data_redactor: stop secrets and personal data leaking into logs and LLM prompts
If your app writes logs or sends text to an LLM, sooner or later a real credit card, email, or API key ends up in there — data_redactor strips that kind of data out of any string before it leaves your app.
It scans text against 89 built-in patterns — API keys, IBANs, credit cards, emails, national IDs from 15+ countries — and redacts every match in a single pass, using a purpose-built multi-pattern C engine that’s 2–2.5× faster than a pure-Ruby gsub loop. Zero runtime dependencies, precompiled binaries (Alpine included), integrations for Logger, Rails filter_parameters, Rack, and transparent outbound redaction for RubyLLM.
Post a comment