rules:
  - name: Mailchimp API Key
    id: kingfisher.mailchimp.1
    pattern: |
      (?xi)
      \b
      mailchimp
      (?:.|[\n\r]){0,128}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
      (?:.|[\n\r]){0,32}?
      \b
      (
        (?:[0-9a-f]{8}){4}
        -us\d{1,2}
      )
      \b
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.5
    confidence: medium
    examples:
      - 'mailchimp_token = abcdef1234567890abcdef1234567890-us1'
      - 'mailchimp_key = "0123456789abcdeffedcba9876543210-us20"'
    validation:
      type: Http
      content:
        request:
          headers:
            Authorization: 'Basic {{ "x:" | append: TOKEN | b64enc }}'
            Accept: application/json
          method: GET
          response_matcher:
            - report_response: true
            - status:
                - 200
              type: StatusMatch
          url: 'https://{{ TOKEN | split: "-" | last }}.api.mailchimp.com/3.0/ping'
    references:
      - https://mailchimp.com/developer/marketing/api/root/
      - https://mailchimp.com/developer/guides/marketing-api-conventions/