kingfisher/crates/kingfisher-rules/data/rules/hop.yml

rules:
  - name: HOP Project Token
    id: kingfisher.hop.1
    pattern: |
      (?x)
      \b
      (
        ptk_[a-zA-Z0-9_-]{20,80}
      )
      \b
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.5
    confidence: high
    categories: [api, key]
    examples:
      - 'HOP_TOKEN=ptk_AbCdEfGhIjKlMnOpQrStUvWxYz123456'
    references:
      - https://docs.hop.io/reference/rest-api
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://api.hop.io/v1/projects/@this
          headers:
            Authorization: "{{ TOKEN }}"
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: JsonValid

  - name: HOP Personal Access Token
    id: kingfisher.hop.2
    pattern: |
      (?x)
      (?:^|['"\x60\s>=:(,])
      (
        hop_pat_[a-zA-Z0-9_-]{20,80}
      )
      (?:$|['"\x60\s<),])
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.5
    confidence: high
    categories: [api, key]
    examples:
      - 'HOP_PAT="hop_pat_AbCdEfGhIjKlMnOpQrStUvWxYz123456"'
    references:
      - https://docs.hop.io/reference/rest-api
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://api.hop.io/v1/users/@me
          headers:
            Authorization: "{{ TOKEN }}"
            Accept: application/json
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]
            - type: JsonValid