From b81194bcd364b672939ec22459e852cd992dd1c9 Mon Sep 17 00:00:00 2001
From: Luke Young <bored-engineer@users.noreply.github.com>
Date: Fri, 30 Jan 2026 20:57:55 -0800
Subject: [PATCH] fix(age): reduce allowed characters to bech32 alphabet

Signed-off-by: Luke Young <bored-engineer@users.noreply.github.com>
---
 data/rules/age.yml | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/data/rules/age.yml b/data/rules/age.yml
index e024a63..8267e0f 100644
--- a/data/rules/age.yml
+++ b/data/rules/age.yml
@@ -2,14 +2,13 @@ rules:
   - name: Age Recipient (X25519 public key)
     id: kingfisher.age.1
     pattern: |
-      (?xi)
+      (?x)
       (
-        age1[0-9a-z]{58}
+        age1[qpzry9x8gf2tvdw0s3jn54khce6mua7l]{58}
       )
       \b
     pattern_requirements:
       min_digits: 2
-      min_uppercase: 1
       min_lowercase: 1
     min_entropy: 3.3
     confidence: medium
@@ -23,9 +22,9 @@ rules:
   - name: Age Identity (X22519 secret key)
     id: kingfisher.age.2
     pattern: |
-      (?xi)
+      (?x)
       (
-        AGE-SECRET-KEY-1[0-9A-Z]{58}
+        AGE-SECRET-KEY-1[QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L]{58}
       )
     min_entropy: 3.3
     confidence: medium
@@ -40,4 +39,4 @@ rules:
       - https://htmlpreview.github.io/?https://github.com/FiloSottile/age/blob/main/doc/age.1.html
       - https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type
     categories:
-      - secret
\ No newline at end of file
+      - secret