npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@travelopia/kavach

v1.0.0

Published

Kavach — PII masking utility for safe logging of sensitive data

Downloads

164

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

junaidtravelopiajunaidtravelopiagogo-thlgogo-thldevops_thldevops_thlmonika0903monika0903absurd-tabsurd-tniraj.chauhanniraj.chauhan

Keywords

piimaskingprivacysecuritydata-protection

Readme

@travelopia/kavach

Kavach (कवच) — divine armour in Hindu mythology. This package is the shield for your sensitive data.

A TypeScript utility for masking Personally Identifiable Information (PII) in data structures, designed for safe logging.

⚠️ Important: Kavach is for logging only. Never apply it to actual request/response data.

Installation

npm install @travelopia/kavach

Features

  • Mask sensitive data: emails, phone numbers, credit cards, names, addresses, dates of birth, postal codes
  • Smart field-name based detection for recursive object masking
  • XML/SOAP payload masking with namespace support
  • Preserves partial info for traceability (e.g. first char + domain for emails, last 4 digits for cards)
  • TypeScript support with full type definitions
  • Fully tested with Vitest

Usage

Basic String Masking

import { maskString } from '@travelopia/kavach';

maskString('hello'); // '*****'
maskString('hello', { showStart: 1, showEnd: 1 }); // 'h***o'
maskString('hello', { maskChar: '#' }); // '#####'

Email Masking

import { maskEmail } from '@travelopia/kavach';

maskEmail('[email protected]'); // 'j***@example.com'

Phone Number Masking

import { maskPhone } from '@travelopia/kavach';

maskPhone('1234567890'); // '******7890'
maskPhone('+1 (555) 123-4567'); // '*************4567'

Credit Card Masking

import { maskCardNumber } from '@travelopia/kavach';

maskCardNumber('4111111111111111'); // '************1111'

Object Masking

import { maskPIIInObject } from '@travelopia/kavach';

const user = {
  firstName: 'John',
  lastName: 'Doe',
  email: '[email protected]',
  phone: '1234567890',
  age: 30,
};

const masked = maskPIIInObject(user);
// Automatically detects and masks PII fields by name

XML/SOAP Masking

import { maskPIIInXML } from '@travelopia/kavach';

const masked = maskPIIInXML(soapPayload);
// Masks PII inside XML tags and attributes, including namespaced tags

API

maskEmail(email: string): string

Shows first character and full domain. e.g. j***@example.com

maskPhone(phone: string): string

Shows last 4 digits. e.g. ******3456

maskCardNumber(card: string): string

Shows last 4 digits. e.g. ************1111

maskName(name: string): string

Shows first character. e.g. J*****

maskDateOfBirth(date: string): string

Shows year only. e.g. 1994-**-**

maskAddress(address: string): string

Shows street number. e.g. 123 ***

maskZip(zip: string): string

Shows first 2 characters. e.g. 12***

maskPIIInObject(obj: unknown): unknown

Recursively masks fields matched by ~50 common PII field name patterns (case-insensitive). Covers email, phone, card, name, address, auth code fields.

maskPIIInXML(xml: string): string

Masks PII in XML/SOAP payloads via regex. Handles XML namespaces, tag content, and attributes.

Development

npm install
npm test
npm run test:watch
npm run type-check
npm run build
npm run lint

License

UNLICENSED - For internal use by Yachts App Squad only.