From 5b2b81ed7e436da1b037d70bdf62fe7eb7953621 Mon Sep 17 00:00:00 2001 From: Luke Young Date: Fri, 30 Jan 2026 16:11:44 -0800 Subject: [PATCH] feat(dockerhub): add Organization Access Token pattern Signed-off-by: Luke Young --- data/rules/dockerhub.yml | 39 +++++++++++++++++++++++++++++++++++---- 1 file changed, 35 insertions(+), 4 deletions(-) diff --git a/data/rules/dockerhub.yml b/data/rules/dockerhub.yml index 45c740b..5e0be16 100644 --- a/data/rules/dockerhub.yml +++ b/data/rules/dockerhub.yml @@ -2,12 +2,12 @@ rules: - name: Docker Hub Personal Access Token id: kingfisher.dockerhub.1 pattern: | - (?xi) + (?x) \b ( - dckr_pat_[A-Z0-9_-]{27} + dckr_pat_[A-Za-z0-9_-]{27} ) - (?: $ | [^A-Z0-9_-] ) + (?: $ | [^A-Za-z0-9_-] ) pattern_requirements: min_digits: 2 min_entropy: 3.3 @@ -31,4 +31,35 @@ rules: - status: - 200 type: StatusMatch - url: https://hub.docker.com/v2/access-tokens?page_size=1 \ No newline at end of file + url: https://hub.docker.com/v2/access-tokens?page_size=1 + - name: Docker Hub Organization Access Token + id: kingfisher.dockerhub.2 + pattern: | + (?x) + \b + ( + dckr_oat_[A-Za-z0-9_-]{32} + ) + (?: $ | [^A-Za-z0-9_-] ) + pattern_requirements: + min_digits: 2 + min_entropy: 3.3 + confidence: medium + examples: + - docker login -u docker-test -p dckr_oat_7bA9zRt5-JqX3vP0l_MnY8sK2wE-dF6h + references: + - https://docs.docker.com/enterprise/security/access-tokens/ + validation: + type: Http + content: + request: + headers: + Authorization: Bearer {{ TOKEN }} + Accept: application/json + method: GET + response_matcher: + - report_response: true + - status: + - 200 + type: StatusMatch + url: https://hub.docker.com/v2/access-tokens?page_size=1