Describe the bug

I copied the OpenAI API Key rule into my pattern set for testing and generated some real keys to test it against and it didn't pick up any of the real keys.

To Reproduce

Generate each of the types of OpenAI keys and run gitleaks against it:

• Project User Key
• Project Service Account Key
• Legacy User Key

I also added some decently convening looking keys in my fake-leaks repo. Heh, GitHub push protection also agreed they looked pretty real and blocked them all when I tried to push them.

Expected behavior

The rule should detect all the keys.

Screenshots

N/A

Basic Info (please complete the following information):

• OS: Fedora 40

• Gitleaks Version: 8.18.2 but running the patterns off of master

Additional context

Here is a version I think, should catch stuff but might need some tuning. I haven't tried it in the wild yet:

https://github.com/leaktk/patterns/blob/d3e1c4ad7ce6bfc1f876f63bb4cbe339981eb0f6/patterns/gitleaks/8.18.2/98-general.toml#L461

Side Note: I notice a lot of things like (?:['|\"|\n|\r|\s|\x60|;]|$). I don't think that's doing what it's intending to do. I think folks are mixing up square brackets with parentheses in a lot of places in the patterns. Those should probably be something like: (?:[\'\"\s\x60;]|$) because:

• The original is looking for a set of single characters where pipe is one of them
• \s matches any whitespace character (equivalent to [\r\n\t\f\v ])

There's more places than ones matching the exact example above (e.g. (?:[\s|']|[\s|"]) -> (?:[\s\']|[\s\"]) and so on).

cc @zricethezav