Data Masking

Overview

The Data Masking feature provides a secure way to handle sensitive information in your tests. It automatically encrypts sensitive data and provides a simple way to access the decrypted values when needed.

Setup

To use data masking, you need to set up your environment:

1. Create .env File

BINGO_MASK_SALT=your-secret-salt
TEST_EMAIL=test@example.com
TEST_PASSWORD=your-password

2. Mask Sensitive Data

bingo mask test@example.com

Properties File Masking

The framework can automatically mask sensitive values in `.properties` files:

1. Configure Masking

// bingo.config.js
module.exports = {
    dataMasking: {
        enabled: true,
        properties: {
            autoMask: true,
            sensitiveKeys: [
                'password',
                'secret',
                'key',
                'token',
                'credential',
                'apiKey',
                'auth',
                'private'
            ]
        }
    }
};

2. Use Properties Class

const { properties } = require('./lib');

// Load properties with automatic masking
properties.load('path/to/properties.file', true);

// Get masked value
const maskedValue = properties.get('db.password');

// Get original value
const originalValue = properties.get('db.password', true);

// Save masked properties to a new file
properties.save('path/to/masked.properties', true);

Usage

Access masked values in your tests: 

const { env } = require('./lib/mask');

// Access environment variables (automatically decrypted)
console.log(env.TEST_EMAIL);  // Shows original value

Supported Data Types

The system automatically detects and masks the following sensitive data types:

  • Email addresses
  • Credit card numbers
  • Phone numbers
  • Social security numbers
  • API keys
  • Passwords
  • Database credentials
  • JWT tokens
  • Properties file values containing sensitive keys

Debugging

To debug masked values: 

const { debug } = require('./lib/mask');

// Show all masked values and their originals
debug();

Best Practices

  • Always use the `env` proxy to access environment variables
  • Mask sensitive data before committing to version control
  • Use different salts for different environments
  • Never log or expose masked values in test output
  • Keep original properties files separate from masked ones
  • Use descriptive names for masked properties files (e.g., `application.masked.properties`)