Fix False Positives: Use Word Boundaries for EasyPost Tokens

[wolframhaussig]

Use Word Boundaries for EasyPost Tokens

Description:

I am storing Elastic Kibana Exports in a GIT repo which look like:

{
     "asset-a30a06eb-2276-44b1-a62d-856e2116138c": {
          "@created": "2019-03-29T14:02:51.349Z",
          "id": "asset-a30a06eb-2276-44b1-a62d-856e2116138c",
          "type": "dataurl",
          "value": "data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/4gxYSU..aEZAKjP3cFfmXvke1VN43DcuR1BJyTjPNZx0AfLLuRmCAKrAAkcEf0qgqbJ..."
     }
}

The Base64 encoded images cause a false positive as GitLeaks detects an EasyPost API Token starting with EZAK. I added a word boundary to prevent detecting EasyPost tokens in a Base64 string.

Checklist:

• Does your PR pass tests?
• Have you written new tests for your changes?
• Have you lint your code locally prior to submission?

[zricethezav]

Looks good to me @wolframhaussig, but would you mind following the directions in the contributing guidelines for adding new rules? https://github.com/gitleaks/gitleaks/blob/master/CONTRIBUTING.md

[wolframhaussig]

@zricethezav Done. Sorry for that - I thought this was just for new rules

[zricethezav]

Thanks @wolframhaussig and the gitleaks-action is failing because I recently migrated zricethezav/gitleaks to gitleaks/gitleaks, which is an organization that requires a license key. I.e, failure is unrelated to this PR and has been fixed in master