Raw secret string does not match what is in the file

[def-]

TruffleHog Version

trufflehog 3.89.1

Trace Output

https://gist.github.com/def-/2886d34aad2f14bb2d4443ddefa97083

Expected Behavior

$ trufflehog --no-verification filesystem --json run.log|grep pos:5432
{"SourceMetadata":{"Data":{"Filesystem":{"file":"run.log","line":1}}},"SourceID":1,"SourceType":15,"SourceName":"trufflehog - filesystem","DetectorType":968,"DetectorName":"Postgres","DetectorDescription":"Postgres connection string containing credentials","DecoderName":"PLAIN","Verified":false,"VerificationFromCache":false,"Raw":"postgres://postgres:postgres@pos:5432","RawV2":"postgres://postgres:postgres@pos:5432","Redacted":"","ExtraData":{"sslmode":"\u003cunset\u003e"},"StructuredData":null}

Since pos:5432 occurs in the trufflehog secret I'm expecting it in the log file:

$ grep "pos:5432" run.log

Actual Behavior

There is actually no match for pos:5432 in the log file, especially not on line 1

Steps to Reproduce

run.log

$ trufflehog --no-verification filesystem --json run.log|grep pos:5432

Environment

• OS: macOS Sequoia
• Version 15.5

Additional Context

I'm struggling to understand how the secret trufflehog returns is composed. My goal is to automatically filter known "good secrets" (hardcoded passwords for testing) and ignore them in CI, and fail on any other secret being found: MaterializeInc/materialize#32739

References

[shahzadhaider1]

Hi @def-!

Thank you for taking the time to open this issue, we really appreciate your contribution to the project!
We’ll take a look and get back to you as soon as we can. If we need any clarification, we’ll follow up here.

Thanks again for helping make this project better!