forked from mirrors/kingfisher
81 lines
2 KiB
YAML
81 lines
2 KiB
YAML
rules:
|
|
- name: Coveralls Repo Identifier
|
|
id: kingfisher.coveralls.1
|
|
visible: false
|
|
confidence: medium
|
|
min_entropy: 2.0
|
|
pattern: |
|
|
(?xi)
|
|
(?:
|
|
coveralls\.io/
|
|
(?:
|
|
(?:
|
|
github|bitbucket|gitlab
|
|
)
|
|
/
|
|
(
|
|
[A-Z0-9_.-]+
|
|
)
|
|
/
|
|
(
|
|
[A-Z0-9_.-]+
|
|
)
|
|
)
|
|
|
|
|
api/v1/repos/
|
|
(
|
|
github|bitbucket|gitlab
|
|
)
|
|
/
|
|
(
|
|
[A-Z0-9_.-]+
|
|
)
|
|
)
|
|
examples:
|
|
- https://coveralls.io/github/lemurheavy/coveralls-public
|
|
- https://coveralls.io/gitlab/group/project
|
|
- https://coveralls.io/api/v1/repos/github/octocat/hello-world
|
|
|
|
- name: Coveralls Personal API Token
|
|
id: kingfisher.coveralls.2
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
coveralls
|
|
(?:.|[\n\r]){0,1}?
|
|
(?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
[A-Z0-9-]{37}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 3
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- coveralls_SECRETTOKEN abcdefghijklmnopqrstuvwxyzab12345cdef
|
|
- coveralls-SECRET-KEY mnopqrstuvwxyzabcdefghi12345678901234
|
|
- coveralls_PRIVATEKEY-1234567890abcdefghijklmnopqrstuvwxyza
|
|
references:
|
|
- https://docs.coveralls.io/api-repos-endpoint
|
|
- https://docs.coveralls.io/api-introduction
|
|
depends_on_rule:
|
|
- rule_id: kingfisher.coveralls.1
|
|
variable: COVERALLS_REPO_ID
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: "https://coveralls.io/api/v1/repos/{{ COVERALLS_REPO_ID }}"
|
|
headers:
|
|
Authorization: "token {{ TOKEN }}"
|
|
Accept: application/json
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: WordMatch
|
|
words: ['"service"', '"name"', '"id"']
|