Support capturing groups as a rule match value

[avishnyakov]

It seems that currently GitLeaks uses GoLang regex.FindString value as an outcome for rule match.

https://github.com/zricethezav/gitleaks/blob/f3360cbf66be167c29aaa55f08cb0c1a5ce4575a/src/utils.go#L119

That works well until we want to extract a very specific value for further processing (eg., classification, entropy calculation, etc)

Let's say we would like to handle all tokens in XML or html forms?

(?i:token)['"].*value\s*=\s*['"](.{5,})['"]{1}[\/ x]

More complex version of this regexp can handle multiple token prefixes, eg:

(?i:token|key|password)['"].*value\s*=\s*['"](.{5,})['"]{1}[\/ x]

And the data:

< name="csrf_token" value="{{ csrf_token() }}" />

Current approach with GitLeaks:
https://regex-golang.appspot.com/assets/html/index.html

Returns match:

token" value="{{ csrf_token() }}"

Not great. We were after "group match".
How can this be supported by GitLeaks?

[zricethezav]

This is something that should be pursued by an additional configuration entry reportGroup

[zricethezav]

This is accomplished with secretGroup in https://github.com/zricethezav/gitleaks/releases/tag/v8.1.0