reduce telegram... todo url and xml for later

cmd/generate/config/rules/telegram.go

@@ -1,6 +1,8 @@
 package rules
 
 import (
+	"fmt"
+
 	"regexp"
 
 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
@@ -13,40 +15,38 @@ func TelegramBotToken() *config.Rule {
 		Description: "Detected a Telegram Bot API Token, risking unauthorized bot operations and message interception on Telegram.",
 		RuleID:      "telegram-bot-api-token",
 
-		Regex: regexp.MustCompile(`(?i)(?:^|\b|bot)([0-9]{5,16}:A[a-z0-9_\-]{34})(?:$|\b[^_\-])`),
+		Regex: regexp.MustCompile(`(?i:(?:telegr)(?:[0-9a-z\(-_\t .\\]{0,40})(?:[\s|']|[\s|"]){0,3})(?:=|\|\|:|<=|=>|:|\?=|\()(?:'|\"|\s|=|\x60){0,5}([0-9]{5,16}:A[a-z0-9_\-]{34})(?:['|\"|\n|\r|\s|\x60|;|\\]|$)`),
 		Keywords: []string{
-			"telegram",
-			"api",
-			"bot",
-			"token",
-			"url",
+			"telegr",
 		},
 	}
+	fmt.Println("r: ", r.Regex.String())
 
+	// https://regex101.com/r/7fFAhS/1
 	// validate
 	var (
-		validToken   = secrets.NewSecret(numeric("8") + ":A" + alphaNumericExtendedShort("34"))
-		minToken     = secrets.NewSecret(numeric("5") + ":A" + alphaNumericExtendedShort("34"))
-		maxToken     = secrets.NewSecret(numeric("16") + ":A" + alphaNumericExtendedShort("34"))
-		xsdWithToken = secrets.NewSecret(`<xsd:element name="AgencyIdentificationCode" type="` + numeric("5") + `:A` + alphaNumericExtendedShort("34") + `"/>`)
+		validToken = secrets.NewSecret(numeric("8") + ":A" + alphaNumericExtendedShort("34"))
+		minToken   = secrets.NewSecret(numeric("5") + ":A" + alphaNumericExtendedShort("34"))
+		maxToken   = secrets.NewSecret(numeric("16") + ":A" + alphaNumericExtendedShort("34"))
+		// xsdWithToken = secrets.NewSecret(`<xsd:element name="AgencyIdentificationCode" type="` + numeric("5") + `:A` + alphaNumericExtendedShort("34") + `"/>`)
 	)
 	tps := []string{
 		// variable assignment
 		generateSampleSecret("telegram", validToken),
-		// URL containing token
-		generateSampleSecret("url", "https://api.telegram.org/bot"+validToken+"/sendMessage"),
+		// URL containing token TODO add another url based rule
+		// generateSampleSecret("url", "https://api.telegram.org/bot"+validToken+"/sendMessage"),
 		// object constructor
 		`const bot = new Telegraf("` + validToken + `")`,
 		// .env
-		`API_TOKEN = ` + validToken,
+		`TELEGRAM_API_TOKEN = ` + validToken,
 		// YAML
-		`bot: ` + validToken,
+		`telegram bot: ` + validToken,
 		// Token with min bot_id
 		generateSampleSecret("telegram", minToken),
 		// Token with max bot_id
 		generateSampleSecret("telegram", maxToken),
-		// Valid token in XSD document
-		generateSampleSecret("telegram", xsdWithToken),
+		// Valid token in XSD document TODO separate rule for this
+		// generateSampleSecret("telegram", xsdWithToken),
 	}
 
 	var (

config/gitleaks.toml

@@ -2774,9 +2774,9 @@ keywords = [
 [[rules]]
 id = "telegram-bot-api-token"
 description = "Detected a Telegram Bot API Token, risking unauthorized bot operations and message interception on Telegram."
-regex = '''(?i)(?:^|\b|bot)([0-9]{5,16}:A[a-z0-9_\-]{34})(?:$|\b[^_\-])'''
+regex = '''(?i:(?:telegr)(?:[0-9a-z\(-_\t .\\]{0,40})(?:[\s|']|[\s|"]){0,3})(?:=|\|\|:|<=|=>|:|\?=|\()(?:'|\"|\s|=|\x60){0,5}([0-9]{5,16}:A[a-z0-9_\-]{34})(?:['|\"|\n|\r|\s|\x60|;|\\]|$)'''
 keywords = [
-    "telegram","api","bot","token","url",
+    "telegr",
 ]
 
 [[rules]]