пре 1 година · 1a2f656278
--- a/cmd/generate/config/main.go
+++ b/cmd/generate/config/main.go
@@ -49,6 +49,7 @@ func main() {
 
				 		rules.CloudflareAPIKey(),
			
 
				 		rules.CloudflareGlobalAPIKey(),
			
 
				 		rules.CloudflareOriginCAKey(),
			
 
				+		rules.CohereAPIToken(),
			
 
				 		rules.ConfluentAccessToken(),
			
 
				 		rules.ConfluentSecretKey(),
			
 
				 		rules.Contentful(),
			
--- a/cmd/generate/config/rules/cohere.go
+++ b/cmd/generate/config/rules/cohere.go
@@ -0,0 +1,32 @@
 
				+package rules
			
 
				+
			
 
				+import (
			
 
				+	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
			
 
				+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
			
 
				+	"github.com/zricethezav/gitleaks/v8/config"
			
 
				+)
			
 
				+
			
 
				+func CohereAPIToken() *config.Rule {
			
 
				+	// define rule
			
 
				+	r := config.Rule{
			
 
				+		RuleID:      "cohere-api-token",
			
 
				+		Description: "Identified a Cohere Token, posing a risk of unauthorized access to AI services and data manipulation.",
			
 
				+		Regex:       utils.GenerateSemiGenericRegex([]string{"cohere", "CO_API_KEY"}, `[a-zA-Z0-9]{40}`, false),
			
 
				+		Entropy:     4,
			
 
				+		Keywords: []string{
			
 
				+			"cohere",
			
 
				+			"CO_API_KEY",
			
 
				+		},
			
 
				+	}
			
 
				+
			
 
				+	// validate
			
 
				+	tps := []string{
			
 
				+		utils.GenerateSampleSecret("cohere", secrets.NewSecret(`[a-zA-Z0-9]{40}`)),
			
 
				+		// https://github.com/cohere-ai/cohere-go/blob/abe8044073ed498ffbb206a602d03c2414b64512/client/client.go#L38C30-L38C40
			
 
				+		`export CO_API_KEY=` + secrets.NewSecret(`[a-zA-Z0-9]{40}`),
			
 
				+	}
			
 
				+	fps := []string{
			
 
				+		`CO_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx`,
			
 
				+	}
			
 
				+	return utils.Validate(r, tps, fps)
			
 
				+}
			
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -196,6 +196,16 @@ description = "Found a pattern resembling a Codecov Access Token, posing a risk
 
				 regex = '''(?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
			
 
				 keywords = ["codecov"]
			
 
				 
			
 
				+[[rules]]
			
 
				+id = "cohere-api-token"
			
 
				+description = "Identified a Cohere Token, posing a risk of unauthorized access to AI services and data manipulation."
			
 
				+regex = '''(?i:(?:cohere|CO_API_KEY)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3})(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-zA-Z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
			
 
				+entropy = 4
			
 
				+keywords = [
			
 
				+    "cohere",
			
 
				+    "co_api_key",
			
 
				+]
			
 
				+
			
 
				 [[rules]]
			
 
				 id = "coinbase-access-token"
			
 
				 description = "Detected a Coinbase Access Token, posing a risk of unauthorized access to cryptocurrency accounts and financial transactions."