Confidential Redactor Add-in

This repository hosts a Microsoft Word taskpane add-in that inserts a CONFIDENTIAL DOCUMENT header, enables Track Changes when possible, scans for sensitive information (emails, phone numbers, SSNs), and replaces matches with redaction markers such as [REDACTED:EMAIL].

The codebase is implemented entirely with TypeScript, bundled with Vite, styled using handcrafted CSS, and verified with Vitest.

Quick start

npm install
npm run dev:certs       # one-time: trusts localhost certificate for Office
npm start               # launches Vite + sideloads into Word via office-addin-debugging

Script summary:

• npm run dev – HTTPS Vite dev server only (port 3000).
• npm start – Runs Vite + office-addin-debugging start manifest.xml for automatic sideloading.
• npm run build – Type-checks and produces a production bundle in dist/.
• npm test – Runs Vitest unit tests for the detection/normalization helpers.
• npm run lint / npm run format – ESLint + Prettier.
• npm run validate – Manifest validation via office-addin-manifest.

Manual sideloading

If automatic sideloading is not available on your platform, use the manifest directly:

Word on Windows or macOS (desktop)

1. Run npm run dev so the HTTPS dev server is available on https://localhost:3000.
2. In Word, go to Insert → My Add-ins → Shared Folder → Add a custom add-in (on macOS: Insert → Add-ins → Shared Add-ins).
3. Choose Upload My Add-in and browse to <repo>/manifest.xml.
4. The taskpane opens on the right; pins it for convenience. Changes are hot-reloaded.

Word on the web

1. Run npm run dev to keep the dev server running.
2. Sign in to office.com and open Word on the web.
3. Choose Insert → Office Add-ins → Upload My Add-in, then select manifest.xml.
4. Approve the dialog about an untrusted certificate (it uses the local HTTPS dev cert).

Using the Document-To-Be-Redacted sample

1. Open Document-To-Be-Redacted.docx in Word (desktop or web).
2. Start the add-in via Home → Confidentiality → Redact & Label.
3. Toggle the data types you want to detect, then click Scan only or Redact document.
4. The results panel shows how many matches were found/redacted plus masked samples.

Testing & linting

npm test       # detection + normalization unit tests
npm run lint   # ESLint (strict TypeScript rules)
npm run format # Prettier

The unit tests live in src/core/redactionPatterns.test.ts and cover the email, phone, and SSN matchers; normalization behavior; and safeguards that prevent re-redaction.

Known limitations

• Track Changes is only enabled when Office.context.requirements.isSetSupported("WordApi", "1.5") returns true and the host exposes document.trackRevisions. Word on the web frequently omits this API, so the add-in falls back to a warning and proceeds.
• The detection regexes are intentionally conservative to minimize false positives. Extremely unusual formatting may require additional passes or manual cleanup.
• The add-in relies on a self-signed HTTPS certificate when running locally. Each developer must trust it via npm run dev:certs (or npx office-addin-dev-certs install) before sideloading.

Packaging / submission

Before zipping this repository, run:

npm run build
rm -rf node_modules

Then bundle the repo (without node_modules/) and share as required. The manifest already points to https://localhost:3000/src/taskpane.html for development. For production deployment you will need to update the URLs to your hosting origin.

office-submission