added rule for Vercel

CHANGELOG.md

@@ -2,6 +2,9 @@
 
 All notable changes to this project will be documented in this file.
 
+## [1.41.0]
+- Added rules for: Vercel
+
 ## [1.40.0]
 - Dropped the “prevalidated” flag from rule definitions and validation logic so every finding now flows through the standard active/inactive/unknown pipeline, simplifying rule configuration and preventing special‑case bypasses
 - Improved Tailscale api key detectors

Cargo.toml

@@ -10,7 +10,7 @@ publish = false
 
 [package]
 name = "kingfisher"
-version = "1.40.0"
+version = "1.41.0"
 description = "MongoDB's blazingly fast secret scanning and validation tool"
 edition.workspace = true
 rust-version.workspace = true

data/rules/airbrake.yml

@@ -5,9 +5,7 @@ rules:
       (?xi)
       \b
       airbrake
-      (?:.|[\n\r]){0,16}?
-      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
-      (?:.|[\n\r]){0,16}?
+      (?:.|[\n\r]){0,32}?
       (
         [A-Z0-9-]{40}
       )

data/rules/aiven.yml

@@ -2,11 +2,10 @@ rules:
   - name: Aiven API Key
     id: kingfisher.aiven.1
     pattern: |
-      (?xi)                
+      (?xi)
+      \b              
       aiven
       (?:.|[\n\r]){0,32}?
-      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
-      (?:.|[\n\r]){0,32}?
       \b
       (
         [a-z0-9/+=]{372}      

data/rules/asana.yml

@@ -6,8 +6,6 @@ rules:
       \b                         
       asana
       (?:.|[\n\r]){0,32}?
-      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
-      (?:.|[\n\r]){0,32}?
       \b                         
       (
         [0-9]{16}

data/rules/atlassian.yml

@@ -6,8 +6,6 @@ rules:
       \b                         
       atlassian
       (?:.|[\n\r]){0,32}?
-      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
-      (?:.|[\n\r]){0,32}?
       \b                         
       (
         [a-z0-9]{24}

data/rules/baremetrics.yml

@@ -6,8 +6,6 @@ rules:
       \b                         
       baremetrics
       (?:.|[\n\r]){0,32}?
-      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
-      (?:.|[\n\r]){0,32}?
       \b                         
       (
         [a-z0-9_-]{25}

data/rules/fastly.yml

@@ -9,7 +9,9 @@ rules:
       (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
       (?:.|[\n\r]){0,32}?
       \b
-      ([a-z0-9_-]{32})
+      (
+        [a-z0-9_-]{32}
+      )
       \b
     min_entropy: 3.5
     confidence: medium

data/rules/heroku.yml

@@ -2,10 +2,9 @@ rules:
   - name: Heroku API Key
     id: kingfisher.heroku.1
     pattern: |
-      (?xi)                                 
+      (?xi)
+      \b                                
       heroku
-      (?:.|[\n\r]){0,32}?                 
-      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)  
       (?:.|[\n\r]){0,32}?                  
       \b
       (                                    

data/rules/vercel.yml

@@ -0,0 +1,39 @@
+rules:
+  - name: Vercel API Token
+    id: kingfisher.vercel.1
+    pattern: |
+      (?xi)
+      \b
+      vercel
+      (?:.|[\n\r]){0,32}?
+      \b
+      (
+        [a-zA-Z0-9]{24}
+      )
+      \b
+    confidence: medium
+    min_entropy: 3.5
+    validation:
+      type: Http
+      content:
+        request:
+          method: GET
+          url: https://api.vercel.com/v2/user
+          headers:
+            Authorization: "Bearer {{TOKEN}}"
+          response_matcher:
+            - report_response: true
+            - type: StatusMatch
+              status: [200]
+            - type: WordMatch
+              words:
+                - '"user":'
+                - '"email":'
+              match_all_words: true
+    references:
+      - https://vercel.com/docs/rest-api#authentication
+    examples:
+      - "vercel-key = DdZV6ZDZW6Vpl7n7JqtrCE5i"
+      - "vercel_token = zyMBA1qVEMAf4UNNZtCAbg6u"
+      - "vercel_api_key = MTg0AW799OY1HmyDdn84or3C"
+      - "vercel_secret = A7n9Xfp3tBz7D0XpOTMWpiOM"