Skip to main content

What is Censor

Have you ever encountered a situation where a new attribute containing sensitive data was added to a struct, and somewhere in a different package that struct value was passed to a logger, resulting in sensitive data being leaked? In large codebases with multiple contributors, these mistakes happen more often than you might think.

Censor helps minimize the risk of such situations. Once configured, Censor automatically inspects structs and strings using specific rules to determine if values should be masked or displayed. What's crucial is that Censor follows a secure-by-default approach: if a struct field has no explicit Censor tag marking it as safe to display, it will be masked. This means even if someone forgets to add a tag or isn't aware of Censor's presence, sensitive data remains protected by default, while still allowing engineers to manually adjust visibility when needed.

Key Features

  • Practical Data Protection: Helps reduce the risk of exposing sensitive fields in structs. While not a silver bullet for all security concerns, Censor adds an extra layer of protection for common data exposure scenarios.

  • Two Output Formats: Supports both TEXT and JSON output formats, covering the most common logging and data exchange needs.

  • Logger Framework Support: Works with popular logging frameworks like Zap, Slog, and Zerolog. Setup requires some configuration, after which logging operations can proceed with added protection.

  • Basic Customization: Modify the default "[CENSORED]" mask value or set up regex patterns to handle specific data formats according to your needs.

  • Default Masking Approach: Uses a conservative approach where fields remain masked unless explicitly tagged to be visible, helping to reduce accidental exposure.

  • Support for Common Types: Handles standard Go types including strings, structs, maps, and slices, though some complex or custom types may require additional handling.

Next Steps

Ready to get started? Check out these guides:

  1. Getting Started - Installation and basic usage
  2. Configuration - Customization options
  3. Type Support - Supported Go types
  4. Logger Integration - Logger integration
  5. Examples - Real-world usage scenarios