forked from mirrors/kingfisher
50 lines
1.3 KiB
YAML
50 lines
1.3 KiB
YAML
rules:
|
|
- name: Unleash Client/Admin API Token
|
|
id: kingfisher.unleash.1
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
unleash
|
|
(?:.|[\n\r]){0,32}?
|
|
(?:API[_-]?TOKEN|CLIENT[_-]?KEY|ADMIN[_-]?TOKEN|TOKEN|KEY)
|
|
(?:.|[\n\r]){0,16}?
|
|
(
|
|
(?:\*|\[\]|[a-z][a-z0-9-]*)
|
|
:
|
|
[a-z][a-z0-9-]*
|
|
\.
|
|
[0-9a-f]{56}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 4
|
|
min_lowercase: 10
|
|
min_entropy: 3.0
|
|
confidence: medium
|
|
examples:
|
|
- 'UNLEASH_API_TOKEN=default:development.be44368985f7fb3237c584ef86f3d6bdada42ddbd63a019d26955178'
|
|
- 'unleash_token: "*:production.a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8"'
|
|
references:
|
|
- https://docs.getunleash.io/reference/api-tokens-and-client-keys
|
|
|
|
- name: Unleash Personal Access Token
|
|
id: kingfisher.unleash.2
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
unleash
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
user:[0-9a-f]{56}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 4
|
|
min_entropy: 3.5
|
|
confidence: medium
|
|
examples:
|
|
- 'UNLEASH_PAT=user:be7536c3a160ff15e3a92da45de531dd54bc1ae15d8455c0476f086b'
|
|
- 'unleash_pat: "user:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8"'
|
|
references:
|
|
- https://docs.getunleash.io/reference/api-tokens-and-client-keys
|