1 год назад · 8510d39ffe
--- a/cmd/generate/config/rules/square.go
+++ b/cmd/generate/config/rules/square.go
@@ -11,17 +11,20 @@ func SquareAccessToken() *config.Rule {
 
				 	r := config.Rule{
			
 
				 		RuleID:      "square-access-token",
			
 
				 		Description: "Detected a Square Access Token, risking unauthorized payment processing and financial transaction exposure.",
			
 
				-		Regex:       utils.GenerateUniqueTokenRegex(`(EAAA|sq0atp-)[0-9A-Za-z\-_]{22,60}`, true),
			
 
				+		Regex:       utils.GenerateUniqueTokenRegex(`(?:EAAA|sq0atp-)[\w-]{22,60}`, false),
			
 
				 		Keywords:    []string{"sq0atp-", "EAAA"},
			
 
				 	}
			
 
				 
			
 
				 	// validate
			
 
				 	tps := []string{
			
 
				-		utils.GenerateSampleSecret("square", secrets.NewSecret(`sq0atp-[0-9A-Za-z\-_]{22}`)),
			
 
				+		utils.GenerateSampleSecret("square", secrets.NewSecret(`(?:EAAA|sq0atp-)[\w-]{22,60}`)),
			
 
				 		"ARG token=sq0atp-812erere3wewew45678901",                                    // gitleaks:allow
			
 
				 		"ARG token=EAAAlsBxkkVgvmr7FasTFbM6VUGZ31EJ4jZKTJZySgElBDJ_wyafHuBFquFexY7E", // gitleaks:allow",
			
 
				 	}
			
 
				-	return utils.Validate(r, tps, nil)
			
 
				+	fps := []string{
			
 
				+		`aws-cli@sha256:eaaa7b11777babe28e6133a8b19ff71cea687e0d7f05158dee95a71f76ce3d00`,
			
 
				+	}
			
 
				+	return utils.Validate(r, tps, fps)
			
 
				 }
			
 
				 
			
 
				 func SquareSecret() *config.Rule {
			
@@ -29,13 +32,13 @@ func SquareSecret() *config.Rule {
 
				 	r := config.Rule{
			
 
				 		RuleID:      "square-secret",
			
 
				 		Description: "Square Secret",
			
 
				-		Regex:       utils.GenerateUniqueTokenRegex(`sq0csp-[0-9A-Za-z\\-_]{43}`, true),
			
 
				+		Regex:       utils.GenerateUniqueTokenRegex(`sq0csp-[\w-]{43}`, false),
			
 
				 		Keywords:    []string{"sq0csp-"},
			
 
				 	}
			
 
				 
			
 
				 	// validate
			
 
				 	tps := []string{
			
 
				-		utils.GenerateSampleSecret("square", secrets.NewSecret(`sq0csp-[0-9A-Za-z\\-_]{43}`)),
			
 
				+		utils.GenerateSampleSecret("square", secrets.NewSecret(`sq0csp-[\w-]{43}`)),
			
 
				 		`value: "sq0csp-0p9h7g6f4s3s3s3-4a3ardgwa6ADRDJDDKUFYDYDYDY"`, // gitleaks:allow
			
 
				 	}
			
 
				 	return utils.Validate(r, tps, nil)
			
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -2760,7 +2760,7 @@ keywords = [
 
				 [[rules]]
			
 
				 id = "square-access-token"
			
 
				 description = "Detected a Square Access Token, risking unauthorized payment processing and financial transaction exposure."
			
 
				-regex = '''(?i)\b((EAAA|sq0atp-)[0-9A-Za-z\-_]{22,60})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
			
 
				+regex = '''\b((?:EAAA|sq0atp-)[\w-]{22,60})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
			
 
				 keywords = [
			
 
				     "sq0atp-","eaaa",
			
 
				 ]