maskit 0.1.1

A CLI tool to mask sensitive fields in configuration files (JSON/YAML/TOML)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123

# Maskit 🔒

A command-line tool for masking sensitive fields in configuration files.

## Installation

```bash
cargo install maskit
```

## Usage

### Basic Usage

Mask sensitive fields in a configuration file using default keywords:

```bash
maskit config.json
```

This creates `config.maskit.json` with sensitive fields replaced by `*****`.

Default keywords: `key`, `secret`, `password`, `token`, `credential`, `auth`, `private`, `cert`

### Custom Keywords

Specify custom keywords to identify sensitive fields:

```bash
maskit config.yaml -k api,key,secret,token,password,credential
```

### Custom Output Path

Save the masked file to a specific location:

```bash
maskit config.toml -o /path/to/masked-config.toml
```

### Command Line Options

```
USAGE:
    maskit [OPTIONS] <INPUT>

ARGS:
    <INPUT>    Input configuration file path

OPTIONS:
    -h, --help                     Print help information
    -k, --keywords <KEYWORDS>      Keywords to search for in field names 
                                   [default: key,secret,password,token,credential,auth,private,cert]
    -o, --output <OUTPUT>          Output file path (default: adds .maskit before extension in current directory)
    -s, --silent                   Silent mode - suppress all output
    -V, --version                  Print version information
```

## Examples

### JSON Example

Input (`config.json`):
```json
{
  "api_key": "sk-1234567890abcdef",
  "password": "super_secret_123",
  "auth_token": "Bearer xyz789",
  "private_key": "-----BEGIN RSA PRIVATE KEY-----",
  "base_url": "https://api.example.com",
  "database": {
    "host": "localhost",
    "db_password": "db_pass_123",
    "connection_string": "postgresql://user:pass@localhost/db"
  }
}
```

Output (`config.maskit.json`):
```json
{
  "api_key": "*****",
  "password": "*****",
  "auth_token": "*****", 
  "private_key": "*****",
  "base_url": "https://api.example.com",
  "database": {
    "host": "localhost",
    "db_password": "*****",
    "connection_string": "postgresql://user:pass@localhost/db"
  }
}
```

### YAML Example

```bash
maskit app.yaml -k key,secret,token
```

### TOML Example

```bash
maskit settings.toml -o safe-settings.toml
```

### Silent Mode

Execute without any output (useful for scripts):

```bash
maskit config.json -s
```

## Supported Formats

- **JSON** (`.json`)
- **YAML** (`.yaml`, `.yml`)
- **TOML** (`.toml`)

## Security Notice

While Maskit helps prevent accidental exposure of sensitive data, always review masked files before sharing to ensure all sensitive information has been properly redacted.