Github user greenman18523 commented on the issue:
https://github.com/apache/commons-lang/pull/332
Hello @stokito, thanks for the input. The reasoning of creating two method
was for a more intuitive API and to not add too many parameters in just one
method. And I also didn't want to create a 3rd method that would just do the
main logic without it being able to be exposed (i.e. private).
I like the idea of the mask being in the middle of the string, and I was
thinking of incorporating it into the code, but was not sure how useful it
would be for others.
An other goal of the way the methods are, is to clearly enforce a minimum
amount of masking before being able to show any information. e.g. in the case
of a credit card, even if the user has erroneously entered 8 out of the 16
characters, a call to ``StringUtils.maskEnd("35660020", '*', 12, 4)`` would not
show any sensitive information, but a call to ``StringUtils.mask("35660020", 0,
4, '*')`` would expose.
I think that both implementations can be useful for a number of use-cases,
some common to both, but some are covered by one of the two implementation.
Of course this can also be achieved by an extra parameter in your
implementation. What do you think?
---
