A high-performance Flutter plugin that automatically sanitizes sensitive data in logs using Rust FFI with regex-based pattern matching.
Why LogGuard?
Accidentally logging sensitive information is one of the most common security vulnerabilities in mobile apps. LogGuard provides automatic protection by intercepting and sanitizing all log output before it reaches the console, crash reporters, or analytics systems.
Key Benefits
- π‘οΈ Automatic Protection: No code changes needed - wrap your app and you're protected
- β‘ High Performance: Rust FFI implementation processes logs 10x faster than pure Dart
- π UTF-8 Safe: Properly handles international characters and emoji
- π Zero Config: Works out of the box with sensible defaults
- π Production Ready: Efficiently handles large logs with automatic chunking
Quick Start
1. Add Dependency
dependencies:
logguard: ^0.1.0
2. Protect Your App
import 'package:flutter/material.dart';
import 'package:logguard/logguard.dart';
void main() {
LogGuard.runApp(
MaterialApp(
home: MyHomePage(),
),
);
}
That's it! All print() and debugPrint() calls are now automatically sanitized.
What Gets Sanitized?
LogGuard automatically detects and masks:
| Pattern | Example | Result |
|---|---|---|
| Passwords | password=secret |
password=******** |
| Tokens | Bearer abc123 |
Bearer [MASKED] |
| API Keys | AKIAIOSFODNN7 |
[MASKED] |
| Emails | user@example.com |
[MASKED] |
| Credit Cards | 4532-1234-5678-9010 |
[MASKED] |
| Phone Numbers | +1-555-123-4567 |
[MASKED] |
| UUIDs | 550e8400-e29b... |
[MASKED] |
| JWT Tokens | eyJhbGc... |
[MASKED] |
| Hex Hashes | a94a8fe5ccb1... |
[MASKED] |
Usage Examples
Automatic Mode (Recommended)
Protects your entire application:
void main() {
LogGuard.runApp(MyApp());
}
// Anywhere in your app
print('User email: user@example.com');
// Output: User email: [MASKED]
debugPrint('Auth token: Bearer abc123xyz');
// Output: Auth token: Bearer [MASKED]
Selective Protection
Protect specific code blocks:
void main() async {
await LogGuard.runGuarded(() {
// Only logs inside this scope are sanitized
print('password=secret123'); // Sanitized
runApp(MyApp());
});
}
Manual Sanitization
For explicit control:
import 'package:logguard/logguard.dart';
// Direct sanitization
final safeText = LogGuard.sanitize('My email is user@example.com');
print(safeText); // Output: My email is [MASKED]
// Extension method
final userInput = 'password=test123';
print(userInput.sanitized); // Output: password=********
// Custom logging with levels
LogGuard.log(
'User logged in with token: abc123',
level: LogLevel.info,
name: 'AuthService',
toConsole: true,
toDeveloper: true,
);
Advanced Usage
// Safe print helpers
LogGuard.safePrint('This will be sanitized automatically');
LogGuard.safeDebug('Debug message', wrapWidth: 80);
// Check FFI availability
if (LogGuard.isFFIAvailable) {
print('Using high-performance Rust sanitizer');
} else {
print('Using Dart fallback sanitizer');
}
// Hook management
LogGuard.setupHooks(); // Enable protection
LogGuard.removeHooks(); // Disable protection
Platform Support
| Platform | Status | Version |
|---|---|---|
| Android | β Supported | v0.1.0+ |
| Linux | π§ Coming Soon | v0.2.0 |
| Windows | π§ Coming Soon | v0.3.0 |
| iOS | β³ Planned | Future |
| macOS | β³ Planned | Future |
| Web | β³ Planned | Future |
Performance
LogGuard is optimized for production use:
| Log Size | Processing Time |
|---|---|
| 1 KB | ~0.1ms |
| 10 KB | ~0.5ms |
| 100 KB | ~3ms (chunked) |
*Benchmarked on Pixel 6 with Rust FFI enabled
Performance Features
- Lazy Pattern Compilation: Regex patterns compiled once at startup
- Automatic Chunking: Large logs processed in 10KB chunks
- UTF-8 Optimized: Character-aware iteration prevents corruption
- Memory Capped: Result buffer limited to 2MB max
- Fast Path Optimization: Common patterns use prefix matching instead of regex
Architecture
Flutter App (print/debugPrint)
β
LogGuard Dart Layer (Zone interception)
β
FFI Bridge
β
Rust Core (Optimized regex + UTF-8 scanning)
The plugin uses Dart Zones to intercept all log output, then passes it through a Rust FFI bridge for high-performance pattern matching.
How It Works
- Zone Interception: LogGuard creates a custom Zone that wraps your app
-
Automatic Capture: All
print()calls are intercepted before reaching the console - FFI Processing: Log messages are passed to Rust for sanitization
- Pattern Matching: Rust applies optimized regex and prefix matching
- Safe Output: Sanitized logs are printed to the console
Security Notice
β οΈ Important: LogGuard significantly reduces the risk of sensitive data exposure, but should be used as part of a comprehensive security strategy. Always follow these best practices:
- Never intentionally log sensitive information
- Use LogGuard as a safety net, not a replacement for good coding practices
- Test with your specific data patterns
- Review logs regularly for new patterns
- Use proper authentication and encryption for data transmission
Configuration
LogGuard works with zero configuration, but provides flexibility when needed:
// Enable/disable hooks manually
LogGuard.setupHooks();
LogGuard.removeHooks();
// Custom log levels
LogGuard.log(
'Custom message',
level: LogLevel.error,
error: exception,
stackTrace: stack,
);
Testing
import 'package:flutter_test/flutter_test.dart';
import 'package:logguard/logguard.dart';
void main() {
test('sanitizes passwords', () {
final input = 'password=secret123';
final output = LogGuard.sanitize(input);
expect(output, 'password=********');
});
test('sanitizes emails', () {
final input = 'Contact: user@example.com';
final output = LogGuard.sanitize(input);
expect(output, 'Contact: [MASKED]');
});
}
Contributing
Contributions are welcome! Please check out our GitHub repository for:
- π Bug reports
- π‘ Feature requests
- π§ Pull requests
- π Documentation improvements
Development Roadmap
- [x] Android FFI support
- [x] Automatic log interception
- [x] Common pattern detection
- [ ] Linux support (v0.2.0)
- [ ] Windows support (v0.3.0)
- [ ] Custom pattern configuration
- [ ] Log encryption option
- [ ] iOS/macOS support
- [ ] Web support (WASM)
License
MIT License - see LICENSE file for details.
Support
- π Documentation
- π Issue Tracker
- π¬ Discussions
Built with β€οΈ using Rust + Flutter
If LogGuard helps secure your app, please consider:
- β Starring the repo on GitHub
- π Liking on pub.dev
- π’ Sharing with other Flutter developers
Top comments (0)