAAC,MAAM;gCACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;6BAC1B,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ,CAAC;iBACH,CAAA;YACH,CAAC;YAED;gBACE,MAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;wBACnB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;wBAC7D,IAAI,EAAE,IAAI;qBACX,CAAC;iBACH,CAAC;YACF,OAAO,EAAE,IAAI;SACd,CAAA;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,KAAK,UAAU,IAAI;IACjB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAA;IAC5C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IAE/B,OAAO,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAA;AACvD,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAA;IACpC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC,CAAA"}

package/dist/patterns.d.ts ADDED Viewed

@@ -0,0 +1,25 @@
+/**
+ * Built-in masking patterns
+ * These are organized by priority (higher = applied first)
+ */
+import type { MaskPattern } from './types.js';
+/**
+ * Built-in patterns for detecting sensitive data
+ *
+ * Priority order:
+ * 1. API keys and secrets (most specific, most sensitive)
+ * 2. Auth tokens and session IDs
+ * 3. PII (emails, phones, SSNs, credit cards)
+ * 4. Network identifiers (IPs, domains, URLs)
+ * 5. Internal identifiers (UUIDs, potentially-sensitive numbers)
+ */
+export declare const BUILTIN_PATTERNS: MaskPattern[];
+/**
+ * Get patterns by mask level
+ */
+export declare function getPatternsByLevel(level: string): MaskPattern[];
+/**
+ * Get pattern by name
+ */
+export declare function getPatternByName(name: string): MaskPattern | undefined;
+//# sourceMappingURL=patterns.d.ts.map

package/dist/patterns.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../src/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAE7C;;;;;;;;;GASG;AACH,eAAO,MAAM,gBAAgB,EAAE,WAAW,EAuJzC,CAAA;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,WAAW,EAAE,CAc/D;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,WAAW,GAAG,SAAS,CAEtE"}