Closed oscarenzo closed 8 months ago
plambert
commented
1 year ago git-secrets uses POSIX regular expressions. (?i) is not a valid POSIX regular expression. Also, \s*? is not a valid POSIX regular expression. You'll need to write your regular expression to work with egrep and git grep -E rather than the PCRE2 you are testing with at the link you included. Since it's been such a long time, I assume you've moved on but let me know if you still need a hand in writing it.
oscarenzo
commented
8 months ago git-secrets uses POSIX regular expressions.
(?i)is not a valid POSIX regular expression. Also,\s*?is not a valid POSIX regular expression. You'll need to write your regular expression to work withegrepandgit grep -Erather than the PCRE2 you are testing with at the link you included. Since it's been such a long time, I assume you've moved on but let me know if you still need a hand in writing it.
Thank you for the help @plambert, finally I have updated my rules using POSIX as you said and works fine, by other side, do you know some online tool like this:
That support POSIX method test?, thanks
plambert
commented
8 months ago I'm afraid not; I've never seen a web-based POSIX regex tester. Sorry.
oscarenzo
commented
8 months ago Don't worry, thank you.
Hello,
I'm working to add some custom pattern to detect private keys, tokens, etc like this:
Gitlab token [for detect gitlab tokens]
glpat-[-=_0-9a-zA-Z]{20,22}My problem is when try to add some regex like this:
Private openssh keys [ for detect openssh private keys]
(?i)-----\s*?BEGIN[ A-Z0-9_-]*?PRIVATE\sKEY\s*?-----[\s\S]*?----\s*?END[ A-Z0-9_-]*?\sPRIVATE\sKEY\s*?-----This regex it works, tested on regex101:
https://regex101.com/r/OzvXl9/2
When add as pattern then run the git-secrets --scan , receive this error:
fatal: command line, '(?i)-----\s*?BEGIN[|A-Z0-9_-]*?PRIVATE\sKEY\s*?-----[\s\S]*?----\s*?END[|A-Z0-9_-]*?\sPRIVATE\sKEY\s*?-----': Invalid preceding regular expressionThis is my configuration:
Can somebody help me?, thank you, best regards.