From b06b7b509a454656d92196c8a58071e4f0d76e09 Mon Sep 17 00:00:00 2001
From: David <drmorr@appliedcomputing.io>
Date: Thu, 20 Jun 2024 08:50:29 -0700
Subject: [PATCH] feat(history): filter out various environment variables
 containing potential secrets (#2174)

---
 crates/atuin-client/src/secrets.rs | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/crates/atuin-client/src/secrets.rs b/crates/atuin-client/src/secrets.rs
index 21f015cd..c6a8e40e 100644
--- a/crates/atuin-client/src/secrets.rs
+++ b/crates/atuin-client/src/secrets.rs
@@ -7,6 +7,26 @@ pub static SECRET_PATTERNS: &[(&str, &str, &str)] = &[
         "AKIA[0-9A-Z]{16}",
         "AKIAIOSFODNN7EXAMPLE",
     ),
+    (
+        "AWS secret access key env var",
+        "AWS_ACCESS_KEY_ID",
+        "export AWS_ACCESS_KEY_ID=KEYDATA",
+    ),
+    (
+        "AWS secret access key env var",
+        "AWS_ACCESS_KEY_ID",
+        "export AWS_ACCESS_KEY_ID=KEYDATA",
+    ),
+    (
+        "Microsoft Azure secret access key env var",
+        "AZURE_.*_KEY",
+        "export AZURE_STORAGE_ACCOUNT_KEY=KEYDATA",
+    ),
+    (
+        "Google cloud platform key env var",
+        "GOOGLE_SERVICE_ACCOUNT_KEY",
+        "export GOOGLE_SERVICE_ACCOUNT_KEY=KEYDATA",
+    ),
     (
         "Atuin login",
         r"atuin\s+login",