Consider JSON.stringify's whitelisting capability

[rsc-rfrench]

JSON.stringify allows a 2nd argument called replacer:

A function that alters the behavior of the stringification process, or an array of String and Number objects that serve as a whitelist for selecting/filtering the properties of the value object to be included in the JSON string. If this value is null or not provided, all properties of the object are included in the resulting JSON string.

This might allow clean log to provide a facility like log.info(msg, secrets) that ensures the values in secrets are scrubbed from log output. Warrants further research.

[jveldboom-rsc]

I'd like to explore this as well. But I do want to keep the focus on keeping the library relatively simple.

What about something like using environment variables for the replacer? This would prevent the library from keeping a whitelist. (not saying we use this but just wanting to continue the discussion)

process.env.LOG_SUPPRESS = 'email,password'

const replacer = (key, value) => {
  if (process.env.LOG_SUPPRESS) {
    let suppress = process.env.LOG_SUPPRESS.split(',')
    if (suppress.includes(key)) return undefined
  }
  
  return value
}

let data = {
  name: 'John',
  password: '1234567',
  age: 55,
  email: '[email protected]'
}

console.log(JSON.stringify(data, replacer, 2))