Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added changes for github and slack token #512

Merged
merged 6 commits into from
Sep 2, 2024
Merged

added changes for github and slack token #512

merged 6 commits into from
Sep 2, 2024

Conversation

gr8nishan
Copy link
Collaborator

@gr8nishan gr8nishan commented Aug 28, 2024
edited
Loading

Added a new pii for Github Fine Grained Token
"""\b((?:github_pat)[a-zA-Z0-9]{36,255})\b"""

Adding github_pat as mentioned here and based on test data we created.

Slack
Changed from - """(xoxb|xoxp|xapp|xoxa|xoxr)-[0-9]{10,13}-[a-zA-Z0-9-]"""
To - """(xoxb|xoxp|xapp|xoxa|xoxr|xoxo|xoxs|xoxe)-[0-9]{10,13}-[a-zA-Z0-9-]"""

Adding as mentioned here

Google API
Changed from - """(?i)(?:youtube)(?:.|[\n\r]){0,40}\bAIza[0-9A-Za-z-]{35}\b"""
To - """\bAIza[0-9A-Za-z-]{35}\b
Changing as mentioned here

Reducing confidence score from 0.8 to 0.4 for
Github token
Github Finegrained Token
Google API Key

This is done to support format like

"Git":"value"
"Pat":"value"
Git:value
Key:value
key-value

Check images
With Confidence = 0.8

Screenshot 2024-08-30 at 5 53 53 PM

With Confidence = 0.4

Screenshot 2024-08-30 at 5 47 37 PM

@gr8nishan gr8nishan requested a review from Raj725 August 30, 2024 05:32
Raj725
Raj725 previously approved these changes Aug 30, 2024
View reviewed changes
Copy link
Collaborator

@Raj725 Raj725 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM if false positives are acceptable

pebblo/entity_classifier/utils/regex_pattern.py Outdated
@@ -5,12 +5,12 @@
"""

regex_secrets_patterns = {
"github-token": r"""\b((?:ghp|gho|ghu|ghs|ghr)_[a-zA-Z0-9]{36,255})\b""",
"slack-token": r"""(xoxb|xoxp|xapp|xoxa|xoxr)\-[0-9]{10,13}\-[a-zA-Z0-9\-]*""",
"github-token": r"""((?:ghp|gho|ghu|ghs|ghr|github_pat)_[a-zA-Z0-9_]{36,255})""",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

False Positives: In addition to matching existing token patterns, the new github-token regex will also match new patterns that include underscores, which could lead to false positives.

For example, it might incorrectly match strings like ghp_1234567890abcdef1234567890abcdef1234_extra or ghp_12345_67890_abcdef_12345_67890_abcdef, which may not be valid tokens.

@gr8nishan gr8nishan merged commit 7680e56 into daxa-ai:main Sep 2, 2024
16 checks passed
@gr8nishan gr8nishan deleted the github_token_range_change branch September 2, 2024 04:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dristysrivastava dristysrivastava dristysrivastava approved these changes

@Raj725 Raj725 Raj725 left review comments

@srics srics Awaiting requested review from srics

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gr8nishan @Raj725 @dristysrivastava