{"id":16671,"library":"redact-basic-auth","title":"Redact Basic Auth","description":"redact-basic-auth is a focused utility designed to remove or obscure basic authentication credentials from URLs. This is crucial for logging, debugging, or displaying URLs where sensitive information like usernames and passwords should not be exposed. The package is currently at version 1.0.1, indicating a stable and mature, albeit simple, implementation. Its release cadence is likely very slow, as its functionality is narrowly defined and unlikely to require frequent updates. Key differentiators include its singular focus and minimal API, making it easy to integrate without pulling in larger URL parsing libraries when only basic auth redaction is needed. It operates on string manipulation rather than full URL parsing objects, providing a lightweight solution for specific security and privacy concerns in applications that handle URLs.","status":"active","version":"1.0.1","language":"javascript","source_language":"en","source_url":"ssh://git@github.com/alxndrsn/node-redact-basic-auth","tags":["javascript"],"install":[{"cmd":"npm install redact-basic-auth","lang":"bash","label":"npm"},{"cmd":"yarn add redact-basic-auth","lang":"bash","label":"yarn"},{"cmd":"pnpm add redact-basic-auth","lang":"bash","label":"pnpm"}],"dependencies":[],"imports":[{"note":"The package primarily uses CommonJS `module.exports = function(...)`. For ES Modules, it's typically imported as a default export.","wrong":"import { redact } from 'redact-basic-auth';","symbol":"redact","correct":"const redact = require('redact-basic-auth');"},{"note":"When using ES Modules, `redact-basic-auth` exports its main function as a default export.","wrong":"import { redact } from 'redact-basic-auth';","symbol":"redact","correct":"import redact from 'redact-basic-auth';"}],"quickstart":{"code":"import redact from 'redact-basic-auth';\n\n// Example 1: Redacting a URL with basic authentication\nconst urlWithAuth = 'http://myuser:mypassword@example.com/api/data?param=value';\nconst redactedUrl = redact(urlWithAuth);\nconsole.log('Original URL:', urlWithAuth);\nconsole.log('Redacted URL:', redactedUrl);\n// Expected: Original URL: http://myuser:mypassword@example.com/api/data?param=value\n// Expected: Redacted URL: http://myuser:redacted@example.com/api/data?param=value\n\n// Example 2: A URL without basic authentication remains unchanged\nconst urlWithoutAuth = 'https://www.google.com/search?q=redact-basic-auth';\nconst unchangedUrl = redact(urlWithoutAuth);\nconsole.log('Original URL (no auth):', urlWithoutAuth);\nconsole.log('Unchanged URL:', unchangedUrl);\n// Expected: Original URL (no auth): https://www.google.com/search?q=redact-basic-auth\n// Expected: Unchanged URL: https://www.google.com/search?q=redact-basic-auth\n\n// Example 3: Using with a Node.js URL object (convert to string first)\nimport { URL } from 'url';\nconst complexUrl = new URL('ftp://anonymous:secret@ftp.example.org/files/doc.txt');\nconst redactedComplexUrl = redact(complexUrl.toString());\nconsole.log('Original complex URL:', complexUrl.toString());\nconsole.log('Redacted complex URL:', redactedComplexUrl);","lang":"javascript","description":"Demonstrates basic authentication redaction for various URL formats, including those with and without credentials, and how to use it with Node.js URL objects."},"warnings":[{"fix":"For more complex redaction scenarios, consider using a full URL parsing library and performing custom string replacements or object manipulations.","message":"The package specifically targets the `username:password@` pattern typical of HTTP/FTP basic authentication in URLs. It will not redact credentials stored in query parameters, custom headers, or other parts of a URL that don't conform to this format.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Always test with a diverse set of URLs, especially edge cases, to ensure the desired redaction behavior.","message":"The redaction is string-based using regular expressions. While robust for standard formats, malformed or highly unconventional URL structures might not be accurately processed, potentially redacting too much or too little.","severity":"gotcha","affected_versions":">=1.0.0"}],"env_vars":null,"last_verified":"2026-04-22T00:00:00.000Z","next_check":"2026-07-21T00:00:00.000Z","problems":[{"fix":"Change `import { redact } from 'redact-basic-auth';` to `import redact from 'redact-basic-auth';`.","cause":"Incorrect import statement when using ES Modules. The package uses a CommonJS default export.","error":"TypeError: redact is not a function"},{"fix":"Ensure the URL strictly follows the basic auth format (e.g., `protocol://username:password@host/path`). The package does not handle credentials in query parameters or other non-standard locations.","cause":"The URL string provided does not contain a 'username:password@' segment, or the segment is malformed and not recognized by the internal regex.","error":"My URL is not redacting the basic auth part."}],"ecosystem":"npm"}