Hi, do you ever dumped logs to debug something simple ...? and suddenly realized you just logged real email addresses? Yeah. That little chill down your spine is called "future GDPR paperwork". This tiny TypeScript utility exists to make sure that moment never happens again.
mask-email does one job and does it cleanly: mask email addresses without being clever in the wrong places. By default, it keeps a couple of characters visible and hides the rest—enough to identify a user, not enough to get you fired.
maskEmail('ekaone3033@gmail.com')
// ek********@gmail.com
maskEmail('john.doe@example.com')
// jo******@example.com
No regex soup, no assumptions about email length, and no surprises when usernames are short or weird.
When you need more control, the options stay flat and readable. You can tweak visible characters, change the mask symbol, or even mask the domain when you’re dealing with internal systems or logs.
maskEmail('admin@mail.company.com', {
visibleChars: 1,
maskDomain: true,
})
// a****@m***.c******.com
There’s also a viewable switch for those moments when masking needs to be conditionally disabled—because real-world code paths are rarely pure.
maskEmail('secret@company.com', { viewable: true });
// Output: 'secret@company.com'
Under the hood, it’s small, dependency-free, and aggressively boring (again: a compliment). Inputs are validated, edge cases are handled, and nothing tries to be smarter than it should be. Privacy-friendly by design, it helps you stay aligned with GDPR and common data-protection practices—without turning a simple utility into a legal document. Drop it into UI, logs, or analytics, and move on with your day.
Wanna try it? 😏
The code lives here, fully open, zero drama:
👉 GitHub: https://github.com/ekaone/mask-email
Install it, no judgment here:
npm install @ekaone/mask-email
# or
yarn add @ekaone/mask-email
# or
pnpm add @ekaone/mask-email
That’s it. No post-install rituals, no peer-dependency surprises 😲
Happy coding — and may your emails stay masked.
Top comments (0)