add secret key as optional for the regex

Author: gabrielweiz

src/scrapy_settings_log/__init__.py

@@ -54,7 +54,7 @@ def spider_closed(self, spider):
         if spider.settings.getbool("MASKED_SENSITIVE_SETTINGS_ENABLED", True):
             default_regexes = [
                 ".*(?i)(api[\W_]*key).*",  # apikey and possible variations e.g: shub_apikey or SC_APIKEY
-                ".*(?i)(AWS[\W_]*SECRET[\W_]*ACCESS[\W_]*KEY).*",  # AWS_SECRET_ACCESS_KEY and possible variations
+                ".*(?i)(AWS[\W_]*(SECRET[\W_]*)?ACCESS[\W_]*KEY).*",  # AWS_SECRET_ACCESS_KEY and possible variations
                 ".*(?i)([\W_]*password[\W_]*).*"  # password word
             ]
             regex_list = spider.settings.getlist("MASKED_SENSITIVE_SETTINGS_REGEX_LIST", default_regexes)

tests/test_code.py

@@ -144,6 +144,7 @@ def test_log_all_should_not_return_aws_secret_key_value_by_default(caplog):
         "SETTINGS_LOGGING_ENABLED": True,
         "AWS_SECRET_ACCESS_KEY": 'secret_value1',
         "aws_secret_access_key": 'secret_value2',
+        "aws_access_key": 'secret_value2',
     }
 
     spider = MockSpider(settings)
@@ -153,6 +154,7 @@ def test_log_all_should_not_return_aws_secret_key_value_by_default(caplog):
 
     assert '"AWS_SECRET_ACCESS_KEY": "**********"' in caplog.text
     assert '"aws_secret_access_key": "**********"' in caplog.text
+    assert '"aws_access_key": "**********"' in caplog.text
     assert 'secret_value' not in caplog.text