1 год назад · 818e32f7a4
--- a/cmd/generate/config/main.go
+++ b/cmd/generate/config/main.go
@@ -206,6 +206,7 @@ func main() {
 
				 		rules.SlackLegacyToken(),
			
 
				 		rules.SlackWebHookUrl(),
			
 
				 		rules.Snyk(),
			
 
				+		rules.Sonar(),
			
 
				 		rules.SourceGraph(),
			
 
				 		rules.StripeAccessToken(),
			
 
				 		rules.SquareAccessToken(),
			
--- a/cmd/generate/config/rules/sonar.go
+++ b/cmd/generate/config/rules/sonar.go
@@ -0,0 +1,27 @@
 
				+package rules
			
 
				+
			
 
				+import (
			
 
				+	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
			
 
				+	"github.com/zricethezav/gitleaks/v8/config"
			
 
				+)
			
 
				+
			
 
				+func Sonar() *config.Rule {
			
 
				+	// define rule
			
 
				+	r := config.Rule{
			
 
				+		Description: "Uncovered a Sonar API token, potentially compromising software vulnerability scanning and code security.",
			
 
				+		RuleID:      "sonar-api-token",
			
 
				+		Regex:       utils.GenerateSemiGenericRegex([]string{"sonar[_.-]?(login|token)"}, utils.AlphaNumericExtended("40"), true),
			
 
				+		Keywords:    []string{"sonar"},
			
 
				+	}
			
 
				+
			
 
				+	// validate
			
 
				+	tps := utils.GenerateSampleSecrets("sonar", "12345678ABCDEFH1234567890ABCDEFH12345678")
			
 
				+	tps = append(tps,
			
 
				+		`const SONAR_LOGIN = "12345678ABCDEFH1234567890ABCDEFH12345678"`, // gitleaks:allow
			
 
				+		`SONAR_LOGIN := "12345678ABCDEFH1234567890ABCDEFH12345678"`,      // gitleaks:allow
			
 
				+		`SONAR.LOGIN ::= "12345678ABCDEFH1234567890ABCDEFH12345678"`,     // gitleaks:allow
			
 
				+		`SONAR.LOGIN :::= "12345678ABCDEFH1234567890ABCDEFH12345678"`,    // gitleaks:allow
			
 
				+		`SONAR.LOGIN ?= "12345678ABCDEFH1234567890ABCDEFH12345678"`,      // gitleaks:allow
			
 
				+	)
			
 
				+	return utils.Validate(r, tps, nil)
			
 
				+}
			
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -2941,6 +2941,12 @@ description = "Uncovered a Snyk API token, potentially compromising software vul
 
				 regex = '''(?i)[\w.-]{0,50}?(?:snyk[_.-]?(?:(?:api|oauth)[_.-]?)?(?:key|token))(?:[ \t\w.-]{0,20})[\s'"]{0,3}(?:=|>|:{1,3}=|\|\||:|=>|\?=|,)[\x60'"\s=]{0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:[\x60'"\s;]|\\[nr]|$)'''
			
 
				 keywords = ["snyk"]
			
 
				 
			
 
				+[[rules]]
			
 
				+id = "sonar-api-token"
			
 
				+description = "Uncovered a Sonar API token, potentially compromising software vulnerability scanning and code security."
			
 
				+regex = '''(?i)[\w.-]{0,50}?(?:sonar[_.-]?(login|token))(?:[ \t\w.-]{0,20})[\s'"]{0,3}(?:=|>|:{1,3}=|\|\||:|=>|\?=|,)[\x60'"\s=]{0,5}([a-z0-9=_\-]{40})(?:[\x60'"\s;]|\\[nr]|$)'''
			
 
				+keywords = ["sonar"]
			
 
				+
			
 
				 [[rules]]
			
 
				 id = "sourcegraph-access-token"
			
 
				 description = "Sourcegraph is a code search and navigation engine."