improved Jira support and fixed salesforce rule

2025-12-16 17:20:05 -08:00 · 2025-12-16 17:20:05 -08:00 · 9d76ebd46e
commit 9d76ebd46e
parent d155a33334
2 changed files with 10 additions and 12 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,7 +6,7 @@ All notable changes to this project will be documented in this file.
 - Added `--staged` argument to support new `pre-commit` behavior and added integration coverage to ensure validated secrets block commits when used as pre-commit hook
 - Added new rules for AWS Bedrock, Voyage.ai, Posthog, Atlassian
 - Added an embedded web-based report and access-map viewer via `kingfisher view` subcommand that can load JSON or JSONL reports passed on the CLI (or upload them in the browser) 
- Added a check for network connectivity via `online` crate before attempting validation.
+- Updated Jira create to gouqi, which supports Jira api v2 and v3

 ## [v1.69.0]
 - Reduced per-match memory usage by compacting stored source locations and interning repeated capture names.
--- a/data/rules/salesforce.yml
+++ b/data/rules/salesforce.yml
@ -49,21 +49,20 @@ rules:
    id: kingfisher.salesforce.2
    pattern: |
      (?xi)
-      \b
+      \b                     
      (?:https?://)?
      (
        [0-9A-Z-]{5,128}
      )
-      \\
+      \.
      my\.salesforce\.com
-      \b
+      \b    
    min_entropy: 2.5
    confidence: medium
    visible: false
    examples:
      - https://example123.my.salesforce.com
      - mydomainname.my.salesforce.com
-
  - name: Salesforce Consumer Key and Secret with Token URL
    id: kingfisher.salesforce.3
    pattern: |
@ -138,7 +137,6 @@ rules:
            <sendSecretInApis>true</sendSecretInApis>
            <tokenUrl>https://api.example.net/oauth/token</tokenUrl>
        </AuthProvider>
-
    validation:
      type: Http
      content:
@ -155,10 +153,10 @@ rules:
            - type: StatusMatch
              status: [400, 401, 403]
              negative: true
-            - type: JsonValid
            - type: WordMatch
-              words: ["access_token", "token_type"]
-              match_all_words: true
+              words: ["invalid_", "authentication failed"]
+              match_all_words: false
+              negative: true
  - name: Salesforce Consumer Key and Secret
    id: kingfisher.salesforce.4
    pattern: |
@ -240,7 +238,7 @@ rules:
            - type: StatusMatch
              status: [400, 401, 403]
              negative: true
-            - type: JsonValid
            - type: WordMatch
-              words: ["access_token", "token_type"]
-              match_all_words: true
+              words: ["invalid_", "authentication failed"]
+              match_all_words: false
+              negative: true