gitlab-secret_detection 0.14.0 → 0.14.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b011db6024a9386ec45e091c678b4b4ea43986065f846748f9b646caf2232c86
-  data.tar.gz: 9faabaf1da62a2470bc8c569a766f48867b0b59c701076b0c8e3d4fbd6ac7550
+  metadata.gz: b0ab467aac5be2b21d736da1917982e522bb79522d108ae9edeb0ad0b80b0c09
+  data.tar.gz: c0bdaee4db1a8d5220333e44c6ca87645c48ba10d838ecfef5fd632eb7169f31
 SHA512:
-  metadata.gz: 7bfb7fcda514e6e5baf4d4aac12208629f9034ffea475d815f95644abf385e3d4983d8640524dd297021e5a441b5b9fd0189b26c2aa8db8e0c38f42d59a0e7fd
-  data.tar.gz: 188e1ceb321ed6b92535b704dc962d37d2f4aec6c67ecbddb64316d7ec2503f29975ef416fca3b792613a5a2be1c74fa7175c0f161122e0d5e485423ea4ea7c7
+  metadata.gz: f54376fa5767253bd79e88b826e1a19f79c0222e16f1394b301c801ff61fb1fbb0f27fbbdd6b0c8899f013fdae75c5b5887327e8e7873c17257a2c16968d70f5
+  data.tar.gz: 7805cd5cf18f94006d4e0fb6409d79b2b48fed3108f7eb598a6cea64141d2a43065dad5d0cd58867138cd6aaf8ef71bbd17479b992d9853f46c198f468311bf0

data/lib/gitlab/secret_detection/core/secret_push_protection_rules.toml

@@ -0,0 +1,223 @@
+# rule-set version: 0.3.0
+# Rules are auto-generated. See https://gitlab.com/gitlab-org/security-products/secret-detection/secret-detection-rules for instructions on updating the rules.
+[[rules]]
+description = "Anthropic keys"
+id = "anthropic_key"
+keywords = ["sk-ant-"]
+regex = "\\b(sk-ant-[a-z]{3}\\d{2}-[A-Za-z0-9\\\\-_]{86}-[A-Za-z0-9\\\\-_]{8})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "AWS Access Token"
+id = "AWS"
+keywords = ["AKIA"]
+regex = "\\bAKIA[0-9A-Z]{16}\\b"
+tags = ["aws", "revocation_type", "gitlab_blocking"]
+[[rules]]
+description = "GCP API keys can be misused to gain API quota from billed projects"
+id = "GCP API key"
+keywords = ["AIza"]
+regex = "(?i)\\b(AIza[0-9A-Za-z-_]{35})(?:['|\\\"|\\n|\\r|\\s|\\x60|;]|$)"
+secretGroup = 1
+tags = ["gitlab_partner_token", "revocation_type", "gitlab_blocking"]
+[[rules]]
+description = "GCP OAuth client secrets can be misused to spoof your application"
+id = "GCP OAuth client secret"
+keywords = ["GOCSPX-"]
+regex = "GOCSPX-[a-zA-Z0-9_-]{28}"
+tags = ["gitlab_partner_token", "revocation_type", "gitlab_blocking"]
+[[rules]]
+description = "Google (GCP) Service-account"
+id = "Google (GCP) Service-account"
+keywords = ["service_account"]
+regex = "\\\"private_key\\\":\\s*\\\"-{5}BEGIN PRIVATE KEY-{5}[\\s\\S]*?\","
+tags = ["gitlab_partner_token", "revocation_type", "gitlab_blocking"]
+[[rules]]
+description = "Github Personal Access Token"
+id = "Github Personal Access Token"
+keywords = ["ghp_"]
+regex = "ghp_[0-9a-zA-Z]{36}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Github OAuth Access Token"
+id = "Github OAuth Access Token"
+keywords = ["gho_"]
+regex = "gho_[0-9a-zA-Z]{36}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Github App Token"
+id = "Github App Token"
+keywords = ["ghu_", "ghs_"]
+regex = "(ghu|ghs)_[0-9a-zA-Z]{36}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Github Refresh Token"
+id = "Github Refresh Token"
+keywords = ["ghr_"]
+regex = "ghr_[0-9a-zA-Z]{76}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "GitLab Personal Access Token"
+id = "gitlab_personal_access_token"
+keywords = ["glpat"]
+regex = "\\b(glpat-[0-9a-zA-Z_\\-]{20})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)"
+tags = ["gitlab", "revocation_type", "gitlab_blocking"]
+[[rules]]
+description = "GitLab Pipeline Trigger Token"
+id = "gitlab_pipeline_trigger_token"
+keywords = ["glptt"]
+regex = "\\b(glptt-[0-9a-zA-Z_\\-]{40})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)"
+tags = ["gitlab", "gitlab_blocking"]
+[[rules]]
+description = "GitLab Runner Registration Token"
+id = "gitlab_runner_registration_token"
+keywords = ["GR1348941"]
+regex = "\\b(GR1348941[0-9a-zA-Z_\\-]{20})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)"
+tags = ["gitlab", "gitlab_blocking"]
+[[rules]]
+description = "GitLab Runner Authentication Token"
+id = "gitlab_runner_auth_token"
+keywords = ["glrt"]
+regex = "\\b(glrt-[0-9a-zA-Z_\\-]{20})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)"
+tags = ["gitlab", "gitlab_blocking"]
+[[rules]]
+description = "GitLab OAuth Application Secrets"
+id = "gitlab_oauth_app_secret"
+keywords = ["gloas"]
+regex = "\\b(gloas-[0-9a-zA-Z_\\-]{64})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)"
+tags = ["gitlab", "gitlab_blocking"]
+[[rules]]
+description = "GitLab Feed token"
+id = "gitlab_feed_token_v2"
+keywords = ["glft"]
+regex = "\\b(glft-[0-9a-zA-Z_\\-]{20})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)"
+tags = ["gitlab", "gitlab_blocking"]
+[[rules]]
+description = "GitLab Agent for Kubernetes token"
+id = "gitlab_kubernetes_agent_token"
+keywords = ["glagent"]
+regex = "\\b(glagent-[0-9a-zA-Z_\\-]{50})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)"
+tags = ["gitlab", "gitlab_blocking"]
+[[rules]]
+description = "GitLab Incoming email token"
+id = "gitlab_incoming_email_token"
+keywords = ["glimt"]
+regex = "\\b(glimt-[0-9a-zA-Z_\\-]{25})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)"
+tags = ["gitlab", "gitlab_blocking"]
+[[rules]]
+description = "Grafana API token"
+id = "Grafana API token"
+keywords = ["grafana"]
+regex = "['\\\"]eyJrIjoi(?i)[a-z0-9-_=]{72,92}['\\\"]"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Hashicorp Terraform user/org API token"
+id = "Hashicorp Terraform user/org API token"
+keywords = ["atlasv1", "hashicorp", "terraform"]
+regex = "['\\\"](?i)[a-z0-9]{14}\\.atlasv1\\.[a-z0-9-_=]{60,70}['\\\"]"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Hashicorp Vault batch token"
+id = "Hashicorp Vault batch token"
+keywords = ["hashicorp", "AAAAAQ", "vault"]
+regex = "b\\.AAAAAQ[0-9a-zA-Z_-]{156}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Mailchimp API key"
+id = "Mailchimp API key"
+keywords = ["mailchimp"]
+regex = "(?i)(mailchimp[a-z0-9_ .\\-,]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\\\"]([a-f0-9]{32}-us20)['\\\"]"
+secretGroup = 3
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Mailgun private API token"
+id = "Mailgun private API token"
+keywords = ["mailgun"]
+regex = "(?i)(mailgun[a-z0-9_ .\\-,]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\\\"](key-[a-f0-9]{32})['\\\"]"
+secretGroup = 3
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Mailgun webhook signing key"
+id = "Mailgun webhook signing key"
+keywords = ["mailgun"]
+regex = "(?i)(mailgun[a-z0-9_ .\\-,]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\\\"]([a-h0-9]{32}-[a-h0-9]{8}-[a-h0-9]{8})['\\\"]"
+secretGroup = 3
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "New Relic user API Key"
+id = "New Relic user API Key"
+keywords = ["NRAK"]
+regex = "['\\\"](NRAK-[A-Z0-9]{27})['\\\"]"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "New Relic user API ID"
+id = "New Relic user API ID"
+keywords = ["newrelic"]
+regex = "(?i)(newrelic[a-z0-9_ .\\-,]{0,25})(=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\\\"]([A-Z0-9]{64})['\\\"]"
+secretGroup = 3
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "npm access token"
+id = "npm access token"
+keywords = ["npm_"]
+regex = "['\\\"](npm_(?i)[a-z0-9]{36})['\\\"]"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "PyPI upload token"
+id = "PyPI upload token"
+keywords = ["pypi-AgEIcHlwaS5vcmc"]
+regex = "pypi-AgEIcHlwaS5vcmc[A-Za-z0-9-_]{50,1000}"
+tags = ["pypi", "revocation_type", "gitlab_blocking"]
+[[rules]]
+description = "Rubygem API token"
+id = "Rubygem API token"
+keywords = ["rubygems_"]
+regex = "rubygems_[a-f0-9]{48}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Segment Public API token"
+id = "Segment Public API token"
+keywords = ["sgp_"]
+regex = "sgp_[a-zA-Z0-9]{64}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Sendgrid API token"
+id = "Sendgrid API token"
+keywords = ["sendgrid"]
+regex = "SG\\.(?i)[a-z0-9_\\-\\.]{66}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Shopify shared secret"
+id = "Shopify shared secret"
+keywords = ["shpss_"]
+regex = "shpss_[a-fA-F0-9]{32}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Shopify access token"
+id = "Shopify access token"
+keywords = ["shpat_"]
+regex = "shpat_[a-fA-F0-9]{32}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Shopify custom app access token"
+id = "Shopify custom app access token"
+keywords = ["shpca_"]
+regex = "shpca_[a-fA-F0-9]{32}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Shopify private app access token"
+id = "Shopify private app access token"
+keywords = ["shppa_"]
+regex = "shppa_[a-fA-F0-9]{32}"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Slack token"
+id = "Slack token"
+keywords = ["xoxb", "xoxa", "xoxp", "xoxr", "xoxs"]
+regex = "xox[baprs]-([0-9a-zA-Z]{10,48})"
+tags = ["gitlab_blocking"]
+[[rules]]
+description = "Stripe"
+id = "Stripe"
+keywords = ["sk_test", "pk_test", "sk_live", "pk_live"]
+regex = "(?i)(sk|pk)_(test|live)_[0-9a-z]{10,32}"
+tags = ["gitlab_blocking"]

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-secret_detection
 version: !ruby/object:Gem::Version
-  version: 0.14.0
+  version: 0.14.1
 platform: ruby
 authors:
 - group::secret detection
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-12-13 00:00:00.000000000 Z
+date: 2024-12-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
@@ -103,6 +103,7 @@ files:
 - lib/gitlab/secret_detection/core/response.rb
 - lib/gitlab/secret_detection/core/ruleset.rb
 - lib/gitlab/secret_detection/core/scanner.rb
+- lib/gitlab/secret_detection/core/secret_push_protection_rules.toml
 - lib/gitlab/secret_detection/core/status.rb
 - lib/gitlab/secret_detection/grpc.rb
 - lib/gitlab/secret_detection/grpc/client/grpc_client.rb