3 лет назад · b1853bd032
--- a/cmd/generate/config/main.go
+++ b/cmd/generate/config/main.go
@@ -144,6 +144,8 @@ func main() {
 
				 	configRules = append(configRules, rules.TwitterAccessSecret())
			
 
				 	configRules = append(configRules, rules.TwitterBearerToken())
			
 
				 	configRules = append(configRules, rules.Typeform())
			
 
				+	configRules = append(configRules, rules.VaultBatchToken())
			
 
				+	configRules = append(configRules, rules.VaultServiceToken())
			
 
				 	configRules = append(configRules, rules.YandexAPIKey())
			
 
				 	configRules = append(configRules, rules.YandexAWSAccessToken())
			
 
				 	configRules = append(configRules, rules.YandexAccessToken())
			
--- a/cmd/generate/config/rules/vault.go
+++ b/cmd/generate/config/rules/vault.go
@@ -0,0 +1,38 @@
 
				+package rules
			
 
				+
			
 
				+import (
			
 
				+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
			
 
				+	"github.com/zricethezav/gitleaks/v8/config"
			
 
				+)
			
 
				+
			
 
				+func VaultServiceToken() *config.Rule {
			
 
				+	// define rule
			
 
				+	r := config.Rule{
			
 
				+		Description: "Vault Service Token",
			
 
				+		RuleID:      "vault-service-token",
			
 
				+		Regex:       generateUniqueTokenRegex(`hvs\.[a-z0-9_-]{90,100}`),
			
 
				+		Keywords:    []string{"hvs"},
			
 
				+	}
			
 
				+
			
 
				+	// validate
			
 
				+	tps := []string{
			
 
				+		generateSampleSecret("vault", "hvs."+secrets.NewSecret(alphaNumericExtendedShort("90"))),
			
 
				+	}
			
 
				+	return validate(r, tps, nil)
			
 
				+}
			
 
				+
			
 
				+func VaultBatchToken() *config.Rule {
			
 
				+	// define rule
			
 
				+	r := config.Rule{
			
 
				+		Description: "Vault Batch Token",
			
 
				+		RuleID:      "vault-batch-token",
			
 
				+		Regex:       generateUniqueTokenRegex(`hvb\.[a-z0-9_-]{138,212}`),
			
 
				+		Keywords:    []string{"hvb"},
			
 
				+	}
			
 
				+
			
 
				+	// validate
			
 
				+	tps := []string{
			
 
				+		generateSampleSecret("vault", "hvb."+secrets.NewSecret(alphaNumericExtendedShort("138"))),
			
 
				+	}
			
 
				+	return validate(r, tps, nil)
			
 
				+}
			
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -2604,6 +2604,22 @@ keywords = [
 
				     "tfp_",
			
 
				 ]
			
 
				 
			
 
				+[[rules]]
			
 
				+description = "Vault Batch Token"
			
 
				+id = "vault-batch-token"
			
 
				+regex = '''(?i)\b(hvb\.[a-z0-9_-]{138,212})(?:['|\"|\n|\r|\s|\x60]|$)'''
			
 
				+keywords = [
			
 
				+    "hvb",
			
 
				+]
			
 
				+
			
 
				+[[rules]]
			
 
				+description = "Vault Service Token"
			
 
				+id = "vault-service-token"
			
 
				+regex = '''(?i)\b(hvs\.[a-z0-9_-]{90,100})(?:['|\"|\n|\r|\s|\x60]|$)'''
			
 
				+keywords = [
			
 
				+    "hvs",
			
 
				+]
			
 
				+
			
 
				 [[rules]]
			
 
				 description = "Yandex Access Token"
			
 
				 id = "yandex-access-token"