. .....
.=OO:....$ZZ..
.O........,~=+Z.
=Z ..,:~=~~=+???Z.
.Z .,+++++++???I7IZ.
.O.~7??????????7$7Z.
.?.+ZO+~,???..+Z.$Z.
.,.OZOOOZI?IOZ$ZII7.
.O,7,O7,+~Z=??:I7?ZI7+Z.
.O7+.$=~=+O++??+==~=7ZO.
.ZZ..IIIOOZI?IIO7+=IIZO.
.O..?O$ZI7?????7$II7Z.
OZ.,77Z=$$$I?I??7?ZOO
.Z..O$ZIZZ$????=I7ZO.
O...O~Z+~:=+II$$7~
Z,Z:+.OZ7ZZ$7Z?O.
O.ZOZOOOOOZ7I+?O...
.Z.$OZZOO77$7+=?Z.O~.
......OO..$OZOOZ7I$?~+?=$Z...
.,OZZO$,.... .,...OOOOI???++++O. =..ZZZZOO+...
.=OI. . .OZ$???$OZ. .,~ ..,:~~~=ZO.
.O.. ..:===OO.
,Z.. ,===:O.
.O.,. .. .~===,Z
.Z.,,.OZOZZOOZZ. ... .,====:Z
.Z..,O..?...++=?=Z. ...~. .,::==Z:.
.O:...Z...?...=?+++IO.. ....+ZZOOO..... .Z:+:.......~==O.
.Z..,:,ZZ+:.+Z7?????=O,IOZZZO..,+??????++++=ZZ,~OOI??++7OZ===~Z.
Z..OOI. .IZ$ZZI...... ..:+???????????????????+7Z7??~~+++ZZ==O.
O.O.,+ ..,~=+???~.,=?????????????????IZZ7????II?I$??==+++IZOO~Z
OO. .,~??????????????????????+++?I$Z77ZZZZOOOZZ7I?+??I??++?$$?ZO
O:.:7$I???????????????II?+++?IZZZ7ZO?$ZZZZ7+======+++++===?77?$O
.O+ZZZ$III7$ZZZZZZ7I?+++?I$OOO$O$??????++++++++??????????+?I?+O.
.OZOOOOOOZZ$$7I?++++?I$ZOOO$ZZ??+????????????????????????????$.
,ZZOOOOZ$I?????????$ZOOZ7+~:,....,I7II??+++==~:,..,+?????????Z.
.OZZZZOZZZZ+,..... :::~...Z$$.$$.=$II$$=........$$.,==++++??+Z.
OOZZZZOOO$.$$..$..= .$$$$$=,$=.,......$$$Z.$7.$$.ZIIII????+O.
OZZZ$ZZZ+.$$.~$.$. .$$$ .$$..I$ZZ.Z$.Z$.$$..$.$IOOOOOOZOOO
.,ZOOZZ:~.$$IZ$...$$$ .$$.$$.$7=$..$$.$$ $Z.ZZZZZ$$7ZO,
.$.$.I.. .$$$. $$.$$$Z..$$.$$=,$..$$.O?$OZZZZ..
...7OOO..$$$. .$$.$$ ..$$$7$.7,...,Z.$~
.. .$$$. .$$.$$$$,......OZZ,.
.$$$. ..$$......ZO.$..
Z$$$$$$Z..OZ....
..?$$$..OZ
$OOOZ,.
Let Mr. Clean keep your logs clean of sensitive data.
Imagine you have the following model
data class SensitiveData(val creditCardNumber: String, val socialSecurityNumber: String)
This model might be inadvertently logged, leaking sensitive data to the world.
One way to get around this is to override toString
and manage your state.
data class SensitiveData(val creditCardNumber: String, val socialSecurityNumber: String) {
override toString(): String {
if (BuildConfig.DEBUG) {
return "SensitiveData(
creditCardNumber='$creditCardNumber'
socialSecurityNumber='$socialSecurityNumber'
)"
}
else {
return "SensitiveData@${Integer.toHexString(hashCode())}"
}
}
}
But now you have to make sure this stays updated when you add/remove properties.
Enter Mr. Clean
Annotate your class with @Sanitize
and delegate to the generated sanitizedToString
function:
@Sanitize
data class SensitiveData(val creditCardNumber: String, val socialSecurityNumber: String) {
override toString() = sanitizedToString()
}
Note: You don't have to build to get this function! The Gradle plugin will generate a default Any.sanitizedToString
for use in the IDE.
Mr. Clean manages the implementation of the toString
for you.
// in a debuggable build
inline fun SensitiveData.sanitizedToString(condition: Boolean): String =
"SensitiveData(creditCardNumber = $creditCardNumber, socialSecurityNumber = $socialSecurityNumber)"
// in a non-debuggable build
inline fun SensitiveData.sanitizedToString(condition: Boolean): String = "SensitiveData@${Integer.toHexString(hashCode())}"
Don't leak sensitive info ever again, trust in Mr. Clean.
buildscript {
repositories {
mavenCentral()
google()
}
dependencies {
classpath 'com.trello.mrclean:mr-clean-plugin:2.0.0'
}
}
and then apply to your modules
apply plugin: 'com.trello.mrclean'
The Mr. Clean plugin adds mr-clean-debug-processor
to debug
BuildTypes automatically and mr-clean-processor
to all others as well as setting the packageName
defined in your manifest. Finally it generates the root Any?.sanitizeToString
function for you (so you don't have errors pre compile)
If you'd prefer to manually control this, you can.
ksp {
// Anything set here will override *ALL* values across all
// Generates root function Any.sanitizeToString
arg("mrclean.rootgenerator", "true")
// Package name to generate in under generated
arg("mrclean.packagename", "true")
// Setting this will override d
arg("mrclean.debug", "true")
}
dependencies {
implmentation 'com.trello.mrclean:mr-clean-runtime:2.0.0'
// Debug by default has KSP arg "mrclean.debug" set to false, "mrclean.rootgenerator" to false
kspRelease 'com.trello.mrclean:mr-clean-processor:2.0.0'
// Debug by default has KSP arg "mrclean.debug" set to true, "mrclean.rootgenerator" to false
kspDebug 'com.trello.mrclean:mr-clean-debug-processor:2.0.0'
}
Use 1.2.2 as Mr. Clean is pretty stable but we are only supporting KSP moving forward
1.2.2 usage is
buildscript {
repositories {
mavenCentral()
google()
}
dependencies {
classpath 'com.trello.mrclean:mr-clean-plugin:1.2.2'
}
}
and then apply to your modules
apply plugin: 'com.trello.mrclean'
Pull requests, issues and comments welcome. For pull requests:
See the existing issues for things to start contributing.
For bigger changes, make sure you start a discussion first by creating an issue and explaining the intended change.
Atlassian requires contributors to sign a Contributor License Agreement, known as a CLA. This serves as a record stating that the contributor is entitled to contribute the code/documentation/translation to the project and is willing to have it used in distributions and derivative works (or is willing to transfer ownership).
Prior to accepting your contributions we ask that you please follow the appropriate link below to digitally sign the CLA. The Corporate CLA is for those who are contributing as a member of an organization and the individual CLA is for those contributing as an individual.
Copyright (c) 2018 Atlassian and others. Apache 2.0 licensed, see LICENSE file.