rules: - name: CircleCI API Personal Access Token id: kingfisher.circleci.1 pattern: | (?xi) \b ( CCIPAT_ [a-z0-9]{4} [a-z]{5} [a-z0-9]{3} [0-9]{3} [a-z]{2} [A-Z]{2} [0-9]{1} [a-z]{1} [a-z0-9]{1} [0-9]{1} [a-z]{1} _ [a-z0-9]{40} ) \b min_entropy: 3.5 confidence: medium examples: - CircleCI_PAT = "CCIPAT_lZyPAuThWn2G908ssDT0g33e_t7qh0r5hrvsqzmuraqzduq6qco5onxgrtcn7y2z4" - | export CIRCLECI_TOKEN=CCIPAT_lZyPAuThWn2G908ssDT0g33e_t7qh0r5hrvsqzmuraqzduq6qco5onxgrtcn7y2z4 references: - https://circleci.com/docs/api-developers-guide/#using-the-api-securely-wtih-curl validation: type: Http content: request: headers: Accept: application/json Circle-Token: '{{ TOKEN }}' method: GET response_matcher: - report_response: true - status: - 200 type: StatusMatch - type: WordMatch words: - '"id"' url: https://circleci.com/api/v2/me - name: CircleCI API Project Token id: kingfisher.circleci.2 pattern: | (?xi) \b circleci (?:.|[\n\r]){0,64}? ( [a-f0-9]{40} ) \b min_entropy: 3.3 confidence: medium examples: - circleci_project_secret = 'Ca61263Bf9A4DcEECd00EdAAacb4eaEe74e8682f' - "CIRCLECI_API_TOKEN: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2" references: - https://circleci.com/docs/api/v1/index.html#projects validation: type: Http content: request: headers: Circle-Token: '{{ TOKEN }}' Accept: application/json method: GET response_matcher: - report_response: true - status: - 200 type: StatusMatch - type: WordMatch words: - '"vcs_url"' url: https://circleci.com/api/v1.1/projects