Skip to content

Commit

Permalink
Update Gitleaks repository and add new rules
Browse files Browse the repository at this point in the history
  • Loading branch information
Baruch Odem committed Mar 28, 2024
1 parent c905e2d commit 270a67d
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 6 deletions.
4 changes: 2 additions & 2 deletions .ci/check_new_rules.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ type Release struct {
func fetchGitleaksLatestRelease() (string, error) {
var release Release

response, err := http.Get("https://api.github.com/repos/zricethezav/gitleaks/releases/latest")
response, err := http.Get("https://api.github.com/repos/Checkmarx/gitleaks/releases/latest")
if err != nil {
return "", fmt.Errorf("failed to get latest release: %w", err)
}
Expand Down Expand Up @@ -115,7 +115,7 @@ func fetchGitleaksRules(version string) ([]byte, error) {
}

func getGitleaksRulesRawURL(version string) string {
return fmt.Sprintf("https://raw.githubusercontent.com/zricethezav/gitleaks/%s/cmd/generate/config/main.go", version)
return fmt.Sprintf("https://raw.githubusercontent.com/Checkmarx/gitleaks/%s/cmd/generate/config/main.go", version)
}

func fetchOurRules() ([]byte, error) {
Expand Down
15 changes: 11 additions & 4 deletions engine/rules/rules.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,12 +41,16 @@ func getDefaultRules() *[]Rule {
{Rule: *rules.AsanaClientSecret(), Tags: []string{TagClientSecret}},
{Rule: *rules.Atlassian(), Tags: []string{TagApiToken}},
{Rule: *rules.Authress(), Tags: []string{TagAccessToken}},
{Rule: *rules.AWS(), Tags: []string{TagAccessToken}},
{Rule: *rules.AWSAccessKey(), Tags: []string{TagAccessKey}},
{Rule: *rules.AWSSecretKey(), Tags: []string{TagSecretKey}},
{Rule: *rules.BitBucketClientID(), Tags: []string{TagClientId}},
{Rule: *rules.BitBucketClientSecret(), Tags: []string{TagClientSecret}},
{Rule: *rules.BittrexAccessKey(), Tags: []string{TagAccessKey}},
{Rule: *rules.BittrexSecretKey(), Tags: []string{TagSecretKey}},
{Rule: *rules.Beamer(), Tags: []string{TagApiToken}},
{Rule: *rules.CloudflareAPIKey(), Tags: []string{TagApiKey}},
{Rule: *rules.CloudflareGlobalAPIKey(), Tags: []string{TagApiKey}},
{Rule: *rules.CloudflareOriginCAKey(), Tags: []string{TagSecretKey}},
{Rule: *rules.CodecovAccessToken(), Tags: []string{TagAccessToken}},
{Rule: *rules.CoinbaseAccessToken(), Tags: []string{TagAccessToken}},
{Rule: *rules.Clojars(), Tags: []string{TagApiToken}},
Expand All @@ -72,7 +76,9 @@ func getDefaultRules() *[]Rule {
{Rule: *rules.EasyPost(), Tags: []string{TagApiToken}},
{Rule: *rules.EasyPostTestAPI(), Tags: []string{TagApiToken}},
{Rule: *rules.EtsyAccessToken(), Tags: []string{TagAccessToken}},
{Rule: *rules.Facebook(), Tags: []string{TagApiToken}},
{Rule: *rules.FacebookSecret(), Tags: []string{TagClientSecret, TagAccessToken}},
{Rule: *rules.FacebookAccessToken(), Tags: []string{TagAccessToken}},
{Rule: *rules.FacebookPageAccessToken(), Tags: []string{TagAccessToken}},
{Rule: *rules.FastlyAPIToken(), Tags: []string{TagApiToken, TagApiKey}},
{Rule: *rules.FinicityClientSecret(), Tags: []string{TagClientSecret}},
{Rule: *rules.FinicityAPIToken(), Tags: []string{TagApiToken}},
Expand Down Expand Up @@ -146,11 +152,12 @@ func getDefaultRules() *[]Rule {
{Rule: *rules.Prefect(), Tags: []string{TagApiToken}},
{Rule: *rules.PrivateKey(), Tags: []string{TagPrivateKey}},
{Rule: *rules.PulumiAPIToken(), Tags: []string{TagApiToken}},
{Rule: *rules.PuttyPrivateKey(), Tags: []string{TagPrivateKey}},
{Rule: *rules.PyPiUploadToken(), Tags: []string{TagUploadToken}},
{Rule: *rules.RapidAPIAccessToken(), Tags: []string{TagAccessToken}},
{Rule: *rules.ReadMe(), Tags: []string{TagApiToken}},
{Rule: *rules.RubyGemsAPIToken(), Tags: []string{TagApiToken}},
// {Rule: *rules.ScalingoAPIToken(), Tags: []string{TagApiToken}}, https://github.com/Checkmarx/2ms/issues/226
{Rule: *rules.ScalingoAPIToken(), Tags: []string{TagApiToken}},
{Rule: *rules.SendbirdAccessID(), Tags: []string{TagAccessId}},
{Rule: *rules.SendbirdAccessToken(), Tags: []string{TagAccessToken}},
{Rule: *rules.SendGridAPIToken(), Tags: []string{TagApiToken}},
Expand All @@ -175,7 +182,7 @@ func getDefaultRules() *[]Rule {
{Rule: *rules.StripeAccessToken(), Tags: []string{TagAccessToken}},
{Rule: *rules.SquareAccessToken(), Tags: []string{TagAccessToken}},
{Rule: *rules.SquareSpaceAccessToken(), Tags: []string{TagAccessToken}},
// {Rule: *rules.SumoLogicAccessID(), Tags: []string{TagAccessId}}, https://github.com/Checkmarx/2ms/issues/226
{Rule: *rules.SumoLogicAccessID(), Tags: []string{TagAccessId}},
{Rule: *rules.SumoLogicAccessToken(), Tags: []string{TagAccessToken}},
{Rule: *rules.Snyk(), Tags: []string{TagApiKey}},
{Rule: *rules.TeamsWebhook(), Tags: []string{TagWebhook}},
Expand Down

0 comments on commit 270a67d

Please sign in to comment.