File metadata inspector and cleaner. See what's hidden inside your files — GPS coordinates, device identifiers, author data — then strip it all.
SHADE reads hidden metadata embedded in files (EXIF, XMP, IPTC, document properties) and classifies each field by risk level:
- RISK — GPS coordinates, device serial numbers, unique identifiers
- WARN — author name, software version, creation/modification dates
- OK — technical dimensions, color space, resolution
Files can then be cleaned — metadata stripped, clean copy saved alongside the original.
| Format | Inspect | Clean |
|---|---|---|
| JPEG, JPG | Yes | Yes |
| PNG | Yes | Yes |
| WebP | Yes | Yes |
| TIFF, TIF | Yes | Yes |
| BMP, AVIF, HEIC, HEIF | Yes | Yes |
| Yes | Yes | |
| DOCX, XLSX, PPTX | Yes | Yes |
CLI:
- Node.js 18+
- npm
Desktop build (additional):
- Rust stable toolchain — install via rustup.rs
- Tauri CLI v2 (installed by
npm installinsidedesktop/) - Windows: Microsoft C++ Build Tools or Visual Studio with "Desktop development with C++" workload
git clone <repo-url>
cd SHADE
# Install CLI dependencies
npm install
# Build the CLI
npm run buildUse the shade command globally:
npm linkOr run directly:
node dist/index.js <file>Inspect a file:
shade photo.jpgDisplays all metadata fields grouped by category with color-coded risk badges.
Strip all metadata:
shade photo.jpg --cleanSaves a clean copy as photo_clean.jpg in the same directory.
Specify output path:
shade photo.jpg --clean -o /path/to/output.jpgOutput raw JSON:
shade photo.jpg --jsonUseful for scripting or piping into other tools.
Examples:
# Inspect an image — shows GPS coordinates, camera model, software
shade vacation.jpg
# Strip metadata from a Word document
shade report.docx --clean
# Check a PDF and save clean version to a specific path
shade contract.pdf --clean -o contract_clean.pdf
# Get machine-readable output, filter only high-risk fields
shade photo.jpg --json | jq '.fields[] | select(.severity == "danger")'# Run with ts-node (no build step)
npm run dev -- photo.jpg
# Run tests
npm test
# Lint
npm run lintThe desktop/ directory contains a native application built with Tauri v2 and a Vite/TypeScript frontend. Same metadata inspection capabilities through a GUI.
cd desktop
npm install
# Development mode (hot reload)
npm run tauri dev
# Production build
npm run tauri buildBuilt binary: desktop/src-tauri/target/release/
SHADE/
├── src/
│ ├── index.ts # CLI entry point (Commander.js)
│ ├── parsers/
│ │ ├── index.ts # Unified analyzer, format detection
│ │ ├── types.ts # Shared types, severity classifier
│ │ ├── image.ts # EXIF/XMP/IPTC extraction via exifr
│ │ ├── pdf.ts # PDF metadata parser
│ │ └── docx.ts # Office document (DOCX/XLSX/PPTX) parser
│ ├── cleaners/
│ │ ├── index.ts # Unified cleaner entrypoint
│ │ ├── image.ts # Image cleaning via sharp
│ │ ├── pdf.ts # PDF metadata removal
│ │ └── docx.ts # Office document cleaning via fflate
│ └── cli/
│ └── output.ts # Terminal rendering (Chalk)
└── desktop/ # Tauri desktop application
├── src/ # Frontend (TypeScript + Vite)
└── src-tauri/ # Rust backend
Parsers and cleaners are kept separate. exifr works in both Node.js CLI and the browser-based desktop frontend. sharp is Node.js only (CLI cleaner). fflate handles ZIP-based Office formats in both environments.
| Package | Purpose |
|---|---|
| TypeScript 5.8 | Language |
| Commander.js | CLI argument parsing |
| Chalk | Terminal color output |
| exifr | EXIF/XMP/IPTC metadata extraction |
| sharp | Image processing and metadata stripping |
| fflate | ZIP/Office document parsing and rewriting |
| Vitest | Unit testing |
| Tauri v2 | Desktop application framework |