Arcjet sensitive information redaction detection engine.
npm install -S @arcjet/redact-wasm
import { initializeWasm } from "@arcjet/redact-wasm";
import type { SensitiveInfoEntity } from "@arcjet/redact-wasm";
function noOpDetect(_tokens: string[]): Array<SensitiveInfoEntity | undefined> {
return [];
}
function noOpReplace(_input: SensitiveInfoEntity): string | undefined {
return undefined;
}
const wasm = await initializeWasm(noOpDetect, noOpReplace);
// If WebAssembly isn't available in the environment then it will be undefined.
if (typeof wasm !== "undefined") {
const config = {
entities: [],
contextWindowSize: 1,
skipCustomDetect: true,
skipCustomRedact: true,
};
const entities = wasm.redact("I am a string", config);
// Do something with entities that should be redacted.
} else {
throw new Error(
"redact failed to run because Wasm is not supported in this environment",
);
}
This package provides sensitive information identification and redaction logic implemented as a WebAssembly module which will run local analysis on the provided string.
The generated _virtual/arcjet_analyze_bindings_redact.component.js
file contains the binary inlined as
a base64 Data URL with the application/wasm
MIME type.
This was chosen to save on storage space over inlining the file directly as a Uint8Array, which would take up ~3x the space of the Wasm file. See Better Binary Batter: Mixing Base64 and Uint8Array for more details.
It is then decoded into an ArrayBuffer to be used directly via WebAssembly's
compile()
function in our entry point file.
This is all done to avoid trying to read or bundle the Wasm asset in various
ways based on the platform or bundler a user is targeting. One example being
that Next.js requires special asyncWebAssembly
webpack config to load our
Wasm file if we don't do this.
In the future, we hope to do away with this workaround when all bundlers properly support consistent asset bundling techniques.
Licensed under the Apache License, Version 2.0.