rules: - name: CircleCI API Personal Access Token id: kingfisher.circleci.1 pattern: | (?x) \b ( CCIPAT_ [a-zA-Z0-9]{22} _ [a-z0-9]{40} ) \b pattern_requirements: min_digits: 2 min_entropy: 3.5 confidence: high examples: - | export CIRCLECI_TOKEN=CCIPAT_FERZRjTN451xnDCy1y9gWn_79fb6ca4d0e5f833612eee17de397a9dca0a9e9f references: - https://circleci.com/docs/api-developers-guide/#using-the-api-securely-wtih-curl validation: type: Http content: request: headers: Accept: application/json Circle-Token: '{{ TOKEN }}' method: GET response_matcher: - report_response: true - status: - 200 type: StatusMatch - type: WordMatch words: - '"id"' url: https://circleci.com/api/v2/me - name: CircleCI API Project Token id: kingfisher.circleci.2 pattern: | (?xi) \b circleci (?:.|[\n\r]){0,64}? ( [a-f0-9]{40} ) \b pattern_requirements: min_digits: 2 min_lowercase: 2 min_entropy: 3.3 confidence: medium examples: - circleci_project_secret = 'Ca61263Bf9A4DcEECd00EdAAacb4eaEe74e8682f' - "CIRCLECI_API_TOKEN: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2" references: - https://circleci.com/docs/api/v1/index.html#projects validation: type: Http content: request: headers: Circle-Token: '{{ TOKEN }}' Accept: application/json method: GET response_matcher: - report_response: true - status: - 200 type: StatusMatch - type: WordMatch words: - '"vcs_url"' url: https://circleci.com/api/v1.1/projects