• Stars
    star
    111
  • Rank 314,510 (Top 7 %)
  • Language
    Kotlin
  • License
    MIT License
  • Created over 5 years ago
  • Updated almost 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Kotlin compiler plugin to hide secret data

Sekret

maven

Kotlin compiler plugin that hides data class properties in generated toString() method

Motivation

In 2019 Facebook and Google admitted a leaking of millions of user passwords. It doesn't mean that they save our passwords as plain text, no - the passwords were found in log files. When a user enters a password it goes through hundreds of different services and each of has its logging system. It's very easy to make a mistake and save sensitive data, especially when you have no control on autogenerated code. That's why this plugin was created to help you to exclude some properties from autogenerated toString() method. If you do not want to use a compiler plugin please have a look to other ways.

Usage

Code:

data class Credentials(
    val login: String, 
    @Secret val password: String
)

println(Credentials("User", "12345")) 

Output:

Credentials(login=User, password=β– β– β– )

Installation

Gradle

Apply plugin:

plugins {
    id 'net.afanasev.sekret' version '<version>'
}

Configure:

// Download @Secret annotation
dependencies {
    compile 'net.afanasev:sekret-annotation:<version>'
}

// OR use your own
sekret {
    // "β– β– β– " by default
    mask = "***"    
    
    // true by default
    enabled = true

    // true by default
    maskNulls = false
    
    // "net.afanasev.sekret.Secret" by default
    annotations = ["com.sample.YourAnnotation"] 
}

Kotlin CLI

kotlinc \
    -Xplugin=kotlin-plugin.jar \
    -P plugin:sekret:annotations=com.sample.YourAnnotation \
    ...

Mentions

Code of Conduct

Please refer to Code of Conduct document.