Struct Redactor 

pub struct Redactor {
    level: RedactionLevel,
    re_aws_key_id: Regex,
    re_secret: Regex,
    re_session: Regex,
    re_presigned: Regex,
    re_account_id: Regex,
    re_bearer: Regex,
    home_dir: Option<String>,
}

Compiled redaction patterns.

Construct once with Redactor::new() and reuse across many calls.

Fields

level: RedactionLevel

re_aws_key_id: Regex

(AKIA|ASIA|AROA)[A-Z0-9]{16} — AWS access key IDs.

re_secret: Regex

(?i)(aws_secret_access_key|secret_access_key|secret)\s*=\s*['"]?([A-Za-z0-9/+=]{40})['"]?

re_session: Regex

(?i)(aws_session_token|session_token)\s*=\s*['"]?([A-Za-z0-9/+=]{100,})['"]?

re_presigned: Regex

Presigned URLs — everything after ? when X-Amz-Signature is present.

re_account_id: Regex

12-digit AWS account IDs (only applied at RedactionLevel::Full).

re_bearer: Regex

Bearer token values.

home_dir: Option<String>

Actual home-dir prefix at runtime (e.g. /Users/alice).

Implementations

impl Redactor

pub fn with_level(level: RedactionLevel) -> Self

Build a Redactor with the given RedactionLevel.

pub fn new() -> Self

Build a Redactor with the default RedactionLevel::Full.

pub fn redact_text(&self, text: &str) -> String

Apply all active patterns to text and return the redacted string.

Patterns are applied in this order so that more-specific matches are replaced before generic ones (e.g. presigned URLs before account IDs):

1. Presigned URLs (full querystring)
2. AWS session tokens (longest values first, before secrets)
3. AWS secret access keys
4. Bearer tokens
5. AWS access key IDs
6. AWS account IDs (Full level only)

pub fn redact_path(&self, path: &str) -> String

Replace $HOME/ and the literal home-dir path prefix with ~/.

If the home directory cannot be determined at runtime, the input is returned unchanged.

Trait Implementations

impl Default for Redactor

fn default() -> Self

Returns the “default value” for a type.