Error : Custom secret provider detection patterns aren't loaded when executing git secrets on windows.

[amine-bee]

Hi team.

The load_patterns() function doesn't seem to add the patterns of my custom secret provider when I run a scan on windows. The same function works fine on ubuntu / MacOS.

Here is what my .gitconfig looks like.

[secrets]
    providers = myCustomProviderBinary
[init]
    templateDir = C://Users//myuser//.git-template//git-secrets

Here is the output of my custom provider binary. (a bunch of detection patterns)

[aA][pP][iI][kK][eE][yY][[:blank:]'":=\\]{1,8}([^<$[:blank:]%][^."%$[:blank:]]{20,64}['"\\]?)[[:blank:],;}]?
(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}
(\"|')?(AWS|aws|Aws)_?(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)(\"|')?\s*(:|=>|=)\s*(\"|')?[A-Za-z0-9/\+=]{40}(\"|')?
(\"|')?(AWS|aws|Aws)_?(ACCOUNT|account|Account)_?(ID|id|Id)?(\"|')?\s*(:|=>|=)\s*(\"|')?[0-9]{4}\-?[0-9]{4}\-?[0-9]{4}(\"|')?

Here is the test secret detection that works fine on Linux/Ubuntu but simply not on Windows.

echo 'AKIAJBRHKV6EVTTNXDHATEST' | git secrets --scan -

As I said earlier, when executing the scan on windows (from a cmd.exe or a PS shell) the load_patterns() function does not load the patterns echo'd by the custom secret provider.

Hence the detection is not working properly.

[amine-bee]

Hi team any update on this ?

[amine-bee]

Update : the problem is related to \r\n not handled correctly. Patterns generated from an unix system with \n char as EOL are loaded correctly on windows.

[khhipparagi]

To fix on windows, convert you prohibited and allowed files to have Unix style EOL. You can set this in the .gitattribute file like below:

# Force Patterns file to have eol as lf
ScanPatterns/*.txt text eol=lf