Package sensitive provides base types who's values should never be seen by the human eye, but still used for configuration.
What? Explain
Sometimes you have a variable, such as a password, passed into your program via arguments or ENV variables.
Some of these variables are very sensitive! and should not in any circumstance be loggged or sent via JSON, despite JSON's "-", which people may forget.
These variables, which are just typed primitive types, have their overridden fmt.Formatter, encoding.MarshalText & json.Marshal implementations.
As an added bonus using them as their base type eg. String => string, you have to explicitly cast the eg. string(s) This makes you think about what you're doing and why you casting it providing additional safelty.
Variables:
String- The most usefulBoolFloat32Float64IntInt8Int16Int32Int64UintUint8Uint16Uint32Uint64
// go run _examples/basic/main.go mypassword
package main
import (
"encoding/json"
"fmt"
"os"
"github.com/go-playground/sensitive"
)
func main() {
password := sensitive.String(os.Args[1])
fmt.Printf("%s\n", password)
fmt.Printf("%v\n", password)
b, _ := json.Marshal(password)
fmt.Println(string(b))
var empty *sensitive.String
b, _ = json.Marshal(empty)
fmt.Println(string(b))
// output:
//
//
// ""
// null
}package main
import (
"encoding/json"
"fmt"
"io"
"os"
"github.com/go-playground/sensitive"
)
func init() {
// override default Formatter
sensitive.FormatStringFn = func(s sensitive.String, f fmt.State, c rune) {
switch c {
case 's':
_, _ = io.WriteString(f, "redacted")
case 'v':
_, _ = io.WriteString(f, string(s)[:4]+"*******")
}
}
}
func main() {
password := sensitive.String(os.Args[1])
fmt.Printf("%s\n", password)
fmt.Printf("%v\n", password)
b, _ := json.Marshal(password)
fmt.Println(string(b))
var empty *sensitive.String
b, _ = json.Marshal(empty)
fmt.Println(string(b))
// output:
// redacted
// mypa*******
// "redacted"
// null
}Distributed under MIT License, please see license file in code for more details.