Revert "feat: more accurately filter secret tokens" (#2961)

Reverts atuinsh/atuin#2932 Resolves #2960
author: Ellie Huxtable <ellie@atuin.sh> 2025-10-21 14:22:18 -0700
committer: GitHub <noreply@github.com> 2025-10-21 14:22:18 -0700
commit: 0042d189de104b9894444fee075cd99895c58cf9 (patch)
tree: a5cef49ebd2a7b5c60ec5998eba367610ac32caf /crates
parent: chore(deps): bump debian from bookworm-20250811-slim to bookworm-20250929-sli... (diff)
download: atuin-0042d189de104b9894444fee075cd99895c58cf9.zip
1 files changed, 6 insertions, 22 deletions
diff --git a/crates/atuin-client/src/secrets.rs b/crates/atuin-client/src/secrets.rs
index 100bcc50..25e8db9a 100644
--- a/crates/atuin-client/src/secrets.rs
+++ b/crates/atuin-client/src/secrets.rs
@@ -17,29 +17,18 @@ pub static SECRET_PATTERNS: &[(&str, &str, TestValue)] = &[
     ),
     (
         "AWS Secret Access Key env var",
-        "(?:[^A-Za-z0-9/+=])?([A-Za-z0-9/+=]{40})(?:[^A-Za-z0-9/+=])?",
-        TestValue::Multiple(&[
-            "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", // https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
-            "ABDRzve0QGx/U32PU9GrkNbmGiu+bz8jheThio/Y", // Found via github then tweaked
-            "lnKjhsGOXPK/MPFoW2tfi8BuD9AF5imhanhQ83EO", // Found via github then tweaked
-        ]),
+        "AWS_SECRET_ACCESS_KEY",
+        TestValue::Single("AWS_SECRET_ACCESS_KEY=KEYDATA"),
     ),
     (
         "AWS Session Token env var",
-        "[A-Za-z0-9/+=]{16,}\\.[A-Za-z0-9/+=]+\\.?[A-Za-z0-9/+=]*",
-        TestValue::Multiple(&[
-            "AAAAAAAAAAAAAAAA.BBBBBBBBBBBBBBB",
-            "AAAAAAAAAAAAAAAA.BBBBBBBBBBBBBBB.CCCCCCCCCCC",
-        ]),
+        "AWS_SESSION_TOKEN",
+        TestValue::Single("AWS_SESSION_TOKEN=KEYDATA"),
     ),
     (
         "Microsoft Azure secret access key env var",
-        "(?:sk-[A-Za-z0-9]{48,}|[A-Za-z0-9+/]{86}={2}|[A-Za-z0-9+/]{87}=|[A-Za-z0-9+/]{88})",
-        TestValue::Multiple(&[
-            "sk-123abc456def789ghi012jkl345mno678pqr901stu234vwx567yz890",
-            "fVdIqqLbQxOBxnfuNoV5DToz+tNLdcJ1jksmkv6Lc3wcCppaXBe25kZY/akpAPgd66zPvhA9Jey1SV6qiMY8bA==",
-            "Eby9vdM03xNOcqFlqUwJPLlmEtlCDXJ2OUzFT49uSRZ7IFsuFq1UVErCz5I5tq/K2SZFPTOtr/KBHBeksoGMGw==",
-        ]),
+        "AZURE_.*_KEY",
+        TestValue::Single("export AZURE_STORAGE_ACCOUNT_KEY=KEYDATA"),
     ),
     (
         "Google cloud platform key env var",
@@ -140,11 +129,6 @@ pub static SECRET_PATTERNS: &[(&str, &str, TestValue)] = &[
         "pul-[0-9a-f]{40}",
         TestValue::Single("pul-683c2770662c51d960d72ec27613be7653c5cb26"),
     ),
-    (
-        "Private keys",
-        "-----BEGIN PRIVATE KEY-----[A-Za-z0-9\\s+/=\\n-]+-----END PRIVATE KEY-----",
-        TestValue::Single("-----BEGIN PRIVATE KEY-----AAA-----END PRIVATE KEY-----"),
-    ),
 ];
 
 /// The `regex` expressions from [`SECRET_PATTERNS`] compiled into a `RegexSet`.
author	Ellie Huxtable <ellie@atuin.sh>	2025-10-21 14:22:18 -0700
committer	GitHub <noreply@github.com>	2025-10-21 14:22:18 -0700
commit	0042d189de104b9894444fee075cd99895c58cf9 (patch)
tree	a5cef49ebd2a7b5c60ec5998eba367610ac32caf /crates
parent	chore(deps): bump debian from bookworm-20250811-slim to bookworm-20250929-sli... (diff)
download	atuin-0042d189de104b9894444fee075cd99895c58cf9.zip