From 5d9f79b0130977a984df8e4e31fdbd26f4d17de9 Mon Sep 17 00:00:00 2001
From: Taylor <tsmith.v11@gmail.com>
Date: Thu, 14 Nov 2024 22:06:53 -0800
Subject: [PATCH 1/4] context to artifactory

---
 detect_secrets/plugins/artifactory.py |  2 +-
 tests/plugins/artifactory_test.py     | 18 +++++++++---------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/detect_secrets/plugins/artifactory.py b/detect_secrets/plugins/artifactory.py
index d6c30eae1..f943ae34f 100644
--- a/detect_secrets/plugins/artifactory.py
+++ b/detect_secrets/plugins/artifactory.py
@@ -13,5 +13,5 @@ class ArtifactoryDetector(RegexBasedDetector):
         re.compile(r'(?:\s|=|:|"|^)AKC[a-zA-Z0-9]{10,200}(?:\s|"|$)'),
         # Artifactory encrypted passwords begin with AP[A-Z]
         # Password:
-        re.compile(r'(?<!AAAA[_\-\w]{7})(?:\s|=|:|"|^)AP[\dABCDEF][a-zA-Z0-9]{8,200}(?:\s|"|$)'),
+        re.compile(r'(?i:artif|jfrog|buildkit)(?:.{0,100}\n?){0,2}(?:\s|=|:|"|^)(AP[\dABCDEF][a-zA-Z0-9]{8,200})(?:\s|"|$)'),
     ]
diff --git a/tests/plugins/artifactory_test.py b/tests/plugins/artifactory_test.py
index d12e895aa..803e9436e 100644
--- a/tests/plugins/artifactory_test.py
+++ b/tests/plugins/artifactory_test.py
@@ -8,18 +8,18 @@ class TestArtifactoryDetector:
     @pytest.mark.parametrize(
         'payload, should_flag',
         [
-            ('AP6xxxxxxxxxx', True),
-            ('AP2xxxxxxxxxx', True),
-            ('AP3xxxxxxxxxx', True),
-            ('AP5xxxxxxxxxx', True),
-            ('APAxxxxxxxxxx', True),
-            ('APBxxxxxxxxxx', True),
+            ('artifactory = AP6xxxxxxxxxx', True),
+            ('artif \n key=AP2xxxxxxxxxx', True),
+            ('jfrog      AP3xxxxxxxxxx', True),
+            ('jfrog AP5xxxxxxxxxx', True),
+            ('jfrog APAxxxxxxxxxx', True),
+            ('jfrog APBxxxxxxxxxx', True),
             ('AKCxxxxxxxxxx', True),
-            (' AP6xxxxxxxxxx', True),
+            ('jfrog_secret=AP6xxxxxxxxxx', True),
             (' AKCxxxxxxxxxx', True),
-            ('=AP6xxxxxxxxxx', True),
+            ('artifactory_secret=AP6xxxxxxxxxx', True),
             ('=AKCxxxxxxxxxx', True),
-            ('\"AP6xxxxxxxxxx\"', True),
+            ('artif \"AP6xxxxxxxxxx\"', True),
             ('\"AKCxxxxxxxxxx\"', True),
             ('artif-key:AP6xxxxxxxxxx', True),
             ('artif-key:AKCxxxxxxxxxx', True),

From 5a7779d4ecc28a40e9cf9973130570a38ad4bcc3 Mon Sep 17 00:00:00 2001
From: Taylor <28880387+tsmithv11@users.noreply.github.com>
Date: Thu, 14 Nov 2024 22:10:24 -0800
Subject: [PATCH 2/4] note

---
 detect_secrets/plugins/artifactory.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/detect_secrets/plugins/artifactory.py b/detect_secrets/plugins/artifactory.py
index f943ae34f..e6eba4b62 100644
--- a/detect_secrets/plugins/artifactory.py
+++ b/detect_secrets/plugins/artifactory.py
@@ -12,6 +12,6 @@ class ArtifactoryDetector(RegexBasedDetector):
         # API token:
         re.compile(r'(?:\s|=|:|"|^)AKC[a-zA-Z0-9]{10,200}(?:\s|"|$)'),
         # Artifactory encrypted passwords begin with AP[A-Z]
-        # Password:
+        # Keyword with Password:
         re.compile(r'(?i:artif|jfrog|buildkit)(?:.{0,100}\n?){0,2}(?:\s|=|:|"|^)(AP[\dABCDEF][a-zA-Z0-9]{8,200})(?:\s|"|$)'),
     ]

From 26448c926b2c1571239018f2be7b47dea10eaee1 Mon Sep 17 00:00:00 2001
From: Taylor <tsmith.v11@gmail.com>
Date: Thu, 14 Nov 2024 22:18:04 -0800
Subject: [PATCH 3/4] Add back negative

---
 detect_secrets/plugins/artifactory.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/detect_secrets/plugins/artifactory.py b/detect_secrets/plugins/artifactory.py
index f943ae34f..21b591d92 100644
--- a/detect_secrets/plugins/artifactory.py
+++ b/detect_secrets/plugins/artifactory.py
@@ -13,5 +13,5 @@ class ArtifactoryDetector(RegexBasedDetector):
         re.compile(r'(?:\s|=|:|"|^)AKC[a-zA-Z0-9]{10,200}(?:\s|"|$)'),
         # Artifactory encrypted passwords begin with AP[A-Z]
         # Password:
-        re.compile(r'(?i:artif|jfrog|buildkit)(?:.{0,100}\n?){0,2}(?:\s|=|:|"|^)(AP[\dABCDEF][a-zA-Z0-9]{8,200})(?:\s|"|$)'),
+        re.compile(r'(?<!AAAA[_\-\w]{7})(?i:artif|jfrog|buildkit)(?:.{0,100}\n?){0,2}(?:\s|=|:|"|^)(AP[\dABCDEF][a-zA-Z0-9]{8,200})(?:\s|"|$)'),
     ]

From 6dbddd054b8671bf041ac161a8e1402ccced2ea8 Mon Sep 17 00:00:00 2001
From: Taylor <tsmith.v11@gmail.com>
Date: Sun, 17 Nov 2024 23:17:09 -0800
Subject: [PATCH 4/4] Add another test

---
 tests/plugins/artifactory_test.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/plugins/artifactory_test.py b/tests/plugins/artifactory_test.py
index 803e9436e..fea1b8184 100644
--- a/tests/plugins/artifactory_test.py
+++ b/tests/plugins/artifactory_test.py
@@ -9,6 +9,7 @@ class TestArtifactoryDetector:
         'payload, should_flag',
         [
             ('artifactory = AP6xxxxxxxxxx', True),
+            ('artifactory = ap6xxxxxxxxxx', False),
             ('artif \n key=AP2xxxxxxxxxx', True),
             ('jfrog      AP3xxxxxxxxxx', True),
             ('jfrog AP5xxxxxxxxxx', True),