Problem with Regex (allowed_patterns)

thoughtworks / talisman

Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.

https://thoughtworks.github.io/talisman/

MIT License

1.89k stars 241 forks source link

Problem with Regex (allowed_patterns) #391

Closed johnoliv closed 1 year ago

johnoliv commented 1 year ago

I need to ignore a known hex-encoded text inside some files using an allowed_patterns regex, but I don't want to skip the whole content.

Example of error: Expected file to not to contain hex-encoded texts such as: "d-b776a0bdace0449c81ca4284683XXXXX",

Expected file to not to contain hex-encoded texts such as: "d-baeb9610e69043be9d315d7e351XXXXX",

The text pattern is: Initial d- with 32 characters.

I tried to use the following regex without success: .talismanrc allowed_patterns:

([\w]d-[\w])
(\bd-[\w]{32})
([\w]d-[\w])
(d-[\w]{32})
([d]-[\w]*)
(["]d-[\w]{32}["]*)

More info: OS: macOS 12.5.1 Talisman v1.28.1

jmatias commented 1 year ago

Thanks for raising this issue, we'll look into it

svishwanath-tw commented 1 year ago

@johnoliv : I tried d-[0-9a-fA-F]{32} on regex101.com with language set to golang. This should help your case.

johnoliv commented 1 year ago

Hey @svishwanath-tw. Thanks for trying. Although it's a valid regex, it didn't resolve, the talisman report still shows as a high severity error.

allowed_patterns:

d-[0-9a-fA-F]{32}

tinamthomas commented 1 year ago

Hmm, thats odd. I tried with the regex as well, and even though the regex is valid, talisman still seems to be flagging it as an error. I can take a look at it and see what's happening.

johnoliv commented 1 year ago

Hmm, thats odd. I tried with the regex as well, and even though the regex is valid, talisman still seems to be flagging it as an error. I can take a look at it and see what's happening.

Thank you @tinamthomas. Appreciate your help.