From 9b6dbf106ba65b5dcd2f00d03041374ffe71921c Mon Sep 17 00:00:00 2001
From: Mick Grove <mick.grove@mongodb.com>
Date: Mon, 2 Mar 2026 19:52:05 -0800
Subject: [PATCH] rules updated

---
 .gitignore                                   |  1 +
 crates/kingfisher-rules/data/rules/unkey.yml | 18 +++++++-----------
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/.gitignore b/.gitignore
index ac1e268..bc45667 100644
--- a/.gitignore
+++ b/.gitignore
@@ -58,6 +58,7 @@ Temporary Items
 # will have compiled files and executables
 debug/
 target/
+target-*/
 bin/
 .cargo-home/
 .rustup-home/
diff --git a/crates/kingfisher-rules/data/rules/unkey.yml b/crates/kingfisher-rules/data/rules/unkey.yml
index 24d80f2..acbe47d 100644
--- a/crates/kingfisher-rules/data/rules/unkey.yml
+++ b/crates/kingfisher-rules/data/rules/unkey.yml
@@ -47,12 +47,11 @@ rules:
     id: kingfisher.unkey.2
     pattern: |
       (?xi)
-      \b
-      (?:unkey)?
-      (?:.|[\n\r]){0,32}?
-      (?:API_KEY|KEY|SECRET|TOKEN)?
-      (?:.|[\n\r]){0,16}?
-      \b
+      (?:
+        UNKEY(?:_API)?_KEY \s* [=:] \s*
+        | x-api-key \s* : \s*
+        | Authorization \s* : \s* Bearer \s+
+      )
       (
         key_[A-Za-z0-9]{10,48}
       )
@@ -92,12 +91,9 @@ rules:
     id: kingfisher.unkey.3
     pattern: |
       (?xi)
-      \b
       unkey
-      (?:.|[\n\r]){0,32}?
-      (?:SECRET|PLAINTEXT|KEY|CREATE)
-      (?:.|[\n\r]){0,32}?
-      [=:\s]+
+      (?:_(?:secret|plaintext|key|create)){1,3}
+      \s* [=:] \s*
       ['"]?
       (?P<secret>[A-Za-z0-9]{20,48})
       ['"]?