trello/ mr-clean
About the developer
222 Stars 
7 Forks 
Other 
132 Commits 
3 Opened issues 
Description
Don't leak sensitive data.
Services available
Contributors list
. .....
.=OO:....$ZZ..
.O........,~=+Z.
=Z ..,:~=~~=+???Z.
.Z .,+++++++???I7IZ.
.O.~7??????????7$7Z.
.?.+ZO+~,???..+Z.$Z.
.,.OZOOOZI?IOZ$ZII7.
.O,7,O7,+~Z=??:I7?ZI7+Z.
.O7+.$=~=+O++??+==~=7ZO.
.ZZ..IIIOOZI?IIO7+=IIZO.
.O..?O$ZI7?????7$II7Z.
OZ.,77Z=$$$I?I??7?ZOO
.Z..O$ZIZZ$????=I7ZO.
O...O~Z+~:=+II$$7~
Z,Z:+.OZ7ZZ$7Z?O.
O.ZOZOOOOOZ7I+?O...
.Z.$OZZOO77$7+=?Z.O~.
......OO..$OZOOZ7I$?~+?=$Z...
.,OZZO$,.... .,...OOOOI???++++O. =..ZZZZOO+...
.=OI. . .OZ$???$OZ. .,~ ..,:~~~=ZO.
.O.. ..:===OO.
,Z.. ,===:O.
.O.,. .. .~===,Z
.Z.,,.OZOZZOOZZ. ... .,====:Z
.Z..,O..?...++=?=Z. ...~. .,::==Z:.
.O:...Z...?...=?+++IO.. ....+ZZOOO..... .Z:+:.......~==O.
.Z..,:,ZZ+:.+Z7?????=O,IOZZZO..,+??????++++=ZZ,~OOI??++7OZ===~Z.
Z..OOI. .IZ$ZZI...... ..:+???????????????????+7Z7??~~+++ZZ==O.
O.O.,+ ..,~=+???~.,=?????????????????IZZ7????II?I$??==+++IZOO~Z
OO. .,~??????????????????????+++?I$Z77ZZZZOOOZZ7I?+??I??++?$$?ZO
O:.:7$I???????????????II?+++?IZZZ7ZO?$ZZZZ7+======+++++===?77?$O
.O+ZZZ$III7$ZZZZZZ7I?+++?I$OOO$O$??????++++++++??????????+?I?+O.
.OZOOOOOOZZ$$7I?++++?I$ZOOO$ZZ??+????????????????????????????$.
,ZZOOOOZ$I?????????$ZOOZ7+~:,....,I7II??+++==~:,..,+?????????Z.
.OZZZZOZZZZ+,..... :::~...Z$$.$$.=$II$$=........$$.,==++++??+Z.
OOZZZZOOO$.$$..$..= .$$$$$=,$=.,......$$$Z.$7.$$.ZIIII????+O.
OZZZ$ZZZ+.$$.~$.$. .$$$ .$$..I$ZZ.Z$.Z$.$$..$.$IOOOOOOZOOO
.,ZOOZZ:~.$$IZ$...$$$ .$$.$$.$7=$..$$.$$ $Z.ZZZZZ$$7ZO,
.$.$.I.. .$$$. $$.$$$Z..$$.$$=,$..$$.O?$OZZZZ..
...7OOO..$$$. .$$.$$ ..$$$7$.7,...,Z.$~
.. .$$$. .$$.$$$$,......OZZ,.
.$$$. ..$$......ZO.$..
Z$$$$$$Z..OZ....
..?$$$..OZ
$OOOZ,.
Mr. Clean
Let Mr. Clean keep your logs clean of sensitive data.
Imagine you have the following model
data class SensitiveData(val creditCardNumber: String, val socialSecurityNumber: String)
This model might be inadvertently logged, leaking sensitive data to the world. One way to get around this is to override
toStringand manage your state.
data class SensitiveData(val creditCardNumber: String, val socialSecurityNumber: String) {
override toString(): String {
if (BuildConfig.DEBUG) {
return "SensitiveData(
creditCardNumber='$creditCardNumber'
socialSecurityNumber='$socialSecurityNumber'
)"
}
else {
return "[email protected]${Integer.toHexString(hashCode())}"
}
}
}
But now you have to make sure this stays updated when you add/remove properties.
Enter Mr. Clean
Annotate your class with
@Sanitizeand delegate to the generated
sanitizedToStringfunction:
@Sanitize
data class SensitiveData(val creditCardNumber: String, val socialSecurityNumber: String) {
override toString() = sanitizedToString()
}
Note: You don't have to build to get this function! The Gradle plugin will generate a default
Any.sanitizedToStringfor use in the IDE.
Mr. Clean manages the implementation of the
toStringfor you.
// in a debuggable build
inline fun SensitiveData.sanitizedToString(condition: Boolean): String =
"SensitiveData(creditCardNumber = $creditCardNumber, socialSecurityNumber = $socialSecurityNumber)"
// in a non-debuggable build
inline fun SensitiveData.sanitizedToString(condition: Boolean): String = "[email protected]${Integer.toHexString(hashCode())}"
Don't leak sensitive info ever again, trust in Mr. Clean.
Usage
buildscript {
repositories {
mavenCentral()
google()
}
dependencies {
classpath 'com.trello.mrclean:mr-clean-plugin:1.1.0'
}
}
and then apply to your modules ```groovy apply plugin: 'com.trello.mrclean'
Contributors
Pull requests, issues and comments welcome. For pull requests:
- Add tests for new features and bug fixes
- Follow the existing style
- Separate unrelated changes into multiple pull requests
See the existing issues for things to start contributing.
For bigger changes, make sure you start a discussion first by creating an issue and explaining the intended change.
Atlassian requires contributors to sign a Contributor License Agreement, known as a CLA. This serves as a record stating that the contributor is entitled to contribute the code/documentation/translation to the project and is willing to have it used in distributions and derivative works (or is willing to transfer ownership).
Prior to accepting your contributions we ask that you please follow the appropriate link below to digitally sign the CLA. The Corporate CLA is for those who are contributing as a member of an organization and the individual CLA is for those contributing as an individual.
License
Copyright (c) 2018 Atlassian and others. Apache 2.0 licensed, see LICENSE file.