From 2ca40c1ad89a56ef201b40d4ad4acd2362c0de0d Mon Sep 17 00:00:00 2001 From: Mick Grove Date: Sun, 19 Apr 2026 20:04:28 -0700 Subject: [PATCH] performance improvements and rule improvements --- crates/kingfisher-rules/data/rules/anthropic.yml | 2 +- crates/kingfisher-rules/data/rules/calcom.yml | 2 +- crates/kingfisher-rules/data/rules/courier.yml | 4 ++-- crates/kingfisher-rules/data/rules/crossmint.yml | 2 +- crates/kingfisher-rules/data/rules/duo.yml | 4 ++-- crates/kingfisher-rules/data/rules/flagsmith.yml | 8 ++++---- crates/kingfisher-rules/data/rules/pinata.yml | 2 +- testdata/parsers/scan_findings_baseline.json | 8 ++++++++ 8 files changed, 20 insertions(+), 12 deletions(-) diff --git a/crates/kingfisher-rules/data/rules/anthropic.yml b/crates/kingfisher-rules/data/rules/anthropic.yml index 06b549e..75627a1 100644 --- a/crates/kingfisher-rules/data/rules/anthropic.yml +++ b/crates/kingfisher-rules/data/rules/anthropic.yml @@ -65,7 +65,7 @@ rules: min_entropy: 3.5 confidence: medium examples: - - sk-ant-admin03-4mB9zY2Qx8LmN7pR5sT1uV6wX0aBcDeFgHiJkLmNoPqRsTuVwXyZ1234 + - sk-ant-admin03-4mB9zY2Qx8LmN7pR5sT1uV6wX0aBcDeFgHiJkLmNoPqRsTuVwXyZ1234AbC5dEf6GhI7jKl8MnO9pQr0StU1vWxYzABCDEFGHIJKL - sk-ant-admin01-MSLxH1vwJBWWIwDTzFro0xQrkN1dWoHo-6E9qdBHiJDCx5076IoxCH_L-sritH-zkJw2tx6igyKCh5AFgKJYYw-NjbNkAAA references: - https://docs.anthropic.com/en/api/administration-api diff --git a/crates/kingfisher-rules/data/rules/calcom.yml b/crates/kingfisher-rules/data/rules/calcom.yml index 3efe9ec..523ff5f 100644 --- a/crates/kingfisher-rules/data/rules/calcom.yml +++ b/crates/kingfisher-rules/data/rules/calcom.yml @@ -14,7 +14,7 @@ rules: confidence: medium examples: - 'CAL_API_KEY=cal_live_f1ec52a0b268e00fe30b63e96115c8df' - - 'Authorization: Bearer cal_live_xK8m2LpQr5nW0vYz3cJ7aB4dE6fG8h' + - 'Authorization: Bearer cal_live_xK8m2LpQr5nW0vYz3cJ7aB4dE6fG8hJk' references: - https://cal.com/docs/api-reference/v2/introduction validation: diff --git a/crates/kingfisher-rules/data/rules/courier.yml b/crates/kingfisher-rules/data/rules/courier.yml index 4b3818d..72f8565 100644 --- a/crates/kingfisher-rules/data/rules/courier.yml +++ b/crates/kingfisher-rules/data/rules/courier.yml @@ -17,8 +17,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - 'COURIER_API_KEY=pk_prod_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6' - - 'COURIER_AUTH_TOKEN="dk_test_xK8m2LpQr5nW0vYz3cJ7aB4dE6fG8h"' + - 'COURIER_API_KEY=pk_prod_a1b2c3d4e5f6g7h8i9j0k1l2' + - 'COURIER_AUTH_TOKEN="dk_test_xK8m2LpQr5nW0vYz3cJ7aB4d"' references: - https://www.courier.com/docs/platform/workspaces/environments-api-keys validation: diff --git a/crates/kingfisher-rules/data/rules/crossmint.yml b/crates/kingfisher-rules/data/rules/crossmint.yml index d239909..7392395 100644 --- a/crates/kingfisher-rules/data/rules/crossmint.yml +++ b/crates/kingfisher-rules/data/rules/crossmint.yml @@ -16,7 +16,7 @@ rules: confidence: medium examples: - 'CROSSMINT_SECRET_KEY=sk_production_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6' - - 'x-api-key: sk_staging_xK8m2LpQr5nW0vYz3cJ7aB4dE6fG8h' + - 'crossmint x-api-key: sk_staging_xK8m2LpQr5nW0vYz3cJ7aB4dE6fG8h' references: - https://docs.crossmint.com/introduction/platform/api-keys validation: diff --git a/crates/kingfisher-rules/data/rules/duo.yml b/crates/kingfisher-rules/data/rules/duo.yml index 8391b6f..4da7373 100644 --- a/crates/kingfisher-rules/data/rules/duo.yml +++ b/crates/kingfisher-rules/data/rules/duo.yml @@ -21,8 +21,8 @@ rules: confidence: medium visible: false examples: - - "duo\nintegration_key=AMTRZFKBPWH3QNGLVWCY" - - "duo\nikey = 'BNUSGLLCQXI4RNHMWXDZ'" + - "duo\nintegration_key=AMTRZFKBPWH3QNGL7WCY" + - "duo\nikey = 'BNUSGLLCQXI4RNHMWX2Z'" references: - https://duo.com/docs/authapi diff --git a/crates/kingfisher-rules/data/rules/flagsmith.yml b/crates/kingfisher-rules/data/rules/flagsmith.yml index edfe074..15a51bc 100644 --- a/crates/kingfisher-rules/data/rules/flagsmith.yml +++ b/crates/kingfisher-rules/data/rules/flagsmith.yml @@ -19,8 +19,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - 'FLAGSMITH_ORGANISATION_API_KEY=dVoSZFo3.3c5qN55mA1XdLZnTO2moz5Ud1Qwo18Ie' - - 'flagsmith terraform master_api_key = 7SoNiIyO.L6eehZzlmE32iuEPZjdkXskw711I3FLz' + - 'FLAGSMITH_API_KEY=dVoSZFo3.3c5qN55mA1XdLZnTO2moz5Ud1Qwo18Ie' + - 'flagsmith api_key=7SoNiIyO.L6eehZzlmE32iuEPZjdkXskw711I3FLz' - 'flagsmith api token: zfR3T3VI.GLEC5p3cggDGTDhOwTdNwuYxxqmSMuoA' references: - https://docs.flagsmith.com/integrating-with-flagsmith/flagsmith-api-overview/admin-api/authentication @@ -56,8 +56,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - 'FLAGSMITH_SERVER_SIDE_ENVIRONMENT_KEY=103edeabc2a901041329b22da61d09cf466cf733' - - 'flagsmith environment key: 65ea217e98f87d37152e4897896108e976bcf053' + - 'FLAGSMITH_ENV_KEY=103edeabc2a901041329b22da61d09cf466cf733' + - 'flagsmith env key: 65ea217e98f87d37152e4897896108e976bcf053' - 'flagsmith api token=62612be866d95626691158801ea28a10bc2bafab' references: - https://docs.flagsmith.com/integrating-with-flagsmith/flagsmith-api-overview/flags-api/authentication diff --git a/crates/kingfisher-rules/data/rules/pinata.yml b/crates/kingfisher-rules/data/rules/pinata.yml index ba20ec1..9e56207 100644 --- a/crates/kingfisher-rules/data/rules/pinata.yml +++ b/crates/kingfisher-rules/data/rules/pinata.yml @@ -89,7 +89,7 @@ rules: confidence: medium examples: - 'PINATA_JWT=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE4MDc5MTQxNjAsImF1dGhlbnRpY2F0aW9uVHlwZSI6InNjb3BlZEtleSIsInNjb3BlZEtleUtleSI6IjAxN2JiMzkyZGNmZTFmY2ZlMDA5Iiwic2NvcGVkS2V5U2VjcmV0IjoiYzljNzY2MzQ3MGZmZTZhMTFkMmU5ZWY2MDdiYTMyOTU0ZTRlYTNkYTdkN2U2NjI2NTBkMGViYThiY2MyODAxZiJ9.abcdefghijklmnopqrstuvwxyzABCDEF' - - 'API Secret: c9c7663470ffe6a11d2e9ef607ba32954e4ea3da7d7e662650d0eba8bcc2801f JWT: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE4MDc5MTQxNjAsImF1dGhlbnRpY2F0aW9uVHlwZSI6InNjb3BlZEtleSIsInNjb3BlZEtleUtleSI6IjAxN2JiMzkyZGNmZTFmY2ZlMDA5Iiwic2NvcGVkS2V5U2VjcmV0IjoiYzljNzY2MzQ3MGZmZTZhMTFkMmU5ZWY2MDdiYTMyOTU0ZTRlYTNkYTdkN2U2NjI2NTBkMGViYThiY2MyODAxZiJ9.abcdefghijklmnopqrstuvwxyzABCDEF' + - 'pinata JWT: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE4MDc5MTQxNjAsImF1dGhlbnRpY2F0aW9uVHlwZSI6InNjb3BlZEtleSIsInNjb3BlZEtleUtleSI6IjAxN2JiMzkyZGNmZTFmY2ZlMDA5Iiwic2NvcGVkS2V5U2VjcmV0IjoiYzljNzY2MzQ3MGZmZTZhMTFkMmU5ZWY2MDdiYTMyOTU0ZTRlYTNkYTdkN2U2NjI2NTBkMGViYThiY2MyODAxZiJ9.abcdefghijklmnopqrstuvwxyzABCDEF' references: - https://docs.pinata.cloud/account-management/api-keys - https://docs.pinata.cloud/api-reference/endpoint/ipfs/test-authentication diff --git a/testdata/parsers/scan_findings_baseline.json b/testdata/parsers/scan_findings_baseline.json index f10b56f..efe8e9d 100644 --- a/testdata/parsers/scan_findings_baseline.json +++ b/testdata/parsers/scan_findings_baseline.json @@ -11,6 +11,10 @@ "rule_id": "kingfisher.github.8", "snippet": "17df97169af3785f2c0b2a73dhba1c46f33928de" }, + { + "rule_id": "kingfisher.github.8", + "snippet": "88df97769ab3185f2c0b2a73fdae1b27d89409ca" + }, { "rule_id": "kingfisher.google.7", "snippet": "AIzaSyBUPHAjZl3n8Eza66ka6B78iVyPteC5MgM" @@ -146,5 +150,9 @@ { "rule_id": "kingfisher.stripe.2", "snippet": "sk_live_bu9JFVJtII3FINL1rOKcNpveXD4hSMtSDx7opOWDEFGHIJKLMNOPQRST" + }, + { + "rule_id": "kingfisher.twilio.2", + "snippet": "SK5d1d319A6Acf7EC9BDeDb8CCe4D76B" } ]