rules:
  - name: Vast.ai API Key
    id: kingfisher.vastai.1
    pattern: |
      (?xi)
      \b
      vast(?:\.ai)?
      (?:.|[\n\r]){0,16}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
      (?:.|[\n\r]){0,16}?
      \b
      (
        [a-f0-9]{64}
      )
      \b
    pattern_requirements:
      min_digits: 8
    min_entropy: 3.5
    confidence: medium
    examples:
      - VAST_API_KEY=c218521a7eaf108227795ae059866db8fdd7be16348f67ec48e66af4b2df4a76
      - 'vastai_access_key: c218521a7eaf108227795ae059866db8fdd7be16348f67ec48e66af4b2df4a76'
    references:
      - https://docs.vast.ai/api-reference/accounts/show-user
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://console.vast.ai/api/v0/users/current/
          headers:
            Authorization: "Bearer {{ TOKEN }}"
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: JsonValid
            - type: WordMatch
              match_all_words: true
              words:
                - '"id"'
                - '"email"'
                - '"balance"'