[Fix] Square brackets bypass Issue #857

detect_secrets/filters/heuristic.py

@@ -197,7 +197,15 @@ def _get_indirect_reference_regex() -> Pattern:
     #       [^\v]*      ->  Something except line breaks
     #       [\]\)]      ->  End of indirect reference: ] or )
     #   )
-    return re.compile(r'([^\v=!:]*)\s*(:=?|[!=]{1,3})\s*([\w.-]+[\[\(][^\v]*[\]\)])')
+    return re.compile(
+        r'([^\v=!:"<%>]*)\s*(:=?|[!=]{1,3}|\|\|)\s*('
+        r'[\w.-]+[\[\(][^\v]*[\]\)]'    # Matches ENV[...] or similar references
+        r'|'
+        r'\'[^\']*\''                   # Matches single-quoted strings
+        r'|'
+        r'"[^"]*"'                      # Matches double-quoted strings
+        r')'
+    )
 
 
 def is_lock_file(filename: str) -> bool: