add a regex for rubygems tokens

GrantBirki · GrantBirki · commit a744a5a9657a · 2024-05-20T16:06:56.000-07:00
diff --git a/lib/patterns/default.rb b/lib/patterns/default.rb
@@ -11,6 +11,7 @@ module Patterns
     %r{https://hooks\.slack\.com/services/[a-zA-Z0-9]{9,}/[a-zA-Z0-9]{9,}/[a-zA-Z0-9]{24}}, # Slack webhook
     %r{https://hooks\.slack\.com/workflows/[a-zA-Z0-9]{9,}/[a-zA-Z0-9]{9,}/[0-9]+?/[a-zA-Z0-9]{24}}, # Slack workflow
     /xoxp-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[0-9a-f]{6,})|xoxb-(?:[0-9]{7,})-(?:[A-Za-z0-9]{14,})|xoxs-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[0-9a-f]{7,})|xoxa-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[0-9a-f]{7,})|xoxo-(?:[0-9]{7,})-(?:[A-Za-z0-9]{14,})|xoxa-2-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[0-9a-f]{7,})|xoxr-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[0-9a-f]{7,})|xoxb-(?:[0-9]{7,})-(?:[0-9]{7,})-(?:[A-Za-z0-9]{14,})/, # Slack tokens
-    /[sb]\.[a-zA-Z0-9]{24,}/ # vault token
+    /[sb]\.[a-zA-Z0-9]{24,}/, # vault token
+    /rubygems_[0-9a-f]{48}/ # RubyGems token
   ].freeze
 end
diff --git a/spec/lib/redacting_logger_spec.rb b/spec/lib/redacting_logger_spec.rb
@@ -150,6 +150,11 @@
         case: "redacts a vault token",
         message: "logging into vault with token: s.FakeToken1234567890123456",
         expected_message: "logging into vault with token: [REDACTED]"
+      },
+      {
+        case: "redacts a RubyGems token",
+        message: "using rubygems token: rubygems_0123456789abcdef0123456789abcdef0123456789abcdef",
+        expected_message: "using rubygems token: rubygems_[REDACTED]"
       }
     ].each do |test|
       it "redacts #{test[:case]}" do
