Open
Description
Description
Apologies if this should be raised somewhere else - happy to move it if required.
I've tried creating a config file with the following regex within it:
\b.*?(?i:password|pass|pwd|secret)\b['"]?\s*[=:]?\s?['"]?(?!.*null)[\w!@#$%^&.*()-+=<>?\/\\]{1,}['"]?
I am trying to perform a negative lookahead assertion (?!.*null) so that:
String certificatePassword = "abc123def"; # would be a finding
String certificatePassword = null; # won't be a finding
However when I've tried using it in the config yaml I get this message:
trufflehog --config /config/trufflehog-rules.yaml filesystem /input/file.txt
2023-08-16T14:07:12Z error trufflehog error parsing the provided configuration file {"error": "regex 'adjective': error parsing regexp: invalid or unsupported Perl syntax: `(?!`"}
This is the yaml file:
cat /config/trufflehog-rules.yaml
# config.yaml
detectors:
- name: password detector
keywords:
- password
regex:
adjective: "\\b.*(?i:password|pass|pwd|secret)\\b[\'\"]?\\s*[=:]?\\s*[\'\"]?(?!.*null)[\\w!@#$%^&.*()-+=<>?/\\\\]{4,}[\'\"]?"
Without the code for negative lookahead, trufflehog will perform a scan without error (however it will report both lines as findings)
Preferred Solution
I would like to be able to include negative lookahead assertions in the regex I supply.
Additional Context
I believe the regex to be syntactically correct, as I have tested it on regex101:
Thanks!