/**
 * Sensitive data masking utilities for logging
 * Detects and replaces PII, private keys, API keys, and other sensitive information with '****'
 */
/**
 * Masks sensitive data in a string
 * @param input - The input string to mask
 * @returns The masked string with sensitive data replaced by '****'
 */
export declare function maskString(input: string): string;
/**
 * Masks sensitive data in an object recursively
 * @param obj - The object to mask
 * @param maxDepth - Maximum recursion depth to prevent stack overflow
 * @param currentDepth - Current recursion depth
 * @returns A new object with sensitive data masked
 */
export declare function maskObject<T>(obj: T, maxDepth?: number, currentDepth?: number): T;
/**
 * Configuration for masking behavior
 */
export interface MaskingConfig {
    /** Enable/disable masking entirely */
    enabled: boolean;
    /** Mask email addresses */
    maskEmails: boolean;
    /** Mask SSNs */
    maskSSNs: boolean;
    /** Mask private keys */
    maskPrivateKeys: boolean;
    /** Mask long base64 blobs */
    maskBase64Blobs: boolean;
    /** Mask JWT tokens */
    maskJWTs: boolean;
    /** Maximum recursion depth for object masking */
    maxDepth: number;
    /** Mask API keys (OpenAI, Anthropic, AWS, GitHub, GitLab, Slack, Google Cloud) */
    maskApiKeys: boolean;
    /** Mask Bearer tokens */
    maskBearerTokens: boolean;
    /** Mask passwords (password=value patterns) */
    maskPasswords: boolean;
    /** Mask generic secrets (api_key=, secret=, token= patterns) */
    maskGenericSecrets: boolean;
}
/**
 * Default masking configuration
 */
export declare const defaultMaskingConfig: MaskingConfig;
/**
 * Enhanced masking function that respects configuration
 * @param input - The input to mask
 * @param config - Masking configuration
 * @returns The masked input
 */
export declare function maskWithConfig<T>(input: T, config?: MaskingConfig): T;