Comments (3)
russellshackleford
commented on September 27, 2024
@vladimir-chernenko you pattern doesn't seem to match regardless. [a-z]*_(ro|rw|admin): is broken for your given example.
grep -nwHEI 'postgresql://[a-z]*:[a-z0-9]+' works, though. However, if a password might contain something that isn't letter, number, or underscore, you'll have to adjust accordingly. And test using grep -nwHEI since that is what git-secrets uses.
from git-secrets.
muziyoshiz
commented on September 27, 2024
@russellshackleford
Hello. I have got a similar problem because git-secrets uses --word-regexp option implicitly.
So I propose to add some comments about --word-regexp option as follows:
<pattern>
The regex pattern to search. The pattern is passed to `git grep -nwHEI`.
I wanted to detect an api key in "apikey: ABCDEFGHIJKLMNOPQRST" format. But it failed.
You can reproduce the my situation as follows:
$ git init test-repo
Initialized empty Git repository in /Users/myoshiz/tmp/test-repo/.git/
$ cd test-repo
$ echo "apikey: ABCDEFGHIJKLMNOPQRST" > test.yml
$ git add .
$ git commit -m "test"
[master (root-commit) 19aa53b] test
1 file changed, 1 insertion(+)
create mode 100644 test.yml
$ git grep -nwHEI "\\s*(:|=>|=)\\s*(\"|')?[A-Za-z0-9]{20}(\"|')?"
(failed)
$ git grep -nwHEI "\\w+\\s*(:|=>|=)\\s*(\"|')?[A-Za-z0-9]{20}(\"|')?"
(succeeded)
from git-secrets.
sparr
commented on September 27, 2024
grep is no longer invoked with -w
from git-secrets.
Related Issues (20)
- Add support for a configuration file that can contain the patterns, etc. and be included in the repo is desired. HOT 1
- Github Actions HOT 2
- grep: warning: stray \ before - HOT 1
- Error : Custom secret provider detection patterns aren't loaded when executing git secrets on windows. HOT 3
- Installation fails without a terminal HOT 10
- Secret rules being applied to unstaged files
- `say` command during install should be removed or made configurable by flag HOT 7
- /usr/local/bin/git-secrets: line 208: say: command not found HOT 1
- custom patterns wont work HOT 4
- Problem with file HEAD.secret HOT 1
- Can't get any response from scans HOT 4
- How to pass multiple patterns in .gitallowed file HOT 1
- `git-secrets --install` test failures without code changes
- Add a test for PRs that change README without updating the man page HOT 1
- Add *hashed* file version to .gitallowed? So future changes get caught containing secrets again HOT 1
- Java Key Store files
- How to allow aws account numbers with .gitallowed HOT 1
- .gitconfig file has universal read perms - should be restricted to current user
- Secret Santa
- Pre-Commit Autoupdate fails due to lack of `.pre-commit-hooks.yaml` file
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from git-secrets.