feat(history): filter out various environment variables containing potential secrets (#2174)

author: David <drmorr@appliedcomputing.io> 2024-06-20 08:50:29 -0700
committer: GitHub <noreply@github.com> 2024-06-20 16:50:29 +0100
commit: b06b7b509a454656d92196c8a58071e4f0d76e09 (patch)
tree: 67ec2463a68b8d13461d85fb28657c6869d101f6
parent: 12738895ffaae09a38b54fc209e3dcaecd6607ec (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/crates/atuin-client/src/secrets.rs b/crates/atuin-client/src/secrets.rs
index 21f015cd5..c6a8e40ec 100644
--- a/crates/atuin-client/src/secrets.rs
+++ b/crates/atuin-client/src/secrets.rs
@@ -8,6 +8,26 @@ pub static SECRET_PATTERNS: &[(&str, &str, &str)] = &[
         "AKIAIOSFODNN7EXAMPLE",
     ),
     (
+        "AWS secret access key env var",
+        "AWS_ACCESS_KEY_ID",
+        "export AWS_ACCESS_KEY_ID=KEYDATA",
+    ),
+    (
+        "AWS secret access key env var",
+        "AWS_ACCESS_KEY_ID",
+        "export AWS_ACCESS_KEY_ID=KEYDATA",
+    ),
+    (
+        "Microsoft Azure secret access key env var",
+        "AZURE_.*_KEY",
+        "export AZURE_STORAGE_ACCOUNT_KEY=KEYDATA",
+    ),
+    (
+        "Google cloud platform key env var",
+        "GOOGLE_SERVICE_ACCOUNT_KEY",
+        "export GOOGLE_SERVICE_ACCOUNT_KEY=KEYDATA",
+    ),
+    (
         "Atuin login",
         r"atuin\s+login",
         "atuin login -u mycoolusername -p mycoolpassword -k \"lots of random words\"",
author	David <drmorr@appliedcomputing.io>	2024-06-20 08:50:29 -0700
committer	GitHub <noreply@github.com>	2024-06-20 16:50:29 +0100
commit	b06b7b509a454656d92196c8a58071e4f0d76e09 (patch)
tree	67ec2463a68b8d13461d85fb28657c6869d101f6
parent	12738895ffaae09a38b54fc209e3dcaecd6607ec (diff)