fix: Catch multiple leak occurrences in same string

[diogosilva30]

Main change

• Allows to catch more than 1 leak in same string. Before only the first instance was being catch, and tests were also looking at this case. Tests were updated to cover these more complex cases.

Example:

from maskerlogger import mask_string
my_str="This is some confidential line, and the user password: mysuperSecretPassword and btw the user apiKey=AIzaSyabcdefghijklmnopqrstuvwxyz1234567"
# Output:
# This is some confidential line, and the user password: ********************* and btw the user apiKey=***************************************
# Before this change only the password would have been masked and not the ApiKey :(

• Removes the main masking logic from AbstractMaskedLogger and instead logic is placed into a independent function mask_string. This allow + flexible usage of the codebase. For example, in my use case I want to have access to this function to cleanup a string outside of logging context, but since logic is currently hidden inside AbstractMaskedLogger._mask_sensitive_data and the argument is a LogRecord we cannot use this logic for more generic cases. By abstracting away the logic to an independent mask_string method we can use this code base into other use-cases. Retro-compatibility is ensured by calling mask_string inside AbstractMaskedLogger._mask_sensitive_data.

Example use case:

from maskerlogger import mask_string
my_str= "Here I have a generic string with a potential leak. Password: mypasswordoops"
masked_my_str=mask_string(my_str)
# Done! My str was cleaned into a context that is not related to logging at all. Awesome library :) 

Additional

• Performs general code cleanup (more pythonic code, better type hints, code formatting, etc)
• Changes the rule generic-api-key to allow common chars that are used in passwords/api keys, and reduce minimum length to 8 instead of 10, as it's very common for passwords to have 8 as required minimum chars

[diogosilva30]

@nvuillam @tamar-ox @oxnick Please let me know if you find these changes useful and if something should be changed

[aviadlevy]

Hi @diogosilva30, thanks a lot for contributing, and apologies for the delayed response. this repository hasn’t been actively maintained for a while.

I'm currently working on formalizing the repo to streamline reviewing and merging future PRs. Since this PR includes a lot of refactoring and style changes, it’s a bit difficult to review and merge as is at the moment.

I suggest one of the following options:

• Wait until chore(release): 1.0.0 – add timeout-safe masking, Aho–Corasick prefilter, and modernize CI/docs #7 is merged, and then rebase/open a new PR on top of it
• Alternatively, I can incorporate your changes myself once the repo update is done

Let me know which option you’d prefer, and thanks again for your patience and contribution!

[diogosilva30]

@aviadlevy This has been a while, but I can give it a go at rebasing this MR against 1.0.0 release