From 4f2585e35c70384cfd833b1b8e27a2c253b67511 Mon Sep 17 00:00:00 2001
From: Mick Grove <mick.grove@mongodb.com>
Date: Wed, 25 Jun 2025 17:02:44 -0700
Subject: [PATCH] Added planetscal and postman rules

---
 data/rules/planetscale.yml           | 55 ++++++++++++++++++++++++++++
 data/rules/postman.yml               | 37 +++++++++++++++++++
 tests/{update.rs => smoke_update.rs} |  0
 3 files changed, 92 insertions(+)
 create mode 100644 data/rules/planetscale.yml
 create mode 100644 data/rules/postman.yml
 rename tests/{update.rs => smoke_update.rs} (100%)

diff --git a/data/rules/planetscale.yml b/data/rules/planetscale.yml
new file mode 100644
index 0000000..119957c
--- /dev/null
+++ b/data/rules/planetscale.yml
@@ -0,0 +1,55 @@
+rules:
+  - name: PlanetScale API Token
+    id: kingfisher.planetscale.1
+    pattern: |
+      (?x)
+      (?i)
+      \b
+      (
+        pscale_tkn_[a-z0-9-_]{43}
+      )
+      \b
+    min_entropy: 4
+    examples:
+      - pscale_tkn_abcdefghijklmnopqrstuvwxyZ1234567890_ABCDEF
+    validation:
+      type: Http
+      content:
+        request:
+          headers:
+            Accept: application/json
+            Authorization: '{{ USERNAME | append: ":" | append: TOKEN }}'
+          method: GET
+          response_matcher:
+            - report_response: true
+            - status:
+                - 200
+              type: StatusMatch
+            - type: WordMatch
+              words: 
+                - '"id":'
+                - '"username":'
+          url: https://api.planetscale.com/v1/user
+    depends_on_rule:
+      - rule_id: kingfisher.planetscale.2
+        variable: USERNAME
+
+  - name: PlanetScale Username
+    id: kingfisher.planetscale.2
+    pattern: |
+      (?x)
+      (?i)
+      (?:pscale|planetscale)
+      (?:.|[\n\r]){0,16}?
+      (?:USER|ID|NAME)
+      (?:.|[\n\r]){0,16}?
+      \b
+      (
+        [a-z0-9]{12}
+      )
+      \b
+    min_entropy: 3.5
+    visible: false
+    examples:
+      - pscale_user = abcdefghijkl
+      - 'planetscale_id: hgtmrnzlv1t7'
diff --git a/data/rules/postman.yml b/data/rules/postman.yml
new file mode 100644
index 0000000..707b4e2
--- /dev/null
+++ b/data/rules/postman.yml
@@ -0,0 +1,37 @@
+rules:
+  - name: Postman API Key
+    id: kingfisher.postman.1
+    pattern: |
+      (?x)
+      \b
+      (
+        PMAK-[A-Z0-9]{24}-[A-Z0-9]{34}
+      )
+      \b
+    min_entropy: 3.3
+    confidence: medium
+    examples:
+      - PMAK-5dd543842789bd0036bf98c1-a5a9b8f1dfda8fbf18a4664ebe558b04ed
+      - PMAK-642a58a823faa300316566d1-6715a3a826ce5d5d62be8539d6ac357146
+      - PMAK-642a9b9084d6110029e75d7d-09efdcb872587f6f67696f02929647d9c6
+      - "// ('x-api-key', 'PMAK-629c73facbc064567cbf6970-f56e8b4cd0bb14d00962f17afc158dc2a2')"
+    references:
+      - https://learning.postman.com/docs/developer/intro-api/
+      - https://learning.postman.com/docs/developer/postman-api/authentication/
+      - https://learning.postman.com/docs/administration/managing-your-team/managing-api-keys/
+    validation:
+      type: Http
+      content:
+        request:
+          headers:
+            x-api-key: '{{ TOKEN }}'
+          method: GET
+          response_matcher:
+            - report_response: true
+            - type: StatusMatch
+              status:
+                - 200
+            - type: WordMatch
+              words:
+                - '"user":'
+          url: https://api.getpostman.com/me
\ No newline at end of file
diff --git a/tests/update.rs b/tests/smoke_update.rs
similarity index 100%
rename from tests/update.rs
rename to tests/smoke_update.rs