3 سال پیش · afdccad46f
--- a/cmd/generate/config/main.go
+++ b/cmd/generate/config/main.go
@@ -77,7 +77,9 @@ func main() {
 
				 	configRules = append(configRules, rules.GitHubOauth())
			
 
				 	configRules = append(configRules, rules.GitHubApp())
			
 
				 	configRules = append(configRules, rules.GitHubRefresh())
			
 
				-	configRules = append(configRules, rules.Gitlab())
			
 
				+	configRules = append(configRules, rules.GitlabPat())
			
 
				+	configRules = append(configRules, rules.GitlabPipelineTriggerToken())
			
 
				+	configRules = append(configRules, rules.GitlabRunnerRegistrationToken())
			
 
				 	configRules = append(configRules, rules.GitterAccessToken())
			
 
				 	configRules = append(configRules, rules.GrafanaApiKey())
			
 
				 	configRules = append(configRules, rules.GrafanaCloudApiToken())
			
--- a/cmd/generate/config/rules/gitlab.go
+++ b/cmd/generate/config/rules/gitlab.go
@@ -7,7 +7,7 @@ import (
 
				 	"github.com/zricethezav/gitleaks/v8/config"
			
 
				 )
			
 
				 
			
 
				-func Gitlab() *config.Rule {
			
 
				+func GitlabPat() *config.Rule {
			
 
				 	// define rule
			
 
				 	r := config.Rule{
			
 
				 		Description: "GitLab Personal Access Token",
			
@@ -22,3 +22,35 @@ func Gitlab() *config.Rule {
 
				 	}
			
 
				 	return validate(r, tps, nil)
			
 
				 }
			
 
				+
			
 
				+func GitlabPipelineTriggerToken() *config.Rule {
			
 
				+	// define rule
			
 
				+	r := config.Rule{
			
 
				+		Description: "GitLab Pipeline Trigger Token",
			
 
				+		RuleID:      "gitlab-ptt",
			
 
				+		Regex:       regexp.MustCompile(`glptt-[0-9a-f]{40}`),
			
 
				+		Keywords:    []string{"glptt-"},
			
 
				+	}
			
 
				+
			
 
				+	// validate
			
 
				+	tps := []string{
			
 
				+		generateSampleSecret("gitlab", "glptt-"+secrets.NewSecret(hex("40"))),
			
 
				+	}
			
 
				+	return validate(r, tps, nil)
			
 
				+}
			
 
				+
			
 
				+func GitlabRunnerRegistrationToken() *config.Rule {
			
 
				+	// define rule
			
 
				+	r := config.Rule{
			
 
				+		Description: "GitLab Runner Registration Token",
			
 
				+		RuleID:      "gitlab-rrt",
			
 
				+		Regex:       regexp.MustCompile(`GR1348941[0-9a-zA-Z\-\_]{20}`),
			
 
				+		Keywords:    []string{"GR1348941"},
			
 
				+	}
			
 
				+
			
 
				+	// validate
			
 
				+	tps := []string{
			
 
				+		generateSampleSecret("gitlab", "GR1348941"+secrets.NewSecret(alphaNumeric("20"))),
			
 
				+	}
			
 
				+	return validate(r, tps, nil)
			
 
				+}
			
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -2016,6 +2016,22 @@ keywords = [
 
				     "glpat-",
			
 
				 ]
			
 
				 
			
 
				+[[rules]]
			
 
				+description = "GitLab Pipeline Trigger Token"
			
 
				+id = "gitlab-ptt"
			
 
				+regex = '''glptt-[0-9a-f]{40}'''
			
 
				+keywords = [
			
 
				+    "glptt-",
			
 
				+]
			
 
				+
			
 
				+[[rules]]
			
 
				+description = "GitLab Runner Registration Token"
			
 
				+id = "gitlab-rrt"
			
 
				+regex = '''GR1348941[0-9a-zA-Z\-\_]{20}'''
			
 
				+keywords = [
			
 
				+    "gr1348941",
			
 
				+]
			
 
				+
			
 
				 [[rules]]
			
 
				 description = "Gitter Access Token"
			
 
				 id = "gitter-access-token"