forked from mirrors/kingfisher
39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
rules:
|
|
- name: Mergify Application API Key
|
|
id: kingfisher.mergify.1
|
|
pattern: |
|
|
(?x)
|
|
\b
|
|
(
|
|
mergify_application_key_
|
|
[A-Za-z0-9_-]{40,200}
|
|
)
|
|
\b
|
|
min_entropy: 3.2
|
|
confidence: high
|
|
examples:
|
|
- mergify_application_key_A1b2C3d4E5f6G7h8I9j0K1l2M3n4O5p6Q7r8S9t0U1v2W3x4Y5z6_-AbCdEfGhIj
|
|
- mergify_application_key_ZxYwVuTsRqPoNmLkJiHgFeDcBa9876543210_-__aBcDeFgHiJkLmNoPqRsTuVwXyZ
|
|
references:
|
|
- https://docs.mergify.com/api/
|
|
- https://docs.mergify.com/api-usage/
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: https://api.mergify.com/v1/application
|
|
headers:
|
|
Accept: application/json
|
|
Authorization: "Bearer {{ TOKEN }}"
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: HeaderMatch
|
|
header: content-type
|
|
expected: ["application/json"]
|
|
- type: JsonValid
|
|
- type: WordMatch
|
|
words: ['"id"', '"name"', '"scope"']
|
|
match_all_words: true
|