Inicio Explorar Axuda
Iniciar sesión
LBP
/
gitleaks
réplica de https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Ficheiros Incidencias 0 Wiki
Árbore: v8.23.3
Ramas Etiquetas
gitleaks
/
cmd
/
generate
/
config
/
rules
Richard Gomez 7fc11bb264 refactor(config): use non-capture groups for allowlists (#1735) hai 1 ano
..
1password.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
adafruit.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
adobe.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
age.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
airtable.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
algolia.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
alibaba.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
asana.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
atlassian.go 4181ad647a Add new jira api token pattern (#1601) hai 1 ano
authress.go 83e99bacf1 feat(report): allow user-defined templates (#1650) hai 1 ano
aws.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
azure.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
beamer.go 973c794cf0 chore(rules): include fps in reference (#1471) hai 1 ano
bitbucket.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
bittrex.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
clojars.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
cloudflare.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
codecov.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
cohere.go 1a2f656278 feat: add cohere rule (#1549) hai 1 ano
coinbase.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
config.tmpl db8e5e672e feat(generate): use multiple allowlists (#1691) hai 1 ano
confluent.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
contentful.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
curl.go 7fc11bb264 refactor(config): use non-capture groups for allowlists (#1735) hai 1 ano
databricks.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
datadog.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
definednetworking.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
digitalocean.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
discord.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
doppler.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
droneci.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
dropbox.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
duffel.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
dynatrace.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
easypost.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
etsy.go 83e99bacf1 feat(report): allow user-defined templates (#1650) hai 1 ano
facebook.go d88bc094f7 facebook keyword hai 1 ano
fastly.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
finicity.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
finnhub.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
flickr.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
flutterwave.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
flyio.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
frameio.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
freemius.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
freshbooks.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
gcp.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
generic.go 7fc11bb264 refactor(config): use non-capture groups for allowlists (#1735) hai 1 ano
github.go 7fc11bb264 refactor(config): use non-capture groups for allowlists (#1735) hai 1 ano
gitlab.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
gitter.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
gocardless.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
grafana.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
harness.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
hashicorp.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
hashicorp_vault.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
heroku.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
hubspot.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
huggingface.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
infracost.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
intercom.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
intra42.go 455ae0aab7 More rule fixes (#1586) hai 1 ano
jfrog.go f0d4499064 Add comma as operator for GenerateSemiGenericRegex (#1679) hai 1 ano
jwt.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
kraken.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
kubernetes.go 7fc11bb264 refactor(config): use non-capture groups for allowlists (#1735) hai 1 ano
kucoin.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
launchdarkly.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
linear.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
linkedin.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
lob.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
mailchimp.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
mailgun.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
mapbox.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
mattermost.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
meraki.go 3fdaefdaa3 fix(meraki): restrict keyword case (#1722) hai 1 ano
messagebird.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
netlify.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
newrelic.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
npm.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
nuget.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
nytimes.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
octopusdeploy.go 43fae355e6 feat(rules): create Octopus Deploy api key (#1602) hai 1 ano
okta.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
openai.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
openshift.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
plaid.go 83e99bacf1 feat(report): allow user-defined templates (#1650) hai 1 ano
planetscale.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
postman.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
prefect.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
privateai.go 00bb82153e feat: add PrivateAI rule (#1548) hai 1 ano
privatekey.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
pulumi.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
pypi.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
rapidapi.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
readme.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
rubygems.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
scalingo.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
sendbird.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
sendgrid.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
sendinblue.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
sentry.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
settlemint.go f6966057f5 feat: add settlemint api keys detection (#1663) hai 1 ano
shippo.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
shopify.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
sidekiq.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
slack.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
snyk.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
square.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
squarespace.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
stopwords.go e97695b852 feat(generic-api-key): exclude keywords (#1587) hai 1 ano
stripe.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
sumologic.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
teams.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
telegram.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
travisci.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
trello.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
twilio.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) hai 1 ano
twitch.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
twitter.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
typeform.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
yandex.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano
zendesk.go c11adc91ad Generate comprehensive secret samples (#1484) hai 1 ano

readme.go

package rules

import (
"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
"github.com/zricethezav/gitleaks/v8/config"
)

func ReadMe() *config.Rule {
// define rule
r := config.Rule{
RuleID: "readme-api-token",
Description: "Detected a Readme API token, risking unauthorized documentation management and content exposure.",
Regex: utils.GenerateUniqueTokenRegex(`rdme_[a-z0-9]{70}`, false),
Entropy: 2,
Keywords: []string{
"rdme_",
},
}

// validate
tps := utils.GenerateSampleSecrets("api-token", "rdme_"+secrets.NewSecret(utils.AlphaNumeric("70")))

fps := []string{
`const API_KEY = 'rdme_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';`,
}
return utils.Validate(r, tps, fps)
}