Two weeks ago, I showed you how Redacting Sensitive Data from Java Flight Recorder Files is possible using my new jfr-redact tool. This tool also supports redacting information from hs-error files, but it doesn’t handle heap dumps. Sadly, there is currently no support in OpenJDK for redacting these files directly, to quote Volker Simonis’ comment under my last blog post:

There’s also “JDK-8337517: Redacted Heap Dumps” (https://bugs.openjdk.org/browse/JDK-8337517) which unfortunately didn’t receive enough support from upstream 🙁

Well, there is now the tool hprof-redact that allows you to easily null all primitives and strings in the heap dump and even implement your own basic redactions when using it as a library. It’s a small tool (written with femtocli, of course) under MIT license, which we’ll cover in this blog post. Please be aware that it is still an early prototype, but it might already be useful:

./hprof-redact source.hprof output.prof

But first, what are heap dumps?