Custom patterns with Talismanrc for CLI/scanner not working

[varaamo]

In the scan mode, it appears talismanrc with custom configuration is not been read.
So all the custom regex in the talismarc is not processed by the talisman CLI. However Talisman pre-push hook is able to read and process fine.

[svishwanath-tw]

This is currently a known/expected behaviour.
The fix for this is a work in progress.

[varaamo]

Thanks for confirming. Any ETA for the fix?

[svishwanath-tw]

@varaamo : would you be able to submit a PR for the same ?

[varaamo]

I'm not that familiar with the code base nor the go programing language that it is written in, to make/suggest changes to support this capability

[varaamo]

@svishwanath-tw, will you able to help implement this feature?

[svishwanath-tw]

@varaamo : I will give it a try. What do you have in mind when you say help ?

[varaamo]

implement and release a version that we can download and use :-)

[varaamo]

Thank you @svishwanath-tw

[svishwanath-tw]

@varaamo : The implementation is far from complete FYI. This is just a draft. Far from release. Would you be willing to do some testing and give feedback on these changes ?

[varaamo]

@svishwanath-tw , Yes I can test and provide feedback after you provide the talisman cli binaries when ready

[svishwanath-tw]

@varaamo : Can you try out with binaries available at https://github.com/thoughtworks/talisman/releases/tag/scanwithrc

[varaamo]

@svishwanath-tw, do i need to build the source code for the binaries? It would be easier if you can upload the binaries directly

[svishwanath-tw]

@varaamo : That link has binaries now. Please download and use.
I had uploaded them when I created this pre-release. But it looks like it didn't take.
Please check now.

[varaamo]

Thank you. I was able to test and it is working for me. I tested with the following custom patterns in .talismanrc and the scan was able to correctly identify them within the test file I'd created
custom_patterns:

• (?i)(.password)\s*=\s*[0-9a-zA-Z/+=_]{32}
• (?i)(.secret)\s*=\s*[0-9a-zA-Z/+=_]{32}
• (?i)(_secret)\s*=\s*[0-9a-zA-Z/+=_]{32}
• (?i)(ApiKey)\s*=\s*[0-9a-zA-Z/+=_]{32}
• (?s) AKIA[0-9A-Z]{16}
• (?s)AIza[0-9A-Za-z-_]{35}
• (?s)[0-9]+-[0-9A-Za-z_]{32}.apps.googleusercontent.com
• (?s)[=\s"]eyJ[A-Za-z0-9_/+-].[A-Za-z0-9._/+-]

[svishwanath-tw]

Glad to know that this is working.
However there is talk introducing scan specific configs into talismanrc on the PR.
This is just FYI @varaamo

[varaamo]

Thanks for the FYI @svishwanath-tw . Any idea when these changes would be available in the main release?