UNPKG

@atomist/skill/lib/redact.js

Version:

3.46 kBJavaScriptView Raw

1"use strict";
2/*
* Copyright © 2020 Atomist, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*     http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
17Object.defineProperty(exports, "__esModule", { value: true });
18/**
* Default set of regular expressions used to remove sensitive
* information from messages and logs.  The entries are applied in
* order, so more specific regular expressions should be placed
* earlier in the list to avoid a shorter replacement preventing a
* longer replacement from being applied.
*/
25exports.DEFAULT_REDACTION_PATTERNS = [
  {
      regexp: /\b[A-F0-9]{64}\b/g,
      replacement: "[ATOMIST_API_KEY]",
  },
  {
      regexp: /[1-9][0-9]+-[0-9a-zA-Z]{40}/g,
      replacement: "[TWITTER_ACCESS_TOKEN]",
  },
  {
      regexp: /EAACEdEose0cBA[0-9A-Za-z]+/g,
      replacement: "[FACEBOOK_ACCESS_TOKEN]",
  },
  {
      regexp: /AIza[0-9A-Za-z\-_]{35}/g,
      replacement: "[GOOGLE_API_KEY]",
  },
  {
      regexp: /[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com/g,
      replacement: "[GOOGLE_OAUTH_ID]",
  },
  {
      regexp: /sk_live_[0-9a-z]{32}/g,
      replacement: "[PICATIC_API_KEY|",
  },
  {
      regexp: /sk_live_[0-9a-zA-Z]{24}/g,
      replacement: "[STRIPE_REGULAR_API_KEY]",
  },
  {
      regexp: /rk_live_[0-9a-zA-Z]{24}/g,
      replacement: "[STRIPE_RESTRICTED_API_KEY]",
  },
  {
      regexp: /sq0atp-[0-9A-Za-z\-_]{22}/g,
      replacement: "[SQUARE_OAUTH_TOKEN]",
  },
  {
      regexp: /sq0csp-[0-9A-Za-z\-_]{43}/g,
      replacement: "[SQUARE_OAUTH_SECRET]",
  },
  {
      regexp: /access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}/g,
      replacement: "[BRAINTREE_ACCESS_TOKEN]",
  },
  {
      regexp: /amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/g,
      replacement: "[AMAZON_AUTH_TOKEN]",
  },
  {
      regexp: /SK[0-9a-fA-F]{32}/g,
      replacement: "[TWILLIO_API_KEY]",
  },
  {
      regexp: /key-[0-9a-zA-Z]{32}/g,
      replacement: "[MAILGUN_KEY]",
  },
  {
      regexp: /[0-9a-f]{32}-us[0-9]{1,2}/g,
      replacement: "[MAILCHIMP_API_KEY]",
  },
  {
      regexp: /\bAK[0-9A-Z]{18}\b/g,
      replacement: "[AMAZON_ACCESS_KEY]",
  },
  {
      regexp: /\b(https?:\/\/)(?:v1\.)?[a-f0-9]{40}((?::x-oauth-basic)?@)/g,
      replacement: "$1[GITHUB_TOKEN]$2",
  },
  {
      // https://perishablepress.com/stop-using-unsafe-characters-in-urls/
      // https://www.ietf.org/rfc/rfc3986.txt
      regexp: /\b((?:ht|f|sm)tps?:\/\/)[^:/?#\[\]@""<>{}|\\^``\s]+:[^:/?#\[\]@""<>{}|\\^``\s]+@/g,
      replacement: "$1[USER]:[PASSWORD]@",
  },
100];
101function redact(message) {
  let output = message;
  exports.DEFAULT_REDACTION_PATTERNS.forEach(r => {
      output = typeof output === "string" ? output.replace(r.regexp, r.replacement) : output;
  });
  return output;
107}
108exports.redact = redact;
109//# sourceMappingURL=redact.js.map
\No newline at end of file

1	`"use strict";`
2	`/*`
3	`* Copyright © 2020 Atomist, Inc.`
4	`*`
5	`* Licensed under the Apache License, Version 2.0 (the "License");`
6	`* you may not use this file except in compliance with the License.`
7	`* You may obtain a copy of the License at`
8	`*`
9	`* http://www.apache.org/licenses/LICENSE-2.0`
10	`*`
11	`* Unless required by applicable law or agreed to in writing, software`
12	`* distributed under the License is distributed on an "AS IS" BASIS,`
13	`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
14	`* See the License for the specific language governing permissions and`
15	`* limitations under the License.`
16	`*/`
17	`Object.defineProperty(exports, "__esModule", { value: true });`
18	`/**`
19	`* Default set of regular expressions used to remove sensitive`
20	`* information from messages and logs. The entries are applied in`
21	`* order, so more specific regular expressions should be placed`
22	`* earlier in the list to avoid a shorter replacement preventing a`
23	`* longer replacement from being applied.`
24	`*/`
25	`exports.DEFAULT_REDACTION_PATTERNS = [`
26	`{`
27	`regexp: /\b[A-F0-9]{64}\b/g,`
28	`replacement: "[ATOMIST_API_KEY]",`
29	`},`
30	`{`
31	`regexp: /[1-9][0-9]+-[0-9a-zA-Z]{40}/g,`
32	`replacement: "[TWITTER_ACCESS_TOKEN]",`
33	`},`
34	`{`
35	`regexp: /EAACEdEose0cBA[0-9A-Za-z]+/g,`
36	`replacement: "[FACEBOOK_ACCESS_TOKEN]",`
37	`},`
38	`{`
39	`regexp: /AIza[0-9A-Za-z\-_]{35}/g,`
40	`replacement: "[GOOGLE_API_KEY]",`
41	`},`
42	`{`
43	`regexp: /[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com/g,`
44	`replacement: "[GOOGLE_OAUTH_ID]",`
45	`},`
46	`{`
47	`regexp: /sk_live_[0-9a-z]{32}/g,`
48	`replacement: "[PICATIC_API_KEY\|",`
49	`},`
50	`{`
51	`regexp: /sk_live_[0-9a-zA-Z]{24}/g,`
52	`replacement: "[STRIPE_REGULAR_API_KEY]",`
53	`},`
54	`{`
55	`regexp: /rk_live_[0-9a-zA-Z]{24}/g,`
56	`replacement: "[STRIPE_RESTRICTED_API_KEY]",`
57	`},`
58	`{`
59	`regexp: /sq0atp-[0-9A-Za-z\-_]{22}/g,`
60	`replacement: "[SQUARE_OAUTH_TOKEN]",`
61	`},`
62	`{`
63	`regexp: /sq0csp-[0-9A-Za-z\-_]{43}/g,`
64	`replacement: "[SQUARE_OAUTH_SECRET]",`
65	`},`
66	`{`
67	`regexp: /access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}/g,`
68	`replacement: "[BRAINTREE_ACCESS_TOKEN]",`
69	`},`
70	`{`
71	`regexp: /amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/g,`
72	`replacement: "[AMAZON_AUTH_TOKEN]",`
73	`},`
74	`{`
75	`regexp: /SK[0-9a-fA-F]{32}/g,`
76	`replacement: "[TWILLIO_API_KEY]",`
77	`},`
78	`{`
79	`regexp: /key-[0-9a-zA-Z]{32}/g,`
80	`replacement: "[MAILGUN_KEY]",`
81	`},`
82	`{`
83	`regexp: /[0-9a-f]{32}-us[0-9]{1,2}/g,`
84	`replacement: "[MAILCHIMP_API_KEY]",`
85	`},`
86	`{`
87	`regexp: /\bAK[0-9A-Z]{18}\b/g,`
88	`replacement: "[AMAZON_ACCESS_KEY]",`
89	`},`
90	`{`
91	`regexp: /\b(https?:\/\/)(?:v1\.)?[a-f0-9]{40}((?::x-oauth-basic)?@)/g,`
92	`replacement: "$1[GITHUB_TOKEN]$2",`
93	`},`
94	`{`
95	`// https://perishablepress.com/stop-using-unsafe-characters-in-urls/`
96	`// https://www.ietf.org/rfc/rfc3986.txt`
97	regexp: /\b((?:ht\|f\|sm)tps?:\/\/)[^:/?#\[\]@""<>{}\|\\^``\s]+:[^:/?#\[\]@""<>{}\|\\^``\s]+@/g,
98	`replacement: "$1[USER]:[PASSWORD]@",`
99	`},`
100	`];`
101	`function redact(message) {`
102	`let output = message;`
103	`exports.DEFAULT_REDACTION_PATTERNS.forEach(r => {`
104	`output = typeof output === "string" ? output.replace(r.regexp, r.replacement) : output;`
105	`});`
106	`return output;`
107	`}`
108	`exports.redact = redact;`
109	`//# sourceMappingURL=redact.js.map`
\	No newline at end of file