Richard Gomez

FYI @ahrav @dustin-decker

Wouldn't the API call still be necessary? A genuine key does not necessarily equate to a *valid* key (e.g., revocation.)

> As suggested on slack I have run the commands mentioned here and cannot see any errors https://github.com/trufflesecurity/trufflehog/issues/2620#issuecomment-2032727625 The lack of those print statements mean that it's not being picked...

The JIRA email is slightly different because it's checking the length of the split and not the match groups. I don't really understand it's purpose, though. https://github.com/trufflesecurity/trufflehog/blob/d1a29f74a900d5586a7d0af828107a37eab66ad0/pkg/detectors/jiratoken/v1/jiratoken.go#L56-L59

That still has the problem of silently ignoring legitimate errors. I believe that logic errors should explicitly fail, rather than quietly continuing.

Some patterns are precise and don't have any capture groups, so you'd only have one match (the entire matching string). > A single index error on a detector shouldn't cause...

> For me to feel comfortable merging this blanket removal would require a test that ensures we would not get an index out of range error. Ideally, each detector would...

It couldn't hurt given #2354. I think this specific error is caused by the configured `max_mem` for re2 being smaller than the TruffleHog's maximum diff size. https://github.com/trufflesecurity/trufflehog/blob/2888f8cdfcb1b70f1814dc223d17d45fc4eebb20/pkg/gitparse/gitparse.go#L27-L28

This seems like the exact opposite of #2639, unless I'm missing something. 🤔

Unfortunately, the Go team seems to lock resolved issues, otherwise I would seek clarification about that suggestion. Is this a known issue? Is there an obvious solution? Idk.