@@ -19,21 +19,25 @@ class IPPublicDetector(RegexBasedDetector):
1919 secret_type = 'Public IP (ipv4)'
2020
2121 denylist_ipv4_address = r"""
22- (?<!\.) # Negative lookbehind: Ensures no preceding dot
23- \b # Word boundary: Start of a word
24- (?! # Negative lookahead: Ensures the following pattern doesn't match
25- 192\.168\. # Exclude "192.168."
26- |127\. # Exclude "127."
27- |10\. # Exclude "10."
28- |172\.(?:1[6-9]|2[0-9]|3[01]) # Exclude "172." with specific ranges
29- )
30- (?: # Non-capturing group for octets
31- (?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\. # Match numbers 0-255 followed by dot
32- ){3} # Repeat for three octets
33- (?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?) # Match final octet (0-255)
34- (?::\d{1,5})? # Optional non-capturing group for port number (0-99999)
35- \b # Word boundary: End of a word
36- (?!\.) # Negative lookahead: Ensures no following dot
22+ (?<![\w.]) # Negative lookbehind: Ensures no preceding word character or dot
23+ ( # Start of the main capturing group
24+ (?! # Negative lookahead: Ensures the following pattern doesn't match
25+ 192\.168\. # Exclude "192.168."
26+ |127\. # Exclude "127."
27+ |10\. # Exclude "10."
28+ |172\.(?:1[6-9]|2[0-9]|3[01]) # Exclude "172." with specific ranges
29+ )
30+ (?: # Non-capturing group for octets
31+ # Match numbers 0-255 followed by dot, properly handle leading zeros
32+ (?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.
33+ ){3} # Repeat for three octets
34+ # Match final octet (0-255), properly handle leading zeros
35+ (?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])
36+ (?: # Optional non-capturing group for port number
37+ :\d{1,5} # Match colon followed by 1 to 5 digits
38+ )?
39+ ) # End of the main capturing group
40+ (?![\w.]) # Negative lookahead: Ensures no following word character or dot
3741 """
3842
3943 denylist = [
0 commit comments