Extend keywords

.github/workflows/ci.yml

@@ -15,7 +15,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        python: ['3.6', '3.7', '3.8', '3.9']
+        python: ['3.7', '3.8', '3.9']
     steps:
     - uses: actions/checkout@v2
     - uses: actions/setup-python@v2

.github/workflows/pypi.yml

@@ -15,7 +15,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest]
-        python: ['3.6', '3.7', '3.8', '3.9']
+        python: ['3.7', '3.8', '3.9']
     steps:
     - uses: actions/checkout@v2
     - uses: actions/setup-python@v2

detect_secrets/plugins/keyword.py

@@ -55,6 +55,8 @@
     'key_?pass',
     'password',
     'passwd',
+    'token',
+    '_pass\\b',
     'pwd',
     'secret',
     'contraseña',

tests/plugins/keyword_test.py

@@ -23,7 +23,9 @@
     ("api_key: '{}'".format(WHITES_SECRET), WHITES_SECRET),
     ('aws_secret_access_key: {}'.format(WHITES_SECRET), WHITES_SECRET),
     ('db_pass: {},'.format(COMMON_SECRET), COMMON_SECRET),      # Last character is ignored
+    ('my_pass: {},'.format(COMMON_SECRET), COMMON_SECRET),      # Last character is ignored
     ('passwd: {}`'.format(COMMON_SECRET), COMMON_SECRET),       # Last character is ignored
+    ('token: {}`'.format(COMMON_SECRET), COMMON_SECRET),       # Last character is ignored
     ('private_key: {}"'.format(COMMON_SECRET), COMMON_SECRET),  # Last character is ignored
     ("secret: {}'".format(COMMON_SECRET), COMMON_SECRET),       # Last character is ignored
     ('secrete "{}";'.format(COMMON_SECRET), COMMON_SECRET),
@@ -54,6 +56,7 @@
     ('db_pass := {}'.format(COMMON_SECRET), COMMON_SECRET),
     ('db_pass_secure := {}'.format(COMMON_SECRET), COMMON_SECRET),  # Suffix
     ('passwd := {},'.format(COMMON_SECRET), COMMON_SECRET),         # Last character is ignored
+    ('token := {},'.format(COMMON_SECRET), COMMON_SECRET),         # Last character is ignored
     ("private_key := {}'".format(COMMON_SECRET), COMMON_SECRET),    # Last character is ignored
     ('secret := {}"'.format(COMMON_SECRET), COMMON_SECRET),         # Last character is ignored
     ('password := {}`'.format(COMMON_SECRET), COMMON_SECRET),       # Last character is ignored
@@ -93,6 +96,7 @@
     ('password = @"{}";'.format(COMMON_SECRET), COMMON_SECRET),
     ('my_password_secure = @"{}";'.format(COMMON_SECRET), COMMON_SECRET),   # Prefix/suffix
     ('secrete[] = "{}";'.format(COMMON_SECRET), COMMON_SECRET),
+    ('token = "{}";'.format(COMMON_SECRET), COMMON_SECRET),
     ('char secrete[25] = "{}";'.format(COMMON_SECRET), COMMON_SECRET),
     ('secrete = "{}"'.format(LETTER_SECRET), LETTER_SECRET),    # All symbols are allowed
     ('password = "{}"'.format(SYMBOL_SECRET), None),  # At least 1 alphanumeric char is required
@@ -111,6 +115,7 @@
 
 C_PLUS_PLUS_TEST_CASES = [
     ('apikey = "{}";'.format(COMMON_SECRET), COMMON_SECRET),
+    ('token = "{}";'.format(COMMON_SECRET), COMMON_SECRET),
     ('my_password_secure = "{}";'.format(COMMON_SECRET), COMMON_SECRET),  # Prefix and suffix
     ('password = {}'.format(COMMON_SECRET), None),  # Secret without quotes
     ('if (secret == "{}")'.format(COMMON_SECRET), COMMON_SECRET),   # Comparison
@@ -129,7 +134,9 @@
     ('api_key: `{}`'.format(COMMON_SECRET), COMMON_SECRET),
     ("aws_secret_access_key: '{}'".format(COMMON_SECRET), COMMON_SECRET),
     ("db_pass: '{}'".format(LETTER_SECRET), LETTER_SECRET),  # All symbols are allowed
+    ("my_pass: '{}',".format(COMMON_SECRET), COMMON_SECRET),      # Last character is ignored
     ("password: '{}'".format(SYMBOL_SECRET), None),  # At least 1 alphanumeric character is required
+    ("token: '{}'".format(COMMON_SECRET), COMMON_SECRET),
     ('if ("{}" == passwd) {{'.format(COMMON_SECRET), COMMON_SECRET),
     ('if ("{}" === private_key) {{'.format(COMMON_SECRET), COMMON_SECRET),
     ('if ("{}" === my_private_key) {{'.format(COMMON_SECRET), COMMON_SECRET),   # Prefix