Skip to main content

Sobre o gerador de expressões regulares para padrões personalizados

Você pode definir seus próprios padrões personalizados para estender os recursos de secret scanning gerando uma ou mais expressões regulares para cada padrão, usando o gerador de expressões regulares.

Quem pode usar esse recurso?

Os Alertas de verificação de segredo para parceiros são executados automaticamente em repositórios públicos e pacotes npm públicos para notificar os provedores de serviço sobre os segredos vazados do GitHub.

As Alertas de verificação de segredo para usuários estão disponíveis gratuitamente para todos os repositórios públicos.. As organizações que usam o GitHub Enterprise Cloud com uma licença do GitHub Advanced Security também podem habilitar alertas de verificação de segredo para usuários em seus repositórios privados e internos. Para obter mais informações, confira "Sobre a verificação de segredo" e "Sobre a Segurança Avançada do GitHub".

Para obter informações sobre como é possível testar o GitHub Enterprise com o GitHub Advanced Security de forma gratuita, confira “Configurar uma versão de avaliação do GitHub Enterprise Cloud” e “Como configurar uma avaliação gratuita do GitHub Advanced Security” na documentação do GitHub Enterprise Cloud.

Note: The regular expression generator is in beta. Functionality and documentation are subject to change. The feature is available for enterprise accounts that use GitHub Advanced Security on GitHub Enterprise Cloud.

About the regular expression generator

Secret scanning scans repositories for a predefined set of secrets from our partner program, as well as custom patterns that are user-defined. Custom patterns are formatted as regular expressions.

Regular expressions can be challenging for people to write. The regular expression generator makes it possible for you to define your custom patterns without knowledge of regular expressions. Within the existing custom pattern page, you can launch a generative AI experience where you input a text description of what pattern you would like to detect, include optional example strings that should be detected, and get matching regular expressions in return.

Input processing

Users input a text description of what they would like to detect, and optional example strings that should be detected.

Response generation and output formatting

The regular expression generator uses GPT-3.5-Turbo and the GitHub Copilot API to generate regular expressions that match your input.

The model returns up to three regular expressions for you to review. You can click on the regular expression to get an AI-generated plain language description of the regular expression.

Some results may be quite similar, and some results may not find every instance of the secret that the pattern is intended to detect. It is also possible that the regular expression generator may produce results which are invalid or inappropriate.

When you click Use result on a regular expression, the expression and any examples inputted will be copied over to the main custom pattern form. There, you can perform a dry run of the pattern to see how it performs across your repository or organization.

Improving performance for the regular expression generator

To enhance performance and address some of the limitations of the regular expression generator, there are various measures that you can adopt. For more information on the limitations of the regular expression generator, see "Limitations of the regular expression generator."

Use the regular expression generator as a tool, not a replacement

While the regular expression generator is a powerful tool to create custom patterns without you having to write regular expressions yourself, it is important to use it as a tool rather than a replacement for manual input. You should carefully validate the performance of the results by performing a dry run across your organization or repository. It's a good idea to run the pattern on a repository (or repositories) that are representative of the repositories in your organization. In some cases, it may be beneficial to modify a generated regular expression to more fully meet your needs. You remain ultimately responsible for any custom patterns you decide to use.

Provide feedback

The regular expression generator is currently in beta. If you encounter any issues or limitations with the regular expression generator, we recommend that you provide feedback through the Give feedback button at the top of the generator, in the UI. This can help the developers to improve the tool and address any concerns or limitations.

Limitations of the regular expression generator

Depending on factors such as your input description and examples, you may experience different levels of performance when using the regular expression generator. You need to be as specific as possible with your description, and provide different types of examples of tokens that match your pattern, to be sure that the regular expression encompasses all the patterns you want secret scanning to search for.

Also, the model used by the regular expression generator has been trained on natural language content written predominantly in English. As a result, you may notice differing performance when providing the generator with natural language input prompts in languages other than English.

Note that the regular expression generator is only suitable for creating regular expressions to detect structured patterns.

Further reading