maskit 0.1.1

A CLI tool to mask sensitive fields in configuration files (JSON/YAML/TOML)
Documentation

Maskit 🔒

A command-line tool for masking sensitive fields in configuration files.

Installation

cargo install maskit

Usage

Basic Usage

Mask sensitive fields in a configuration file using default keywords:

maskit config.json

This creates config.maskit.json with sensitive fields replaced by *****.

Default keywords: key, secret, password, token, credential, auth, private, cert

Custom Keywords

Specify custom keywords to identify sensitive fields:

maskit config.yaml -k api,key,secret,token,password,credential

Custom Output Path

Save the masked file to a specific location:

maskit config.toml -o /path/to/masked-config.toml

Command Line Options

USAGE:
    maskit [OPTIONS] <INPUT>

ARGS:
    <INPUT>    Input configuration file path

OPTIONS:
    -h, --help                     Print help information
    -k, --keywords <KEYWORDS>      Keywords to search for in field names 
                                   [default: key,secret,password,token,credential,auth,private,cert]
    -o, --output <OUTPUT>          Output file path (default: adds .maskit before extension in current directory)
    -s, --silent                   Silent mode - suppress all output
    -V, --version                  Print version information

Examples

JSON Example

Input (config.json):

{
  "api_key": "sk-1234567890abcdef",
  "password": "super_secret_123",
  "auth_token": "Bearer xyz789",
  "private_key": "-----BEGIN RSA PRIVATE KEY-----",
  "base_url": "https://api.example.com",
  "database": {
    "host": "localhost",
    "db_password": "db_pass_123",
    "connection_string": "postgresql://user:pass@localhost/db"
  }
}

Output (config.maskit.json):

{
  "api_key": "*****",
  "password": "*****",
  "auth_token": "*****", 
  "private_key": "*****",
  "base_url": "https://api.example.com",
  "database": {
    "host": "localhost",
    "db_password": "*****",
    "connection_string": "postgresql://user:pass@localhost/db"
  }
}

YAML Example

maskit app.yaml -k key,secret,token

TOML Example

maskit settings.toml -o safe-settings.toml

Silent Mode

Execute without any output (useful for scripts):

maskit config.json -s

Supported Formats

  • JSON (.json)
  • YAML (.yaml, .yml)
  • TOML (.toml)

Security Notice

While Maskit helps prevent accidental exposure of sensitive data, always review masked files before sharing to ensure all sensitive information has been properly redacted.