build: support either stdlib or 3rd-party regexp (#1706)

cmd/generate/config/base/config.go

@@ -4,9 +4,8 @@ import (
 	"fmt"
 	"strings"
 
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func CreateGlobalConfig() config.Config {

cmd/generate/config/rules/1password.go

@@ -1,11 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 // https://developer.1password.com/docs/service-accounts/security/?token-example=encoded

cmd/generate/config/rules/age.go

@@ -1,10 +1,9 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func AgeSecretKey() *config.Rule {

cmd/generate/config/rules/aws.go

@@ -1,11 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func AWS() *config.Rule {

cmd/generate/config/rules/azure.go

@@ -3,12 +3,10 @@ package rules
 import (
 	"fmt"
 
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 // References:

cmd/generate/config/rules/clojars.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func Clojars() *config.Rule {

cmd/generate/config/rules/curl.go

@@ -2,10 +2,10 @@ package rules
 
 import (
 	"fmt"
-	regexp "github.com/wasilibs/go-re2"
 
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 // https://curl.se/docs/manpage.html#-u

cmd/generate/config/rules/doppler.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func Doppler() *config.Rule {

cmd/generate/config/rules/duffel.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func Duffel() *config.Rule {

cmd/generate/config/rules/dynatrace.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func Dynatrace() *config.Rule {

cmd/generate/config/rules/easypost.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func EasyPost() *config.Rule {

cmd/generate/config/rules/flutterwave.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func FlutterwavePublicKey() *config.Rule {

cmd/generate/config/rules/frameio.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func FrameIO() *config.Rule {

cmd/generate/config/rules/freemius.go

@@ -1,10 +1,9 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func Freemius() *config.Rule {

cmd/generate/config/rules/gcp.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 // TODO this one could probably use some work

cmd/generate/config/rules/generic.go

@@ -1,11 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func GenericCredential() *config.Rule {

cmd/generate/config/rules/github.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 var githubAllowlist = []config.Allowlist{

cmd/generate/config/rules/gitlab.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 // overview with all GitLab tokens:

cmd/generate/config/rules/harness.go

@@ -1,13 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func HarnessApiKey() *config.Rule {

cmd/generate/config/rules/hashicorp.go

@@ -3,12 +3,10 @@ package rules
 import (
 	"fmt"
 
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func HashiCorpTerraform() *config.Rule {

cmd/generate/config/rules/hashicorp_vault.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func VaultServiceToken() *config.Rule {

cmd/generate/config/rules/jwt.go

@@ -4,10 +4,10 @@ import (
 	b64 "encoding/base64"
 	"fmt"
 
-	regexp "github.com/wasilibs/go-re2"
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func JWT() *config.Rule {

cmd/generate/config/rules/kubernetes.go

@@ -3,11 +3,9 @@ package rules
 import (
 	"fmt"
 
-	regexp "github.com/wasilibs/go-re2"
-
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 // KubernetesSecret validates if we detected a kubernetes secret which contains data!

cmd/generate/config/rules/linear.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func LinearAPIToken() *config.Rule {

cmd/generate/config/rules/nuget.go

@@ -1,11 +1,9 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func NugetConfigPassword() *config.Rule {

cmd/generate/config/rules/openshift.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 // OpenShift 4 user tokens are prefixed with `sha256~`.

cmd/generate/config/rules/privatekey.go

@@ -1,10 +1,9 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func PrivateKey() *config.Rule {

cmd/generate/config/rules/pypi.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func PyPiUploadToken() *config.Rule {

cmd/generate/config/rules/sentry.go

@@ -2,11 +2,11 @@ package rules
 
 import (
 	"encoding/base64"
-	regexp "github.com/wasilibs/go-re2"
 
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func SentryAccessToken() *config.Rule {

cmd/generate/config/rules/shopify.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func ShopifySharedSecret() *config.Rule {

cmd/generate/config/rules/sidekiq.go

@@ -1,11 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func SidekiqSecret() *config.Rule {

cmd/generate/config/rules/slack.go

@@ -2,12 +2,11 @@ package rules
 
 import (
 	"fmt"
-	regexp "github.com/wasilibs/go-re2"
 
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 // https://api.slack.com/authentication/token-types#bot

cmd/generate/config/rules/teams.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func TeamsWebhook() *config.Rule {

cmd/generate/config/rules/twilio.go

@@ -1,12 +1,10 @@
 package rules
 
 import (
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
-	"github.com/zricethezav/gitleaks/v8/config"
-
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func Twilio() *config.Rule {

cmd/generate/config/utils/generate.go

@@ -8,7 +8,7 @@ import (
 	"fmt"
 	"strings"
 
-	regexp "github.com/wasilibs/go-re2"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 const (

cmd/root.go

@@ -16,6 +16,7 @@ import (
 	"github.com/zricethezav/gitleaks/v8/config"
 	"github.com/zricethezav/gitleaks/v8/detect"
 	"github.com/zricethezav/gitleaks/v8/logging"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 	"github.com/zricethezav/gitleaks/v8/report"
 )
 
@@ -110,6 +111,8 @@ func initConfig(source string) {
 		_, _ = fmt.Fprint(os.Stderr, banner)
 	}
 
+	logging.Debug().Msgf("using %s regex engine", regexp.Version)
+
 	cfgPath, err := rootCmd.Flags().GetString("config")
 	if err != nil {
 		logging.Fatal().Msg(err.Error())

config/allowlist.go

@@ -4,8 +4,9 @@ import (
 	"fmt"
 	"strings"
 
-	regexp "github.com/wasilibs/go-re2"
 	"golang.org/x/exp/maps"
+
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 type AllowlistMatchCondition int

config/allowlist_test.go

@@ -7,7 +7,8 @@ import (
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/stretchr/testify/assert"
-	regexp "github.com/wasilibs/go-re2"
+
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func TestCommitAllowed(t *testing.T) {

config/config.go

@@ -7,9 +7,9 @@ import (
 	"strings"
 
 	"github.com/spf13/viper"
-	regexp "github.com/wasilibs/go-re2"
 
 	"github.com/zricethezav/gitleaks/v8/logging"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 //go:embed gitleaks.toml

config/config_test.go

@@ -5,11 +5,11 @@ import (
 	"testing"
 
 	"github.com/google/go-cmp/cmp"
-	regexp "github.com/wasilibs/go-re2"
-
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 const configPath = "../testdata/config/"

config/rule.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"strings"
 
-	regexp "github.com/wasilibs/go-re2"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 // Rules contain information that define details on how to detect secrets

config/utils.go

@@ -1,7 +1,7 @@
 package config
 
 import (
-	regexp "github.com/wasilibs/go-re2"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 )
 
 func anyRegexMatch(f string, res []*regexp.Regexp) bool {

detect/detect.go

@@ -5,13 +5,13 @@ import (
 	"context"
 	"fmt"
 	"os"
-	"regexp"
 	"strings"
 	"sync"
 	"sync/atomic"
 
 	"github.com/zricethezav/gitleaks/v8/config"
 	"github.com/zricethezav/gitleaks/v8/logging"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 	"github.com/zricethezav/gitleaks/v8/report"
 
 	ahocorasick "github.com/BobuSumisu/aho-corasick"

detect/detect_test.go

@@ -12,10 +12,10 @@ import (
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	regexp "github.com/wasilibs/go-re2"
 
 	"github.com/zricethezav/gitleaks/v8/cmd/scm"
 	"github.com/zricethezav/gitleaks/v8/config"
+	"github.com/zricethezav/gitleaks/v8/regexp"
 	"github.com/zricethezav/gitleaks/v8/report"
 	"github.com/zricethezav/gitleaks/v8/sources"
 )

logging/log.go

@@ -6,8 +6,6 @@ import (
 	"github.com/rs/zerolog"
 )
 
-// TODO: Should this be a pointer?
-// https://github.com/rs/zerolog/issues/1
 var Logger zerolog.Logger
 
 func init() {

regexp/stdlib_regex.go

@@ -0,0 +1,15 @@
+//go:build stdregex
+
+package regexp
+
+import (
+	re "regexp"
+)
+
+const Version = "stdlib"
+
+type Regexp = re.Regexp
+
+func MustCompile(str string) *re.Regexp {
+	return re.MustCompile(str)
+}

regexp/wasilibs_regex.go

@@ -0,0 +1,15 @@
+//go:build !stdregex
+
+package regexp
+
+import (
+	re "github.com/wasilibs/go-re2"
+)
+
+const Version = "github.com/wasilibs/go-re2"
+
+type Regexp = re.Regexp
+
+func MustCompile(str string) *re.Regexp {
+	return re.MustCompile(str)
+}