feat(history): filter out various environment variables containing potential secrets (#2174)

2025-01-22 14:18:59 +01:00 · 2024-06-20 08:50:29 -07:00 · 2024-06-20 08:50:29 -07:00 · b06b7b509a
commit b06b7b509a
parent 12738895ff
1 changed files with 20 additions and 0 deletions
--- a/crates/atuin-client/src/secrets.rs
+++ b/crates/atuin-client/src/secrets.rs
@ -7,6 +7,26 @@ pub static SECRET_PATTERNS: &[(&str, &str, &str)] = &[
        "AKIA[0-9A-Z]{16}",
        "AKIAIOSFODNN7EXAMPLE",
    ),
+    (
+        "AWS secret access key env var",
+        "AWS_ACCESS_KEY_ID",
+        "export AWS_ACCESS_KEY_ID=KEYDATA",
+    ),
+    (
+        "AWS secret access key env var",
+        "AWS_ACCESS_KEY_ID",
+        "export AWS_ACCESS_KEY_ID=KEYDATA",
+    ),
+    (
+        "Microsoft Azure secret access key env var",
+        "AZURE_.*_KEY",
+        "export AZURE_STORAGE_ACCOUNT_KEY=KEYDATA",
+    ),
+    (
+        "Google cloud platform key env var",
+        "GOOGLE_SERVICE_ACCOUNT_KEY",
+        "export GOOGLE_SERVICE_ACCOUNT_KEY=KEYDATA",
+    ),
    (
        "Atuin login",
        r"atuin\s+login",