RubyGems - gitlab-secret_detection - Versions diffs - 0.38.2 → 0.39.0 - Mend

gitlab-secret_detection 0.38.2 → 0.39.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/gitlab/secret_detection/core/secret_push_protection_rules.toml +8 -17
data/lib/gitlab/secret_detection/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7569a9a7784f57393b7dc858f153d371046cc652da07f84274f603e7ef961141
-  data.tar.gz: 3f6eef05b42288e3dce15ee8d58887d21c69bb4b1b165cbf8c15d767c1deca32
+  metadata.gz: 72c744cde09e54fc5c31ccdeab76cc0dd2d149057e71e56f87a61837a5116a15
+  data.tar.gz: f4515d3c830d32313e9202b5c207edd7ae61f4eec0029d496b6dfac4a3f3f9f6
 SHA512:
-  metadata.gz: 2c2de5bb532aa09b808017020a919f1fc8ce43e48445f2fd6f3f698a1ad4c0c30da229ae836c0335aff54d46b4944d0c43b54d7f4f786bbf835aa01cd374e6d0
-  data.tar.gz: d1562dfbd8344cf2d8e1e3f4c99fe92db784c99f8c266b18b93ef618db632006434bf96bc8ad70b6cc2e7556b06bf52f14c644ad579fc87a51ad120753a2eb2e
+  metadata.gz: 4d9d25c4b0f0a870807eddc82ebea5750e93afd77d8c02d42a63c06765c4481c1960cd5a04277a578933eb05b3be8ae39b1607c2c38eeb63f0ee7d594556b396
+  data.tar.gz: 6b39ed7017729a4cd28e8c203b79daa6709ef6309c96bea42b46d5e27cc8364bf9074d8d36c3bafdfc869e59a02306741bd2f2ade1d8553e42b52cb71e71a74f

data/lib/gitlab/secret_detection/core/secret_push_protection_rules.toml CHANGED Viewed

@@ -1,4 +1,4 @@
-# rule-set version: 0.20.0
+# rule-set version: 0.21.1
 # Rules are auto-generated. See https://gitlab.com/gitlab-org/security-products/secret-detection/secret-detection-rules for instructions on updating the rules.
 [[rules]]
 id = 'AdafruitIOKey'
@@ -189,15 +189,6 @@ remediation = "For general guidance on handling security incidents with regards
 tags = ['gitlab_blocking']
 keywords = ['ApiKey-v1']
-[[rules]]
-id = 'CircleCIPersonalAccessToken'
-regex = '\bCCIPAT_[a-zA-Z0-9]{22}_[a-f0-9]{40}\b'
-description = "A CircleCI personal access token was identified. Personal access tokens grant the same level of permissions as the user\nthat created the token. A malicious actor with access to this token can impersonate the user and gain access to all\nfeatures and services in CircleCI."
-title = 'CircleCI Personal Access Token'
-remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nFor rotating a Personal Access token:\n\n- In the CircleCI application, go to your User settings.\n- Select \"Personal API Tokens\".\n- Select \"X\" in the Remove column for the token you wish to replace and confirm your deletion.\n- Select \"Create New Token\".\n- In the Token name field, type a new name for the old token you are rotating. It can be the same name given to the old\n  token.\n- Select \"Add API Token\".\n- After the token appears, copy and paste it to another location. It is not possible to view the token again.\n\nFor more information please see their [documentation on rotating personal access tokens](https://circleci.com/docs/managing-api-tokens/#rotating-a-personal-api-token)."
-tags = ['gitlab_blocking']
-keywords = ['CCIPAT_']
 [[rules]]
 id = 'ContentfulPersonalAccessToken'
 regex = '\bCFPAT-([a-zA-Z0-9_\-]){43}\b'
@@ -568,11 +559,11 @@ tags = ['gitlab_blocking']
 keywords = ['hf_']
 [[rules]]
-id = 'IntercomAppAccessToken'
-regex = '\bdG9rO[0-9A-Za-z]{54}\b'
-description = "An Intercom application access token was identified. Application access tokens can be used to access the workspace's\ndata through the API. A malicious actor with access to this token can read or write conversations, read admin activity\nlogs, or read or write articles."
-title = 'Intercom application access token'
-remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nIt is not possible to rotate an access token. You must delete your application and recreate it.\n\nFor more information, please see [Intercom's documentation on access tokens](https://developers.intercom.com/docs/build-an-integration/learn-more/authentication#access-tokens)."
+id = 'Intercom API token'
+regex = '\bdG9rO(?:[0-9A-Za-z]{55}\b|[0-9A-Za-z]{54}=|[0-9A-Za-z]{53}==)'
+description = "An Intercom API Token was detected. These tokens provide direct API access to your Intercom workspace and can\nbe either personal access tokens or app-level access tokens. A malicious actor with access to this token could\nread customer conversations, access user data, send messages, modify workspace settings, and perform other\nactions based on the token's permission scope."
+title = 'Intercom API Token'
+remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab\ndocumentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke your Intercom API Token:\n\n1. Log in to your [Intercom workspace](https://app.intercom.com/)\n2. Navigate to Settings by clicking the gear icon in the bottom-left corner\n3. Select \"Developers\" from the settings menu, then choose \"Developer Hub\"\n4. Click on \"Your Apps\" and select the app associated with the compromised token\n5. In the \"Authentication\" section, locate the access token that was compromised\n6. Click \"Revoke\" next to the compromised token to immediately invalidate it\n7. Generate a new access token by clicking \"Create access token\" or \"New access token\"\n8. Update all applications, services, and integrations with the new token\n9. Test API calls to verify the new token works correctly and the old token is invalid\n\nFor detailed information on managing Intercom API tokens, please see the\n[Intercom API Authentication Documentation](https://developers.intercom.com/docs/build-an-integration/learn-more/authentication/)."
 tags = ['gitlab_blocking']
 keywords = ['dG9rO']
@@ -704,7 +695,7 @@ keywords = ['api_live']
 [[rules]]
 id = 'OpenAiProjectKey'
-regex = '\bsk-proj-[a-zA-Z0-9_-]{156}'
+regex = '\bsk-proj-[a-zA-Z0-9_-]{40,190}\b'
 description = "An OpenAI project API key was identified. A project key can be used for programmatic access to OpenAI's API. A malicious\nactor with access to this key can execute functionality on behalf of the user who created the key."
 title = 'OpenAI project key'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke Open AI project API key:\n\n- Sign in to your OpenAI account and visit <https://platform.openai.com/settings/>\n- On the left-hand side menu, select \"API Keys\" under \"Project\"\n- Find the key that was identified, and select the red trash icon on the right-hand side.\n- When prompted, select \"Revoke key\" in the \"Revoke secret key\" dialog\n\nFor more information, please see [OpenAI's documentation on project API keys](https://platform.openai.com/docs/api-reference/project-api-keys)."
@@ -713,7 +704,7 @@ keywords = ['sk-proj-']
 [[rules]]
 id = 'OpenAiServiceAccountKey'
-regex = '\bsk-svcacct-[a-zA-Z0-9_-]{120,190}'
+regex = '\bsk-svcacct-[a-zA-Z0-9_-]{40,190}\b'
 description = "An OpenAI service account key was identified. A service account key can be used for programmatic access to OpenAI's API.\nA malicious actor with access to this key can execute functionality on behalf of the user who created the key."
 title = 'OpenAI service account key'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\n- Sign in to your OpenAI account and visit <https://platform.openai.com/settings/>\n- On the left-hand side menu, select \"API Keys\" under \"Organization\"\n- Find the key that was identified, and select the red trash icon on the right-hand side.\n- When prompted, select \"Revoke key\" in the \"Revoke secret key\" dialog\n\nFor more information, please see [OpenAI's documentation on project service accounts](https://platform.openai.com/docs/api-reference/project-service-accounts)."

data/lib/gitlab/secret_detection/version.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module Gitlab
     class Gem
       # Ensure to maintain the same version in CHANGELOG file.
       # More details available under 'Release Process' section in the README.md file.
-      VERSION = "0.38.2"
+      VERSION = "0.39.0"
       # SD_ENV env var is used to determine which environment the
       # server is running. This var is defined in `.runway/env-<env>.yml` files.

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-secret_detection
 version: !ruby/object:Gem::Version
-  version: 0.38.2
+  version: 0.39.0
 platform: ruby
 authors:
 - group::secret detection
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-11-24 00:00:00.000000000 Z
+date: 2025-12-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc