privacy-brush 0.0.3

package/README.md

@@ -0,0 +1,302 @@
+<h1 align="center" title="PrivacyBrush">🛡️ Priv█cyBr█sh 🖌️</h1>
+
+> **Terminal Output Masking Tool | Safely Share Logs by Hiding Sensitive Information**
+
+[![npm version](https://img.shields.io/npm/v/privacy-brush.svg)](https://www.npmjs.com/package/privacy-brush)
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+[![Typecheck](https://github.com/legend80s/privacy-brush/actions/workflows/typecheck.yml/badge.svg?branch=master)](https://github.com/legend80s/privacy-brush/actions/workflows/typecheck.yml)
+
+<p align="center">
+  <img src="https://raw.githubusercontent.com/legend80s/privacy-brush/main/docs/demo.gif" alt="PrivacyBrush Demo" width="800">
+</p>
+
+## ✨ Features
+
+- 🎯 **Smart Detection** - Auto-detects 20+ sensitive information patterns
+- 🔧 **Highly Configurable** - Custom masking rules and characters
+- ⚡ **High Performance** - Stream processing for large files
+- 🛡️ **Privacy First** - Local processing only, no data leaves your machine
+- 📦 **Multiple Formats** - CLI, API, Stream, File processing
+- 🌐 **Multi-language** - Supports English, Chinese, and other log formats
+- 🎨 **Customizable** - Add your own sensitive patterns
+
+## 🚀 Quick Start
+
+### Basic Usage
+
+```bash
+# Direct terminal output processing
+flutter devices | pnpx privacy-brush
+flutter doctor | pnpx privacy-brush
+
+# Process files
+privacy-brush input.log -o masked.log
+
+# Real-time command output
+echo 'Microsoft Windows [Version 10.0.12345.6785]' | privacy-brush
+```
+
+### In Your Node.js Project
+
+```javascript
+// Or ES Module
+import { PrivacyBrush } from 'privacy-brush';
+
+// Create instance
+const brush = new PrivacyBrush();
+
+// Process text
+const sensitiveText = `Windows [Version 10.0.12345.1234]
+Chrome 144.0.1234.12
+User IP: 192.123.1.123`;
+
+const safeText = brush.maskText(sensitiveText);
+console.log(safeText);
+
+// Output:
+// Windows [Version 10.█.█████.████]
+// Chrome 144.█.████.██
+// User IP: 192.███.█.███
+```
+
+## 📖 Examples
+
+### Example 1: Process Flutter Output
+
+**Original:**
+
+```bash
+❯ flutter devices
+Found 4 connected devices:
+  Windows (desktop) • windows • windows-x64 • Microsoft Windows [Version 10.0.12345.1234]
+  Chrome (web) • chrome • web-javascript • Google Chrome 144.0.1234.60
+```
+
+**After PrivacyBrush:**
+
+```bash
+❯ flutter devices | privacy-brush
+Found 4 connected devices:
+  Windows (desktop) • windows • windows-x64 • Microsoft Windows [Version 10.█.█████.████]
+  Chrome (web) • chrome • web-javascript • Google Chrome 144.█.████.██
+```
+
+### Example 2: Process Node.js Debug Logs
+
+```javascript
+const masker = new PrivacyBrush({
+  maskChar: '*',
+  preserveFirstPart: false
+});
+
+const debugLog = `
+DEBUG: User login from IP 192.168.1.100
+DEBUG: Session ID: abc123def456
+DEBUG: Browser: Chrome/144.0.1234.60
+DEBUG: OS: Windows 10.0.12345
+`;
+
+console.log(masker.mask(debugLog));
+// Output:
+// DEBUG: User login from IP ***.***.*.***
+// DEBUG: Session ID: ************
+// DEBUG: Browser: Chrome/***.*.***.**
+// DEBUG: OS: Windows **.*.*****
+```
+
+## ⚙️ Configuration
+
+### CLI Options
+
+```bash
+# Basic usage
+privacy-brush [input-file] [options]
+
+# Options
+--output, -o <file>      Output to file
+--char, -c <char>        Mask character (default: █)
+--preserve-first         Keep first part of version numbers
+--strict                 Strict mode (mask more info)
+--config <file>          Use config file
+--list-patterns          List all built-in patterns
+--add-pattern <regex>    Add custom regex pattern
+--version                Show version
+--help                   Show help
+```
+
+### JavaScript API Options
+
+```javascript
+const masker = new PrivacyBrush({
+  // Basic config
+  maskChar: '█',           // Mask character
+  preserveFirstPart: true, // Keep first part of versions
+  
+  // Pattern config
+  patterns: {
+    ipAddress: true,
+    macAddress: true,
+    email: true,
+    phone: true,
+    creditCard: true,
+    jwtToken: true,
+    apiKey: true,
+    
+    osVersion: true,
+    browserVersion: true,
+    appVersion: true,
+    
+    deviceId: true,
+    serialNumber: true,
+    
+    filePaths: false,     // Don't mask file paths
+    localhost: false      // Don't mask localhost
+  },
+  
+  // Custom patterns
+  customPatterns: [
+    {
+      name: 'custom-id',
+      regex: /ID-\d{6}/g,
+      mask: 'ID-******'
+    }
+  ]
+});
+```
+
+## 🔧 Built-in Patterns
+
+PrivacyBrush includes 20+ pre-configured sensitive information patterns:
+
+### 🔐 Personal Information
+
+- Email addresses `user@example.com` → `***@example.com`
+- Phone numbers `13800138000` → `138****8000`
+- ID numbers `110101199001011234` → `110101********1234`
+
+### 💻 Technical Information
+
+- IP addresses `192.168.1.100` → `192.168.*.*`
+- MAC addresses `00:1A:2B:3C:4D:5E` → `00:**:**:**:**:**`
+- Port numbers `:8080` → `:****`
+- API keys `sk_live_1234567890` → `sk_live_********`
+
+### 🖥️ System & Browser
+
+- Windows versions `10.0.12345.1234` → `10.███.███.███`
+- Chrome versions `144.0.1234.60` → `144.███.███.███`
+- Android versions `Android 16` → `Android ██`
+
+### 🏢 Business Data
+
+- Credit cards `4111 1111 1111 1111` → `4111 **** **** 1111`
+- JWT tokens `eyJhbGciOiJIUzI1...` → `eyJ********...`
+- Session IDs `session-abc123def456` → `session-************`
+
+## 🛠️ Advanced Usage
+
+### Stream Processing for Large Files
+
+```javascript
+const fs = require('fs');
+const { createMaskStream } = require('privacy-brush');
+
+const inputStream = fs.createReadStream('huge.log');
+const maskStream = createMaskStream();
+
+inputStream
+  .pipe(maskStream)
+  .pipe(fs.createWriteStream('masked-huge.log'))
+  .on('finish', () => {
+    console.log('Large file processing completed!');
+  });
+```
+
+### Express.js Integration
+
+```javascript
+const express = require('express');
+const { PrivacyBrush } = require('privacy-brush');
+const app = express();
+const masker = new PrivacyBrush();
+
+// Middleware: auto-mask sensitive info in responses
+app.use((req, res, next) => {
+  const originalSend = res.send;
+  res.send = function(body) {
+    if (typeof body === 'string' && body.includes('sensitive')) {
+      body = masker.mask(body);
+    }
+    originalSend.call(this, body);
+  };
+  next();
+});
+```
+
+### Git Hook Integration
+
+```bash
+#!/bin/bash
+# .git/hooks/pre-commit
+
+for file in $(git diff --cached --name-only | grep -E '\.(log|txt|json)$'); do
+  if privacy-brush --check "$file"; then
+    echo "❌ File $file contains unmasked sensitive information"
+    echo "Use: privacy-brush $file -o $file && git add $file"
+    exit 1
+  fi
+done
+```
+
+## 📁 Configuration File
+
+Create `privacy-brush.config.json`:
+
+```json
+{
+  "maskChar": "█",
+  "preserveFirstPart": true,
+  "patterns": {
+    "ipAddress": true,
+    "email": true,
+    "phone": true,
+    "osVersion": true,
+    "browserVersion": true
+  },
+  "customPatterns": [
+    {
+      "name": "project-api-key",
+      "regex": "PROJECT_API_KEY=\\w{32}",
+      "mask": "PROJECT_API_KEY=******************************"
+    }
+  ]
+}
+```
+
+## 🤝 Contributing
+
+We welcome contributions! See [CONTRIBUTING.md](CONTRIBUTING.md) for details.
+
+1. Fork the repository
+2. Create a feature branch (`git checkout -b feature/amazing-feature`)
+3. Commit changes (`git commit -m 'Add amazing feature'`)
+4. Push to branch (`git push origin feature/amazing-feature`)
+5. Open a Pull Request
+
+## 📄 License
+
+MIT License © 2024 PrivacyBrush Contributors
+
+## 📞 Support
+
+- 📧 Email: <support@privacy-brush.dev>
+- 🐛 [Issue Tracker](https://github.com/legend80s/privacy-brush/issues)
+- 💬 [Discussions](https://github.com/legend80s/privacy-brush/discussions)
+- 📖 [Documentation](https://privacy-brush.dev/docs)
+
+---
+
+<p align="center">
+  <strong>Share Safely, Start with PrivacyBrush</strong><br>
+  <sub>Protect privacy, communicate with confidence</sub>
+</p>

package/biome.json

@@ -0,0 +1,36 @@
+{
+	"$schema": "https://biomejs.dev/schemas/2.0.4/schema.json",
+	"vcs": {
+		"enabled": false,
+		"clientKind": "git",
+		"useIgnoreFile": false
+	},
+	"files": {
+		"ignoreUnknown": false
+	},
+	"formatter": {
+		"enabled": true,
+		"indentStyle": "space"
+	},
+	"linter": {
+		"enabled": true,
+		"rules": {
+			"recommended": true
+		}
+	},
+	"javascript": {
+		"formatter": {
+			"arrowParentheses": "asNeeded",
+			"semicolons": "asNeeded",
+			"quoteStyle": "double"
+		}
+	},
+	"assist": {
+		"enabled": true,
+		"actions": {
+			"source": {
+				"organizeImports": "on"
+			}
+		}
+	}
+}

package/package.json

@@ -0,0 +1,26 @@
+{
+  "name": "privacy-brush",
+  "version": "0.0.3",
+  "description": "Automatically  mask sensitive information in terminal outputs and logs. Keep your data safe when sharing.",
+  "main": "src/index.mjs",
+  "module": "src/index.mjs",
+  "bin": "src/cli.mjs",
+  "scripts": {
+    "test": "node --test",
+    "typecheck": "tsgo --noEmit",
+    "check": "npm run typecheck && npm run test",
+    "========== Publishing ==========": "",
+    "pub:patch": "npm version patch",
+    "pub:minor": "npm version minor",
+    "pub:major": "npm version major",
+    "preversion": "git pull && git push origin HEAD && pnpm i && npm run check",
+    "postversion": "npm publish && git push origin HEAD && git push --tags",
+    "publishd": "npm publish --dry-run"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "devDependencies": {
+    "@types/node": "^25.0.10"
+  }
+}

package/src/cli.mjs

@@ -0,0 +1,116 @@
+import { parseArgs } from "node:util"
+import { PrivacyBrush } from "./index.mjs"
+
+// 流式处理：将 stdin 通过 masker 的 Transform 流处理后输出到 stdout
+// Usage: some_command | node src/cli.mjs
+// Example 1: echo "password" | node src/cli.mjs
+// Example 2: flutter devices | node src/cli.mjs
+// Example 3: ❯ echo 'Microsoft Windows [版本 10.0.12345.6785]' | node src/cli.mjs
+// => Microsoft Windows [版本 10.█.█████.████]
+// Example 4: ❯ node src/cli.mjs
+// Input: Microsoft Windows [版本 10.0.12345.6785]
+// Output: Microsoft Windows [版本 10.█.█████.████]
+
+// get config from command line arguments use native `parseArgs`
+// node src/cli.mjs --mask X --preserve-first false
+const args = process.argv.slice(2)
+// console.log("args:", args) // args: [ '--mask', 'X', '--preserve-first', 'false' ]
+
+const verbose = args.includes("--verbose")
+
+const [err, result] = safeCall(() =>
+  parseArgs({
+    allowPositionals: true,
+    allowNegative: true,
+
+    args,
+
+    options: {
+      mask: {
+        type: "string",
+        short: "m",
+        default: "█",
+      },
+      "preserve-first": {
+        type: "boolean",
+        short: "p",
+        default: true,
+      },
+      // help
+      help: {
+        type: "boolean",
+        short: "h",
+      },
+      // verbose
+      verbose: {
+        type: "boolean",
+      },
+    },
+  }),
+)
+
+await main()
+
+async function main() {
+  if (err) {
+    console.error(verbose ? err : String(err))
+    console.error()
+    printHelp()
+
+    process.exit(1)
+  }
+
+  const { values } = result
+
+  if (values.help) {
+    printHelp()
+    process.exit(0)
+  }
+
+  // console.log("values:", values)
+  // console.log("positionals:", positionals)
+
+  const config = values
+
+  const masker = new PrivacyBrush({
+    maskChar: config.mask,
+    preserveFirstPart: config["preserve-first"],
+  })
+  const maskStream = await masker.createMaskStream()
+
+  // 检查 stdin 是否连接到管道（有数据输入）
+  const isPipedInput = !process.stdin.isTTY
+
+  // 如果不是管道输入（交互模式），才显示提示
+  if (!isPipedInput) {
+    process.stdout.write("Input (Press Ctrl+C to exit...):\n")
+  }
+
+  // 处理所有数据
+  process.stdin.pipe(maskStream).pipe(process.stdout)
+}
+/**
+ * @template T
+ * @param {(...args: any[]) => T} fn
+ * @returns {[null, T] | [Error, null]}
+ */
+function safeCall(fn) {
+  try {
+    const result = fn()
+    return [null, result]
+  } catch (error) {
+    // @ts-expect-error
+    return [error, null]
+  }
+}
+
+function printHelp() {
+  console.log(`Usage: node src/cli.mjs [options]
+
+Options:
+  --mask, -m                Character to use for masking (default: "█")
+  --preserve-first, -p   Whether to preserve the first part of version numbers (default: true, \`--no-preserve-first\` to false)
+  --help, -h                Show this help message (default: false)
+  --verbose                 Enable verbose output (default: false)
+`)
+}

package/src/cli.test.mjs

@@ -0,0 +1,28 @@
+// 流式处理
+
+import { strict as assert } from "node:assert"
+import { execSync } from "node:child_process"
+import { test } from "node:test"
+
+test("❯ echo 'Microsoft Windows [Version 10.0.12345.6785]' | node src/cli.mjs", async () => {
+  const actual = execSync(
+    "echo Microsoft Windows [Version 10.0.12345.6785] | node src/cli.mjs",
+  ).toString("utf8")
+
+  // console.log(`actual:|${actual}|`)
+
+  const expected = "Microsoft Windows [Version 10.█.█████.████] \r\n"
+  assert.strictEqual(actual, expected)
+})
+
+test("--mask", async () => {
+  const actual = execSync(
+    'echo Microsoft Windows [Version 10.0.12345.6785] | node src/cli.mjs --mask "🔒" --no-preserve-first',
+  ).toString("utf8")
+
+  // console.log(`actual:|${actual}|`)
+
+  const expected =
+    "Microsoft Windows [Version 🔒🔒.🔒.🔒🔒🔒🔒🔒.🔒🔒🔒🔒] \r\n"
+  assert.strictEqual(actual, expected)
+})

package/src/index.mjs

@@ -0,0 +1,162 @@
+/** @import { IConfig, IPattern, IPatternName } from "./type.js" */
+
+import { defaultConfig } from "./lib/config.mjs"
+
+export class PrivacyBrush {
+  /**
+   * @param {IConfig} [config]
+   */
+  constructor(config) {
+    this.config = {
+      ...defaultConfig,
+      ...config,
+    }
+  }
+
+  get defaultSensitivePatterns() {
+    /** @type {IPattern[]} */
+    const allPatterns = [
+      // 操作系统版本 (Windows 10.0.19045.6456)
+      {
+        /** @type {IPatternName} */
+        name: "windows_version",
+        // match both Chinese "版本" and English "Version"
+        regex: /(\[(?:版本|Version)\s+)(\d+\.\d+\.\d+\.\d+)(\])/i,
+        /**
+         * Handle windows version masking.
+         * @param {string} match
+         * @param {string} prefix
+         * @param {string} version
+         * @param {string} suffix
+         * @returns {string}
+         */
+        replacer: (match, prefix, version, suffix) => {
+          return prefix + this.maskVersion(version) + suffix
+        },
+      },
+
+      // 浏览器版本 (Chrome 144.0.7559.60)
+      {
+        /** @type {IPatternName} */
+        name: "browser_version",
+        regex: /(Chrome|Edge)\s+(\d+\.\d+\.\d+\.\d+)/gi,
+        /**
+         * Handle browser version masking.
+         * @param {string} match
+         * @param {string} browser
+         * @param {string} version
+         * @returns {string}
+         */
+        replacer: (match, browser, version) => {
+          return `${browser} ${this.maskVersion(version)}`
+        },
+      },
+
+      // IP地址
+      {
+        /** @type {IPatternName} */
+        name: "ip_address",
+        regex: /\b(\d{1,3}\.){3}\d{1,3}\b/g,
+        /**
+         * Handle IP address masking.
+         * @param {string} match
+         * @returns {string}
+         */
+        replacer: match => {
+          return this.maskVersion(match)
+        },
+      },
+    ]
+
+    return allPatterns
+  }
+
+  get maskChar() {
+    return this.config.maskChar ?? defaultConfig.maskChar
+  }
+
+  /**
+   *
+   * @returns {IPattern[]}
+   */
+  get sensitivePatterns() {
+    return this.defaultSensitivePatterns.filter(({ name }) =>
+      this.config.maskPatternNames?.includes(name),
+    )
+  }
+
+  /**
+   * Mask a version string.
+   * @param {string} version
+   * @returns {string}
+   */
+  maskVersion(version) {
+    const parts = version.split(".")
+
+    if (!this.config.preserveFirstPart) {
+      return parts.map(part => this.maskChar.repeat(part.length)).join(".")
+    }
+
+    return parts
+      .map((part, index) => {
+        return index === 0 ? part : this.maskChar.repeat(part.length)
+      })
+      .join(".")
+  }
+
+  /**
+   *
+   * @param {string} text
+   * @returns
+   */
+  maskText(text) {
+    let result = text
+
+    this.sensitivePatterns.forEach(pattern => {
+      result = result.replace(pattern.regex, pattern.replacer)
+    })
+
+    return result
+  }
+
+  /**
+   * 批量处理文件
+   * @param {string} inputPath
+   * @param {string} outputPath
+   * @returns
+   */
+  maskFile(inputPath, outputPath) {
+    try {
+      const fs = require("node:fs")
+
+      const content = fs.readFileSync(inputPath, "utf8")
+      const maskedContent = this.maskText(content)
+
+      if (outputPath) {
+        fs.writeFileSync(outputPath, maskedContent, "utf8")
+        console.log(`Masked file saved to: ${outputPath}`)
+      }
+
+      return maskedContent
+    } catch (error) {
+      console.error(
+        "Error processing file:",
+        error instanceof Error ? error.message : String(error),
+      )
+      throw error
+    }
+  }
+
+  // 实时流处理
+  async createMaskStream() {
+    const { Transform } = await import("node:stream")
+
+    return new Transform({
+      transform: (chunk, encoding, callback) => {
+        const text = String(chunk)
+        const masked = this.maskText(text)
+        callback(null, masked)
+      },
+    })
+  }
+}