simplify regex for secretPrefix, secretSuffix #1620
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Ben-grmbl
changed the title
Ben-grmbl
force-pushed
the
chore/simplify-secret-regex
branch
from
f4960c9 to
bb66e90
Compare
3 tasks
Ben-grmbl
force-pushed
the
chore/simplify-secret-regex
branch
4 times, most recently
from
0e4b933 to
41c671b
Compare
Ben-grmbl
force-pushed
the
chore/simplify-secret-regex
branch
from
41c671b to
76aee7c
Compare
Ben-grmbl
force-pushed
the
chore/simplify-secret-regex
branch
2 times, most recently
from
ea269b3 to
c2c7ab8
Compare
Ben-grmbl
force-pushed
the
chore/simplify-secret-regex
branch
2 times, most recently
from
be98240 to
f98e572
Compare
|
@Ben-grmbl sorry for the delay. I finally got around to testing these and agree with the changes. These are cleaner and easier to understand. Would you mind fixing the conflicts? |
zricethezav
approved these changes
Jan 15, 2025
combined character ranges, removed duplicates in same character range, replaced \x060 with literal ` combined \s with \r\n
Ben-grmbl
force-pushed
the
chore/simplify-secret-regex
branch
from
f98e572 to
670aaad
Compare
Of course, and no rush, if there are any other branches you want to merge first, I can rebase it again anytime. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
This pull request should not change any functionality, it only simplifies the regex generated by GenerateSemiGenericRegex and GenerateUniqueTokenRegex a bit, in order to make them easier to understand, (and to make gitleaks.toml 4 KB smaller :-)
based on the sidenote in #1467
Changes:
I am not quite certain whether
"|"was intended to be included in the character ranges, or whether the intention was that[a|b]should match only a or b, like[ab].But since the previous regex for identifierSuffix and secretSuffix match for
"|", this patch does not change that.I removed \r\n from the secretSuffix, since it is already included in \s
I also replaced
\x60with `As far as I could tell, the backtick does not need to be escaped in a toml file, and it was only slightly inconvenient to escape it in code:
However, I may have misunderstood the ramifications, and can of course undo that if desired.
I have also written some unit tests covering GenerateSemiGenericRegex and GenerateUniqueTokenRegex, in a separate pull request #1623
Checklist: