diff --git a/pkg/detectors/privacy/privacy.go b/pkg/detectors/privacy/privacy.go index 58d4934affdd..1b349aad1520 100644 --- a/pkg/detectors/privacy/privacy.go +++ b/pkg/detectors/privacy/privacy.go @@ -3,10 +3,11 @@ package privacy import ( "context" "fmt" - regexp "github.com/wasilibs/go-re2" "net/http" "strings" + regexp "github.com/wasilibs/go-re2" + "github.com/trufflesecurity/trufflehog/v3/pkg/common" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb" diff --git a/pkg/detectors/uri/uri.go b/pkg/detectors/uri/uri.go index f97f3198ad1c..bf6055dffab3 100644 --- a/pkg/detectors/uri/uri.go +++ b/pkg/detectors/uri/uri.go @@ -23,7 +23,7 @@ var _ detectors.Detector = (*Scanner)(nil) var _ detectors.CustomFalsePositiveChecker = (*Scanner)(nil) var ( - keyPat = regexp.MustCompile(`\b(?:https?:)?\/\/[\S]{3,50}:([\S]{3,50})@[-.%\w\/:]+\b`) + keyPat = regexp.MustCompile(`\b(?:https?:)?\/\/[\w-\.]{3,50}:([\w-\.]{3,50})@[-.%\w\/:]+\b`) // TODO: make local addr opt-out defaultClient = detectors.DetectorHttpClientWithNoLocalAddresses diff --git a/pkg/detectors/uri/uri_test.go b/pkg/detectors/uri/uri_test.go index 7c0762bb0434..26af4e330974 100644 --- a/pkg/detectors/uri/uri_test.go +++ b/pkg/detectors/uri/uri_test.go @@ -13,6 +13,7 @@ import ( var ( validPattern = "https://kaNydBSAodo87dsm9asuiSAFtsd7.com:1234@qYY3SylY7fHP" + validPattern2 = `

http://username:password@127.0.0.1

` invalidPattern = "https://kaNydBSAodo87dsm9asuiSAFtsd7.com.1234@qYY3SylY7fHP" keyword = "uri" ) @@ -30,6 +31,11 @@ func TestURI_Pattern(t *testing.T) { input: fmt.Sprintf("%s token = '%s'", keyword, validPattern), want: []string{validPattern}, }, + { + name: "valid pattern - capture two outputs", + input: fmt.Sprintf("%s token = '%s'", keyword, validPattern2), + want: []string{"http://username:password@127.0.0.1", "http://username:password@127.0.0.1"}, + }, { name: "invalid pattern", input: fmt.Sprintf("%s = '%s'", keyword, invalidPattern),