Skip to content

Commit

Permalink
↪️ Merge pull request #160 from baboateng/cleanupRegex
Browse files Browse the repository at this point in the history
More readable regex in keyword.py
  • Loading branch information
KevinHock authored Apr 11, 2019
2 parents c46a1b6 + 29b8632 commit 6f87adb
Showing 1 changed file with 46 additions and 16 deletions.
62 changes: 46 additions & 16 deletions detect_secrets/plugins/keyword.py
Original file line number Diff line number Diff line change
Expand Up @@ -118,45 +118,75 @@
'true;',
'{',
}
QUOTE = r'[\'"]'
# includes ], ', " as closing
CLOSING = r'[]\'"]{0,2}'
# non-greedy match
OPTIONAL_WHITESPACE = r'\s*?'
OPTIONAL_NON_WHITESPACE = r'[^\s]*?'
SECRET = r'[^\s]+'
BLACKLIST_REGEX = r'|'.join(BLACKLIST)

FOLLOWED_BY_COLON_REGEX = re.compile(
# e.g. api_key: foo
r'({})(("|\')?):(\s*?)(("|\')?)([^\s]+)(\5)'.format(
r'|'.join(BLACKLIST),
r'({blacklist})({closing})?:{whitespace}({quote}?)({secret})(\3)'.format(
blacklist=BLACKLIST_REGEX,
closing=CLOSING,
quote=QUOTE,
whitespace=OPTIONAL_WHITESPACE,
secret=SECRET,
),
)
FOLLOWED_BY_COLON_QUOTES_REQUIRED_REGEX = re.compile(
# e.g. api_key: "foo"
r'({})(("|\')?):(\s*?)(("|\'))([^\s]+)(\5)'.format(
r'|'.join(BLACKLIST),
r'({blacklist})({closing})?:({whitespace})({quote})({secret})(\4)'.format(
blacklist=BLACKLIST_REGEX,
closing=CLOSING,
quote=QUOTE,
whitespace=OPTIONAL_WHITESPACE,
secret=SECRET,
),
)
FOLLOWED_BY_EQUAL_SIGNS_REGEX = re.compile(
# e.g. my_password = bar
r'({})((\'|")])?()(\s*?)=(\s*?)(("|\')?)([^\s]+)(\7)'.format(
r'|'.join(BLACKLIST),
r'({blacklist})({closing})?{whitespace}={whitespace}({quote}?)({secret})(\3)'.format(
blacklist=BLACKLIST_REGEX,
closing=CLOSING,
quote=QUOTE,
whitespace=OPTIONAL_WHITESPACE,
secret=SECRET,
),
)
FOLLOWED_BY_EQUAL_SIGNS_QUOTES_REQUIRED_REGEX = re.compile(
# e.g. my_password = "bar"
r'({})((\'|")])?()(\s*?)=(\s*?)(("|\'))([^\s]+)(\7)'.format(
r'|'.join(BLACKLIST),
r'({blacklist})({closing})?{whitespace}={whitespace}({quote})({secret})(\3)'.format(
blacklist=BLACKLIST_REGEX,
closing=CLOSING,
quote=QUOTE,
whitespace=OPTIONAL_WHITESPACE,
secret=SECRET,
),
)
FOLLOWED_BY_QUOTES_AND_SEMICOLON_REGEX = re.compile(
# e.g. private_key "something";
r'({})([^\s]*?)(\s*?)("|\')([^\s]+)(\4);'.format(
r'|'.join(BLACKLIST),
r'({blacklist}){nonWhitespace}{whitespace}({quote})({secret})(\2);'.format(
blacklist=BLACKLIST_REGEX,
nonWhitespace=OPTIONAL_NON_WHITESPACE,
quote=QUOTE,
closing=CLOSING,
whitespace=OPTIONAL_WHITESPACE,
secret=SECRET,
),
)
BLACKLIST_REGEX_TO_GROUP = {
FOLLOWED_BY_COLON_REGEX: 7,
FOLLOWED_BY_EQUAL_SIGNS_REGEX: 9,
FOLLOWED_BY_QUOTES_AND_SEMICOLON_REGEX: 5,
FOLLOWED_BY_COLON_REGEX: 4,
FOLLOWED_BY_EQUAL_SIGNS_REGEX: 4,
FOLLOWED_BY_QUOTES_AND_SEMICOLON_REGEX: 3,
}
QUOTES_REQUIRED_BLACKLIST_REGEX_TO_GROUP = {
FOLLOWED_BY_COLON_QUOTES_REQUIRED_REGEX: 7,
FOLLOWED_BY_EQUAL_SIGNS_QUOTES_REQUIRED_REGEX: 9,
FOLLOWED_BY_QUOTES_AND_SEMICOLON_REGEX: 5,
FOLLOWED_BY_COLON_QUOTES_REQUIRED_REGEX: 5,
FOLLOWED_BY_EQUAL_SIGNS_QUOTES_REQUIRED_REGEX: 4,
FOLLOWED_BY_QUOTES_AND_SEMICOLON_REGEX: 3,
}
QUOTES_REQUIRED_FILETYPES = {
FileType.CLS,
Expand Down

0 comments on commit 6f87adb

Please sign in to comment.