Skip to content

Commit 70fb3fa

Browse files
kashifkhan0771kashifkhan0771
authored
Improved Baremetrics detector regex pattern (#4060)
* improved regex pattern * Added word boundaries
1 parent ba037a5 commit 70fb3fa

File tree

2 files changed

+12
-6
lines changed

2 files changed

+12
-6
lines changed

pkg/detectors/baremetrics/baremetrics.go

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,13 @@ var (
2222
client = common.SaneHttpClient()
2323

2424
// Make sure that your group is surrounded in boundary characters such as below to reduce false positives.
25-
keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"baremetrics"}) + `\b([a-zA-Z0-9_]{25})\b`)
25+
/*
26+
Baremetrics has two type of keys:
27+
- Sandbox: starts with `sk_`
28+
- Production: starts with `lk_`
29+
The length of key is not fixed and can range between 18 to 25 characters.
30+
*/
31+
keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"baremetrics"}) + `\b((?:sk|lk)_[a-zA-Z0-9]{18,25})\b`)
2632
)
2733

2834
// Keywords are used for efficiently pre-filtering chunks.

pkg/detectors/baremetrics/baremetrics_test.go

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ import (
1212
)
1313

1414
var (
15-
validPattern = "FNdRZCc2qoPLrwrLJIBE6vovy"
15+
validPattern = "sk_nGDJWCkPiFAKE5XFTzUUA"
1616
complexPattern = `
1717
func main() {
1818
url := "https://api.example.com/v1/resource"
@@ -24,7 +24,7 @@ var (
2424
return
2525
}
2626
27-
baremetricsToken := "Bearer FN_RZCc2qoPLrwrLJIBE6vovy"
27+
baremetricsToken := "Bearer sk_nGDJWCkPiFAKE5XFTzUUA"
2828
req.Header.Set("Authorization", baremetricsToken)
2929
3030
// Perform the request
@@ -40,7 +40,7 @@ var (
4040
}
4141
}
4242
`
43-
invalidPattern = "FNdRZCc-qoPLrwrLJIBE6vovyu"
43+
invalidPattern = "sk_nGDJWC_io8Q025XFTzUUA"
4444
)
4545

4646
func TestBareMetrics_Pattern(t *testing.T) {
@@ -55,12 +55,12 @@ func TestBareMetrics_Pattern(t *testing.T) {
5555
{
5656
name: "valid pattern",
5757
input: fmt.Sprintf("baremetrics credentials: %s", validPattern),
58-
want: []string{"FNdRZCc2qoPLrwrLJIBE6vovy"},
58+
want: []string{"sk_nGDJWCkPiFAKE5XFTzUUA"},
5959
},
6060
{
6161
name: "valid pattern - complex",
6262
input: complexPattern,
63-
want: []string{"FN_RZCc2qoPLrwrLJIBE6vovy"},
63+
want: []string{"sk_nGDJWCkPiFAKE5XFTzUUA"},
6464
},
6565
{
6666
name: "invalid pattern",

0 commit comments

Comments
 (0)