il y a 2 ans · a3ab4e8ac5
--- a/cmd/generate/config/rules/snyk.go
+++ b/cmd/generate/config/rules/snyk.go
@@ -5,25 +5,35 @@ import (
 
															 )
														
 
															 func Snyk() *config.Rule {
														
 
															+
														
 
															+	keywords := []string{
														
 
															+		"snyk_token",
														
 
															+		"snyk_key",
														
 
															+		"snyk_api_token",
														
 
															+		"snyk_api_key",
														
 
															+		"snyk_oauth_token",
														
 
															+	}
														
 
															+
														
 
															 	// define rule
														
 
															 	r := config.Rule{
														
 
															 		Description: "Snyk API token",
														
 
															 		RuleID:      "snyk-api-token",
														
 
															 		SecretGroup: 1,
														
 
															-		Regex:       generateSemiGenericRegex([]string{"snyk"}, hex8_4_4_4_12(), true),
														
 
															-		Keywords:    []string{"snyk"},
														
 
															+		Regex:       generateSemiGenericRegex(keywords, hex8_4_4_4_12(), true),
														
 
															+		Keywords:    keywords,
														
 
															 	}
														
 
															 	// validate
														
 
															 	tps := []string{
														
 
															 		`const SNYK_TOKEN = "12345678-ABCD-ABCD-ABCD-1234567890AB"`, // gitleaks:allow
														
 
															 		`const SNYK_KEY = "12345678-ABCD-ABCD-ABCD-1234567890AB"`,   // gitleaks:allow
														
 
															-		`const SNYK = "12345678-ABCD-ABCD-ABCD-1234567890AB"`,       // gitleaks:allow
														
 
															-		`SNYK = "12345678-ABCD-ABCD-ABCD-1234567890AB"`,             // gitleaks:allow
														
 
															 		`SNYK_TOKEN := "12345678-ABCD-ABCD-ABCD-1234567890AB"`,      // gitleaks:allow
														
 
															 		`SNYK_TOKEN ::= "12345678-ABCD-ABCD-ABCD-1234567890AB"`,     // gitleaks:allow
														
 
															 		`SNYK_TOKEN :::= "12345678-ABCD-ABCD-ABCD-1234567890AB"`,    // gitleaks:allow
														
 
															 		`SNYK_TOKEN ?= "12345678-ABCD-ABCD-ABCD-1234567890AB"`,      // gitleaks:allow
														
 
															+		`SNYK_API_KEY ?= "12345678-ABCD-ABCD-ABCD-1234567890AB"`,    // gitleaks:allow
														
 
															+		`SNYK_API_TOKEN = "12345678-ABCD-ABCD-ABCD-1234567890AB"`,   // gitleaks:allow
														
 
															+		`SNYK_OAUTH_TOKEN = "12345678-ABCD-ABCD-ABCD-1234567890AB"`, // gitleaks:allow
														
 
															 	}
														
 
															 	return validate(r, tps, nil)
														
 
															 }
														
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -2751,10 +2751,10 @@ keywords = [
 
															 [[rules]]
														
 
															 id = "snyk-api-token"
														
 
															 description = "Snyk API token"
														
 
															-regex = '''(?i)(?:snyk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
														
 
															+regex = '''(?i)(?:snyk_token|snyk_key|snyk_api_token|snyk_api_key|snyk_oauth_token)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
														
 
															 secretGroup = 1
														
 
															 keywords = [
														
 
															-    "snyk",
														
 
															+    "snyk_token","snyk_key","snyk_api_token","snyk_api_key","snyk_oauth_token",
														
 
															 ]
														
 
															 [[rules]]