cpurules
commented
3 years ago Some additional issues with the regex matching as I've added more to config.json. Note that I added the blank token as an allowed literal for the time being.
config.json
{
"TOKEN": "",
"GUILD_ID": "",
"MAX_WINNERS_PER_GROUP": 0
}git secrets --list
git secrets --list
secrets.patterns \"Token\": \"[a-zA-Z0-9_]+\"
secrets.allowed "Token": ""error i receive on commit/scan
config.json:2: "TOKEN": "",
config.json:3: "GUILD_ID": "",
config.json:4: "MAX_WINNERS_PER_GROUP": 0
[ERROR] Matched one or more prohibited patternsIt seems this pattern is matching... anything that looks remotely similar.
RyanSchaefer
I am running git-secrets on Windows, using the latest master-branch source.
I have a currently empty config.json file to store a token for an application:
I am attempting to write a rule to pick up non-blank tokens. I have tried several variations:
The first rule ends up matching every line in every file. I think this is an issue with the quote character being escaped.
Every other rule I have flags the 2nd line of config.json (below) as matching the prohibited pattern.
However in all of these cases I'm looking for a non-empty token string, and the + operator should be doing that for me. I'm really not sure what's going on here. I'm not the sharpest with RegEx but this should be correct and I've tested with several online tools which all validate this as well.
Thanks, Charlie