-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: catch secret in XML child #1265
base: master
Are you sure you want to change the base?
Conversation
@@ -27,7 +27,7 @@ const ( | |||
// \x60 = ` | |||
secretPrefixUnique = `\b(` | |||
secretPrefix = `(?:'|\"|\s|=|\x60){0,5}(` | |||
secretSuffix = `)(?:['|\"|\n|\r|\s|\x60|;]|$)` | |||
secretSuffix = `)(?:['|\"|\n|\r|\s|\x60|;|<]|$)` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor nitpic: since this part is enclosed in []
, the pipes aren't necessary.
It could simply be: (assuming we don't actually want to match on pipes)
(?:['\"\n\r\s\x60;<]|$)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changed it in another PR: #1266
1b28156
to
4d1e5e3
Compare
### Description: - Added generic API key inside an XML element: `<password>edf8f16608465858a6c9e3cccb97d3c2</password>` - Added True-Positives and False-Positives to the Generic API Key rule ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1265
### Description: > since this part is enclosed in `[]`, the pipes aren't necessary. _Originally posted by @rgmz in gitleaks#1265 (comment) ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1266
Description:
<password>edf8f16608465858a6c9e3cccb97d3c2</password>
Checklist: