RubyGems - gitlab-secret_detection - Versions diffs - 0.8.0 → 0.10.0 - Mend

gitlab-secret_detection 0.8.0 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/README.md +14 -2
data/lib/gitlab/secret_detection/core/ruleset.rb +1 -1
data/lib/gitlab/secret_detection/core/scanner.rb +9 -2
data/lib/gitlab/secret_detection/grpc/generated/secret_detection_pb.rb +1 -1
data/proto/secret_detection.proto +1 -0
metadata +2 -3
data/lib/gitlab/secret_detection/core/gitleaks.toml +0 -1084

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a05ed2079c4cbdfe4b79681687fa7ac880ba9af384dbf7143374e009eb6e8eac
-  data.tar.gz: 73f0c96737d1816793c96734541fbe9d1785925fadfa10a622849a74091493f5
+  metadata.gz: d8c9973848eb3af18a6877e6d1e9934e69511fb9c41864f4b822791369e97ec0
+  data.tar.gz: f3b2679ae7b92b6b926ee2bdbe552bbae3c5ad07670d36d018a812b354fd3a55
 SHA512:
-  metadata.gz: 1dd99d867f15ae626ace54f3f30dcc344d4b13d421cbfd61ddefa1afeb6d6f971e6b1700aa789e916eb55d3e76b2b2f956693be42235f28d17b23b9f1ea017bb
-  data.tar.gz: 3788076e7734be035b63bc64ad59d1d3be1303098cd94d0da27f20bbf4569e5250cbc3f57bb33fd99478c5cdeba214174cef40fd7e095a9f04c12015894dd6d2
+  metadata.gz: f5d371430a4c8c6051dadcee41071ac03d5fcd7e39cd726fa6d9ed0f59008813ad3b27efb2ebc185218eeeb15ae747b48a8d053065e64217a55f052505b45174
+  data.tar.gz: 807521d0c06bc757eb51dc4536bc335a34fb0606c64b77ad94145dcbb829105a70efef8c606771c0340330f9bb4bb4af00193795165bc38068b6d174614b06d3

data/README.md CHANGED Viewed

@@ -42,7 +42,7 @@ the approach:
 │           ├── core/..                  # Secret detection logic (most of it pulled from existing gem)
 │           └── grpc
 │               ├── generated/..         # gRPC generated files and secret detection gRPC service
-│               ├── client/..            # gRPC client to invoke secret detection service's RPC endpoints
+│               ├── client/..            # gRPC client to invoke secret detection service's RPC endpoints
 │               └── scanner_service.rb   # Secret detection gRPC service implementation
 ├── examples
 │   └── sample-client/..                 # Sample Ruby RPC client that connects with gRPC server and calls RPC scan
@@ -54,7 +54,8 @@ the approach:
 ├── spec/..                              # Rspec tests and related test helpers
 ├── gitlab-secret_detection.gemspec      # Gemspec file for Ruby Gem
 ├── Dockerfile                           # Dockerfile for running gRPC server
-└── Makefile                             # All the CLI commands placed here
+├── Makefile                             # All the CLI commands placed here
+└── RULES_VERSION                        # Current version of secret-detection-rules
 ```
 ### Makefile commands
@@ -63,6 +64,7 @@ Usage `make <command>`
 | Command             | Description                                                                                                                     |
 |---------------------|---------------------------------------------------------------------------------------------------------------------------------|
+| `install_secret_detection_rules` | Downloads secret-detection-rules based on package version defined in RULES_VERSION                                 |
 | `install`           | Installs ruby gems in the project using Ruby bundler                                                                            |
 | `lint_fix`          | Fixes all the fixable Rubocop lint offenses                                                                                     |
 | `gem_clean`         | Cleans existing gem file(if any) generated through gem build process                                                            |
@@ -75,6 +77,16 @@ Usage `make <command>`
 | `run_grpc_tests`    | Runs RSpec tests for Secret Detection gRPC endpoints                                                                            |
 | `run_all_tests`     | Runs all the RSpec tests in the project                                                                                         |
+## Secret Detection Rules
+The make target `install_secret_detection_rules` fetches the version of the
+[secret detection rules package](https://gitlab.com/gitlab-org/security-products/secret-detection/secret-detection-rules/-/packages)
+specified in the `RULES_VERSION` file and extracts the secret_push_protection_rules.toml rule file.
+The command is called when running tests as well as when building the Dockerfile.
+The secret_push_protection_rules.toml file is added to .gitignore to
+avoid checking in changes.
 ## Generating a ruby gem
 In the project directory, run `make gem` command in the terminal that builds a ruby gem(ex: `secret_detection-0.1.0.gem`) in the root of

data/lib/gitlab/secret_detection/core/ruleset.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module Gitlab
     module Core
       class Ruleset
         # file path where the secrets ruleset file is located
-        RULESET_FILE_PATH = File.expand_path('gitleaks.toml', __dir__)
+        RULESET_FILE_PATH = File.expand_path('secret_push_protection_rules.toml', __dir__)
         def initialize(path: RULESET_FILE_PATH, logger: Logger.new($stdout))
           @path = path

data/lib/gitlab/secret_detection/core/scanner.rb CHANGED Viewed

@@ -260,6 +260,8 @@ module Gitlab
         def find_secrets_in_payload(payload:, pattern_matcher:, raw_value_exclusions: [], rule_exclusions: [])
           findings = []
+          payload_offset = payload.respond_to?(:offset) ? payload.offset : 0
           payload.data
                  .each_line($INPUT_RECORD_SEPARATOR, chomp: true)
                  .each_with_index do |line, index|
@@ -271,7 +273,11 @@ module Gitlab
             next if line.empty?
-            line_no = index + 1
+            # If payload offset is given then we will compute absolute line number i.e.,
+            # offset + relative_line_number - 1. In this scenario, index is equivalent to relative_line_number - 1.
+            # Whereas, when payload offset is not given, we'll set the line number relative to the beginning of the
+            # payload. In this scenario it will be index + 1.
+            line_no = payload_offset.positive? ? payload_offset + index : index + 1
             matches = pattern_matcher.match(line, exception: false) # returns indices of matched patterns
@@ -280,7 +286,8 @@ module Gitlab
               next if rule_exclusions.include?(rule[:id])
-              findings << Core::Finding.new(payload.id, Core::Status::FOUND, line_no, rule[:id], rule[:description])
+              findings << Core::Finding.new(payload.id, Core::Status::FOUND, line_no, rule[:id],
+                rule[:description])
             end
           end

data/lib/gitlab/secret_detection/grpc/generated/secret_detection_pb.rb CHANGED Viewed

@@ -5,7 +5,7 @@
 require 'google/protobuf'
-descriptor_data = "\n\x16secret_detection.proto\x12\x17gitlab.secret_detection\"\xfc\x03\n\x0bScanRequest\x12>\n\x08payloads\x18\x01 \x03(\x0b\x32,.gitlab.secret_detection.ScanRequest.Payload\x12\x19\n\x0ctimeout_secs\x18\x02 \x01(\x02H\x00\x88\x01\x01\x12!\n\x14payload_timeout_secs\x18\x03 \x01(\x02H\x01\x88\x01\x01\x12\x42\n\nexclusions\x18\x04 \x03(\x0b\x32..gitlab.secret_detection.ScanRequest.Exclusion\x12\x0c\n\x04tags\x18\x05 \x03(\t\x1a#\n\x07Payload\x12\n\n\x02id\x18\x01 \x01(\t\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\t\x1a\x66\n\tExclusion\x12J\n\x0e\x65xclusion_type\x18\x01 \x01(\x0e\x32\x32.gitlab.secret_detection.ScanRequest.ExclusionType\x12\r\n\x05value\x18\x02 \x01(\t\"f\n\rExclusionType\x12\x1e\n\x1a\x45XCLUSION_TYPE_UNSPECIFIED\x10\x00\x12\x17\n\x13\x45XCLUSION_TYPE_RULE\x10\x01\x12\x1c\n\x18\x45XCLUSION_TYPE_RAW_VALUE\x10\x02\x42\x0f\n\r_timeout_secsB\x17\n\x15_payload_timeout_secs\"\xe2\x03\n\x0cScanResponse\x12>\n\x07results\x18\x01 \x03(\x0b\x32-.gitlab.secret_detection.ScanResponse.Finding\x12\x0e\n\x06status\x18\x02 \x01(\x05\x1a\x9d\x01\n\x07\x46inding\x12\x12\n\npayload_id\x18\x01 \x01(\t\x12\x0e\n\x06status\x18\x02 \x01(\x05\x12\x11\n\x04type\x18\x03 \x01(\tH\x00\x88\x01\x01\x12\x18\n\x0b\x64\x65scription\x18\x04 \x01(\tH\x01\x88\x01\x01\x12\x18\n\x0bline_number\x18\x05 \x01(\x05H\x02\x88\x01\x01\x42\x07\n\x05_typeB\x0e\n\x0c_descriptionB\x0e\n\x0c_line_number\"\xe1\x01\n\x06Status\x12\x16\n\x12STATUS_UNSPECIFIED\x10\x00\x12\x10\n\x0cSTATUS_FOUND\x10\x01\x12\x1c\n\x18STATUS_FOUND_WITH_ERRORS\x10\x02\x12\x17\n\x13STATUS_SCAN_TIMEOUT\x10\x03\x12\x1a\n\x16STATUS_PAYLOAD_TIMEOUT\x10\x04\x12\x15\n\x11STATUS_SCAN_ERROR\x10\x05\x12\x16\n\x12STATUS_INPUT_ERROR\x10\x06\x12\x14\n\x10STATUS_NOT_FOUND\x10\x07\x12\x15\n\x11STATUS_AUTH_ERROR\x10\x08\x32\xc1\x01\n\x07Scanner\x12U\n\x04Scan\x12$.gitlab.secret_detection.ScanRequest\x1a%.gitlab.secret_detection.ScanResponse\"\x00\x12_\n\nScanStream\x12$.gitlab.secret_detection.ScanRequest\x1a%.gitlab.secret_detection.ScanResponse\"\x00(\x01\x30\x01\x42 \xea\x02\x1dGitlab::SecretDetection::GRPCb\x06proto3"
+descriptor_data = "\n\x16secret_detection.proto\x12\x17gitlab.secret_detection\"\x9c\x04\n\x0bScanRequest\x12>\n\x08payloads\x18\x01 \x03(\x0b\x32,.gitlab.secret_detection.ScanRequest.Payload\x12\x19\n\x0ctimeout_secs\x18\x02 \x01(\x02H\x00\x88\x01\x01\x12!\n\x14payload_timeout_secs\x18\x03 \x01(\x02H\x01\x88\x01\x01\x12\x42\n\nexclusions\x18\x04 \x03(\x0b\x32..gitlab.secret_detection.ScanRequest.Exclusion\x12\x0c\n\x04tags\x18\x05 \x03(\t\x1a\x43\n\x07Payload\x12\n\n\x02id\x18\x01 \x01(\t\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\t\x12\x13\n\x06offset\x18\x03 \x01(\x05H\x00\x88\x01\x01\x42\t\n\x07_offset\x1a\x66\n\tExclusion\x12J\n\x0e\x65xclusion_type\x18\x01 \x01(\x0e\x32\x32.gitlab.secret_detection.ScanRequest.ExclusionType\x12\r\n\x05value\x18\x02 \x01(\t\"f\n\rExclusionType\x12\x1e\n\x1a\x45XCLUSION_TYPE_UNSPECIFIED\x10\x00\x12\x17\n\x13\x45XCLUSION_TYPE_RULE\x10\x01\x12\x1c\n\x18\x45XCLUSION_TYPE_RAW_VALUE\x10\x02\x42\x0f\n\r_timeout_secsB\x17\n\x15_payload_timeout_secs\"\xe2\x03\n\x0cScanResponse\x12>\n\x07results\x18\x01 \x03(\x0b\x32-.gitlab.secret_detection.ScanResponse.Finding\x12\x0e\n\x06status\x18\x02 \x01(\x05\x1a\x9d\x01\n\x07\x46inding\x12\x12\n\npayload_id\x18\x01 \x01(\t\x12\x0e\n\x06status\x18\x02 \x01(\x05\x12\x11\n\x04type\x18\x03 \x01(\tH\x00\x88\x01\x01\x12\x18\n\x0b\x64\x65scription\x18\x04 \x01(\tH\x01\x88\x01\x01\x12\x18\n\x0bline_number\x18\x05 \x01(\x05H\x02\x88\x01\x01\x42\x07\n\x05_typeB\x0e\n\x0c_descriptionB\x0e\n\x0c_line_number\"\xe1\x01\n\x06Status\x12\x16\n\x12STATUS_UNSPECIFIED\x10\x00\x12\x10\n\x0cSTATUS_FOUND\x10\x01\x12\x1c\n\x18STATUS_FOUND_WITH_ERRORS\x10\x02\x12\x17\n\x13STATUS_SCAN_TIMEOUT\x10\x03\x12\x1a\n\x16STATUS_PAYLOAD_TIMEOUT\x10\x04\x12\x15\n\x11STATUS_SCAN_ERROR\x10\x05\x12\x16\n\x12STATUS_INPUT_ERROR\x10\x06\x12\x14\n\x10STATUS_NOT_FOUND\x10\x07\x12\x15\n\x11STATUS_AUTH_ERROR\x10\x08\x32\xc1\x01\n\x07Scanner\x12U\n\x04Scan\x12$.gitlab.secret_detection.ScanRequest\x1a%.gitlab.secret_detection.ScanResponse\"\x00\x12_\n\nScanStream\x12$.gitlab.secret_detection.ScanRequest\x1a%.gitlab.secret_detection.ScanResponse\"\x00(\x01\x30\x01\x42 \xea\x02\x1dGitlab::SecretDetection::GRPCb\x06proto3"
 pool = Google::Protobuf::DescriptorPool.generated_pool
 pool.add_serialized_file(descriptor_data)

data/proto/secret_detection.proto CHANGED Viewed

@@ -12,6 +12,7 @@ message ScanRequest {
   message Payload {
     string id = 1;
     string data = 2;
+    optional int32 offset = 3;
   }
   // Either provide rule type or a particular value to allow during the scan

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-secret_detection
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.10.0
 platform: ruby
 authors:
 - group::secret detection
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-10-18 00:00:00.000000000 Z
+date: 2024-11-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
@@ -100,7 +100,6 @@ files:
 - lib/gitlab/secret_detection.rb
 - lib/gitlab/secret_detection/core.rb
 - lib/gitlab/secret_detection/core/finding.rb
-- lib/gitlab/secret_detection/core/gitleaks.toml
 - lib/gitlab/secret_detection/core/response.rb
 - lib/gitlab/secret_detection/core/ruleset.rb
 - lib/gitlab/secret_detection/core/scanner.rb

data/lib/gitlab/secret_detection/core/gitleaks.toml DELETED Viewed

@@ -1,1084 +0,0 @@
-# This file contains a subset of rules pulled from the original source file.
-# Original Source: https://gitlab.com/gitlab-org/security-products/analyzers/secrets/-/blob/master/gitleaks.toml
-# Reference: https://gitlab.com/gitlab-org/gitlab/-/issues/427011
-title = "gitleaks config"
-[[rules]]
-id = "gitlab_personal_access_token"
-description = "GitLab Personal Access Token"
-regex = '''\bglpat-[0-9a-zA-Z_\-]{20}\b'''
-tags = ["gitlab", "revocation_type", "gitlab_blocking"]
-keywords = [
-    "glpat",
-]
-[[rules]]
-id = "gitlab_pipeline_trigger_token"
-description = "GitLab Pipeline Trigger Token"
-regex = '''\bglptt-[0-9a-zA-Z_\-]{40}\b'''
-tags = ["gitlab", "gitlab_blocking"]
-keywords = [
-    "glptt",
-]
-[[rules]]
-id = "gitlab_runner_registration_token"
-description = "GitLab Runner Registration Token"
-regex = '''\bGR1348941[0-9a-zA-Z_\-]{20}\b'''
-tags = ["gitlab", "gitlab_blocking"]
-keywords = [
-    "GR1348941",
-]
-[[rules]]
-id = "gitlab_runner_auth_token"
-description = "GitLab Runner Authentication Token"
-regex = '''\bglrt-[0-9a-zA-Z_\-]{20}\b'''
-tags = ["gitlab", "gitlab_blocking"]
-keywords = [
-    "glrt",
-]
-[[rules]]
-id = "gitlab_feed_token"
-description = "GitLab Feed Token"
-regex = '''\bfeed_token=[0-9a-zA-Z_\-]{20}\b'''
-tags = ["gitlab"]
-keywords = [
-    "feed_token",
-]
-[[rules]]
-id = "gitlab_oauth_app_secret"
-description = "GitLab OAuth Application Secrets"
-regex = '''\bgloas-[0-9a-zA-Z_\-]{64}\b'''
-tags = ["gitlab", "gitlab_blocking"]
-keywords = [
-    "gloas",
-]
-[[rules]]
-id = "gitlab_feed_token_v2"
-description = "GitLab Feed token"
-regex = '''\bglft-[0-9a-zA-Z_\-]{20}\b'''
-tags = ["gitlab", "gitlab_blocking"]
-keywords = [
-    "glft",
-]
-[[rules]]
-id = "gitlab_kubernetes_agent_token"
-description = "GitLab Agent for Kubernetes token"
-regex = '''\bglagent-[0-9a-zA-Z_\-]{50}\b'''
-tags = ["gitlab", "gitlab_blocking"]
-keywords = [
-    "glagent",
-]
-[[rules]]
-id = "gitlab_incoming_email_token"
-description = "GitLab Incoming email token"
-regex = '''\bglimt-[0-9a-zA-Z_\-]{25}\b'''
-tags = ["gitlab", "gitlab_blocking"]
-keywords = [
-    "glimt",
-]
-[[rules]]
-id = "gitlab_deploy_token"
-description = "GitLab Deploy Token"
-regex = '''\bgldt-[0-9a-zA-Z_\-]{20}\b'''
-tags = ["gitlab"]
-keywords = [
-    "gldt",
-]
-[[rules]]
-id = "gitlab_scim_oauth_token"
-description = "GitLab SCIM token"
-regex = '''\bglsoat-[0-9a-zA-Z_\-]{20}\b'''
-tags = ["gitlab"]
-keywords = [
-    "glsoat",
-]
-[[rules]]
-id = "gitlab_ci_build_token"
-description = "GitLab CI Build (Job) token"
-regex = '''\bglcbt-[0-9a-zA-Z]{1,5}_[0-9a-zA-Z_-]{20}\b'''
-tags = ["gitlab"]
-keywords = [
-    "glcbt",
-]
-[[rules]]
-id = "AWS"
-description = "AWS Access Token"
-regex = '''\bAKIA[0-9A-Z]{16}\b'''
-tags = ["aws", "revocation_type", "gitlab_blocking"]
-keywords = [
-    "AKIA",
-]
-# Cryptographic keys
-[[rules]]
-id = "PKCS8 private key"
-description = "PKCS8 private key"
-regex = '''-----BEGIN PRIVATE KEY-----'''
-keywords = [
-    "-----BEGIN PRIVATE KEY-----",
-]
-[[rules]]
-id = "RSA private key"
-description = "RSA private key"
-regex = '''-----BEGIN RSA PRIVATE KEY-----'''
-keywords = [
-    "-----BEGIN RSA PRIVATE KEY-----",
-]
-[[rules]]
-id = "SSH private key"
-description = "SSH private key"
-regex = '''-----BEGIN OPENSSH PRIVATE KEY-----'''
-keywords = [
-    "-----BEGIN OPENSSH PRIVATE KEY-----",
-]
-[[rules]]
-id = "PGP private key"
-description = "PGP private key"
-regex = '''-----BEGIN PGP PRIVATE KEY BLOCK-----'''
-keywords = [
-    "-----BEGIN PGP PRIVATE KEY BLOCK-----",
-]
-[[rules]]
-description = "systemd machine-id"
-id = "systemd-machine-id"
-path = '''^machine-id$'''
-regex = '''^[0-9a-f]{32}\n$'''
-entropy = 3.5
-[[rules]]
-id = "Github Personal Access Token"
-description = "Github Personal Access Token"
-regex = '''ghp_[0-9a-zA-Z]{36}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "ghp_",
-]
-[[rules]]
-id = "Github OAuth Access Token"
-description = "Github OAuth Access Token"
-regex = '''gho_[0-9a-zA-Z]{36}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "gho_",
-]
-[[rules]]
-id = "SSH (DSA) private key"
-description = "SSH (DSA) private key"
-regex = '''-----BEGIN DSA PRIVATE KEY-----'''
-keywords = [
-    "-----BEGIN DSA PRIVATE KEY-----",
-]
-[[rules]]
-id = "SSH (EC) private key"
-description = "SSH (EC) private key"
-regex = '''-----BEGIN EC PRIVATE KEY-----'''
-keywords = [
-    "-----BEGIN EC PRIVATE KEY-----",
-]
-[[rules]]
-id = "Github App Token"
-description = "Github App Token"
-regex = '''(ghu|ghs)_[0-9a-zA-Z]{36}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "ghu_",
-    "ghs_"
-]
-[[rules]]
-id = "Github Refresh Token"
-description = "Github Refresh Token"
-regex = '''ghr_[0-9a-zA-Z]{76}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "ghr_"
-]
-[[rules]]
-id = "Shopify shared secret"
-description = "Shopify shared secret"
-regex = '''shpss_[a-fA-F0-9]{32}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "shpss_"
-]
-[[rules]]
-id = "Shopify access token"
-description = "Shopify access token"
-regex = '''shpat_[a-fA-F0-9]{32}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "shpat_"
-]
-[[rules]]
-id = "Shopify custom app access token"
-description = "Shopify custom app access token"
-regex = '''shpca_[a-fA-F0-9]{32}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "shpca_"
-]
-[[rules]]
-id = "Shopify private app access token"
-description = "Shopify private app access token"
-regex = '''shppa_[a-fA-F0-9]{32}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "shppa_"
-]
-[[rules]]
-id = "Slack token"
-description = "Slack token"
-regex = '''xox[baprs]-([0-9a-zA-Z]{10,48})'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "xoxb",
-    "xoxa",
-    "xoxp",
-    "xoxr",
-    "xoxs",
-]
-[[rules]]
-id = "Stripe"
-description = "Stripe"
-regex = '''(?i)(sk|pk)_(test|live)_[0-9a-z]{10,32}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "sk_test",
-    "pk_test",
-    "sk_live",
-    "pk_live",
-]
-[[rules]]
-id = "PyPI upload token"
-description = "PyPI upload token"
-regex = '''pypi-AgEIcHlwaS5vcmc[A-Za-z0-9-_]{50,1000}'''
-tags = ["pypi", "revocation_type", "gitlab_blocking"]
-keywords = [
-    "pypi-AgEIcHlwaS5vcmc",
-]
-[[rules]]
-id = "Google (GCP) Service-account"
-description = "Google (GCP) Service-account"
-tags = ["gitlab_partner_token", "revocation_type", "gitlab_blocking"]
-regex = '''\"private_key\":\s*\"-{5}BEGIN PRIVATE KEY-{5}[\s\S]*?",'''
-keywords = [
-    "service_account",
-]
-[[rules]]
-id = "GCP API key"
-description = "GCP API keys can be misused to gain API quota from billed projects"
-regex = '''(?i)\b(AIza[0-9A-Za-z-_]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
-secretGroup = 1
-tags = ["gitlab_partner_token", "revocation_type", "gitlab_blocking"]
-keywords = [
-    "AIza",
-]
-[[rules]]
-id = "GCP OAuth client secret"
-description = "GCP OAuth client secrets can be misused to spoof your application"
-tags = ["gitlab_partner_token", "revocation_type", "gitlab_blocking"]
-regex = '''GOCSPX-[a-zA-Z0-9_-]{28}'''
-keywords = [
-    "GOCSPX-",
-]
-[[rules]]
-# demo of this regex not matching passwords in urls that contain env vars:
-# https://regex101.com/r/rT9Lv9/6
-id = "Password in URL"
-description = "Password in URL"
-regex = '''[a-zA-Z]{3,10}:\/\/[^$][^:@\/\n]{3,20}:[^$][^:@\n\/]{3,40}@.{1,100}'''
-[[rules]]
-id = "Heroku API Key"
-description = "Heroku API Key"
-regex = '''(?i)(?:heroku)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12})(?:['|\"|\n|\r|\s|\x60]|$)'''
-secretGroup = 1
-keywords = [
-    "heroku",
-]
-[[rules]]
-id = "Slack Webhook"
-description = "Slack Webhook"
-regex = '''https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8,12}/[a-zA-Z0-9_]{24}'''
-keywords = [
-    "https://hooks.slack.com/services",
-]
-[[rules]]
-id = "Twilio API Key"
-description = "Twilio API Key"
-regex = '''SK[0-9a-fA-F]{32}'''
-keywords = [
-    "SK",
-    "twilio"
-]
-[[rules]]
-id = "Age secret key"
-description = "Age secret key"
-regex = '''AGE-SECRET-KEY-1[QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L]{58}'''
-keywords = [
-    "AGE-SECRET-KEY-1",
-]
-[[rules]]
-id = "Facebook token"
-description = "Facebook token"
-regex = '''(?i)(facebook[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32})['\"]'''
-secretGroup = 3
-keywords = [
-    "facebook",
-]
-[[rules]]
-id = "Twitter token"
-description = "Twitter token"
-regex = '''(?i)(twitter[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{35,44})['\"]'''
-secretGroup = 3
-keywords = [
-    "twitter",
-]
-[[rules]]
-id = "Adobe Client ID (Oauth Web)"
-description = "Adobe Client ID (Oauth Web)"
-regex = '''(?i)(adobe[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32})['\"]'''
-secretGroup = 3
-keywords = [
-    "adobe",
-]
-[[rules]]
-id = "Adobe Client Secret"
-description = "Adobe Client Secret"
-regex = '''(p8e-)(?i)[a-z0-9]{32}'''
-keywords = [
-    "adobe",
-    "p8e-,"
-]
-[[rules]]
-id = "Alibaba AccessKey ID"
-description = "Alibaba AccessKey ID"
-regex = '''(LTAI)(?i)[a-z0-9]{20}'''
-keywords = [
-    "LTAI",
-]
-[[rules]]
-id = "Alibaba Secret Key"
-description = "Alibaba Secret Key"
-regex = '''(?i)(alibaba[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{30})['\"]'''
-secretGroup = 3
-keywords = [
-    "alibaba",
-]
-[[rules]]
-id = "Asana Client ID"
-description = "Asana Client ID"
-regex = '''(?i)(asana[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9]{16})['\"]'''
-secretGroup = 3
-keywords = [
-    "asana",
-]
-[[rules]]
-id = "Asana Client Secret"
-description = "Asana Client Secret"
-regex = '''(?i)(asana[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"]'''
-secretGroup = 3
-keywords = [
-    "asana",
-]
-[[rules]]
-id = "Atlassian API token"
-description = "Atlassian API token"
-regex = '''(?i)(atlassian[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{24})['\"]'''
-secretGroup = 3
-keywords = [
-    "atlassian",
-]
-[[rules]]
-id = "Bitbucket client ID"
-description = "Bitbucket client ID"
-regex = '''(?i)(bitbucket[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{32})['\"]'''
-secretGroup = 3
-keywords = [
-    "bitbucket",
-]
-[[rules]]
-id = "Bitbucket client secret"
-description = "Bitbucket client secret"
-regex = '''(?i)(bitbucket[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9_\-]{64})['\"]'''
-secretGroup = 3
-keywords = [
-    "bitbucket",
-]
-[[rules]]
-id = "Beamer API token"
-description = "Beamer API token"
-regex = '''(?i)(beamer[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"](b_[a-z0-9=_\-]{44})['\"]'''
-secretGroup = 3
-keywords = [
-    "beamer",
-]
-[[rules]]
-id = "Clojars API token"
-description = "Clojars API token"
-regex = '''(CLOJARS_)(?i)[a-z0-9]{60}'''
-keywords = [
-    "CLOJARS_",
-]
-[[rules]]
-id = "Contentful delivery API token"
-description = "Contentful delivery API token"
-regex = '''(?i)(contentful[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9\-=_]{43})['\"]'''
-secretGroup = 3
-keywords = [
-    "contentful",
-]
-[[rules]]
-id = "Contentful preview API token"
-description = "Contentful preview API token"
-regex = '''(?i)(contentful[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9\-=_]{43})['\"]'''
-secretGroup = 3
-keywords = [
-    "contentful",
-]
-[[rules]]
-id = "Databricks API token"
-description = "Databricks API token"
-regex = '''dapi[a-h0-9]{32}'''
-keywords = [
-    "dapi",
-    "databricks"
-]
-[[rules]]
-description = "DigitalOcean OAuth Access Token"
-id = "digitalocean-access-token"
-regex = '''(?i)\b(doo_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
-secretGroup = 1
-keywords = [
-    "doo_v1_",
-]
-[[rules]]
-description = "DigitalOcean Personal Access Token"
-id = "digitalocean-pat"
-regex = '''(?i)\b(dop_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
-secretGroup = 1
-keywords = [
-    "dop_v1_",
-]
-[[rules]]
-description = "DigitalOcean OAuth Refresh Token"
-id = "digitalocean-refresh-token"
-regex = '''(?i)\b(dor_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
-secretGroup = 1
-keywords = [
-    "dor_v1_",
-]
-[[rules]]
-id = "Discord API key"
-description = "Discord API key"
-regex = '''(?i)(discord[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-h0-9]{64})['\"]'''
-secretGroup = 3
-keywords = [
-    "discord",
-]
-[[rules]]
-id = "Discord client ID"
-description = "Discord client ID"
-regex = '''(?i)(discord[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9]{18})['\"]'''
-secretGroup = 3
-keywords = [
-    "discord",
-]
-[[rules]]
-id = "Discord client secret"
-description = "Discord client secret"
-regex = '''(?i)(discord[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9=_\-]{32})['\"]'''
-secretGroup = 3
-keywords = [
-    "discord",
-]
-[[rules]]
-id = "Doppler API token"
-description = "Doppler API token"
-regex = '''['\"](dp\.pt\.)(?i)[a-z0-9]{43}['\"]'''
-keywords = [
-    "doppler",
-]
-[[rules]]
-id = "Dropbox API secret/key"
-description = "Dropbox API secret/key"
-regex = '''(?i)(dropbox[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{15})['\"]'''
-keywords = [
-    "dropbox",
-]
-[[rules]]
-id = "Dropbox short lived API token"
-description = "Dropbox short lived API token"
-regex = '''(?i)(dropbox[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"](sl\.[a-z0-9\-=_]{135})['\"]'''
-keywords = [
-    "dropbox",
-]
-[[rules]]
-id = "Dropbox long lived API token"
-description = "Dropbox long lived API token"
-regex = '''(?i)(dropbox[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"][a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43}['\"]'''
-keywords = [
-    "dropbox",
-]
-[[rules]]
-id = "Duffel API token"
-description = "Duffel API token"
-regex = '''['\"]duffel_(test|live)_(?i)[a-z0-9_-]{43}['\"]'''
-keywords = [
-    "duffel",
-]
-[[rules]]
-id = "Dynatrace API token"
-description = "Dynatrace API token"
-regex = '''['\"]dt0c01\.(?i)[a-z0-9]{24}\.[a-z0-9]{64}['\"]'''
-keywords = [
-    "dt0c01",
-]
-[[rules]]
-id = "EasyPost API token"
-description = "EasyPost API token"
-regex = '''['\"]EZAK(?i)[a-z0-9]{54}['\"]'''
-keywords = [
-    "EZAK",
-]
-[[rules]]
-id = "EasyPost test API token"
-description = "EasyPost test API token"
-regex = '''['\"]EZTK(?i)[a-z0-9]{54}['\"]'''
-keywords = [
-    "EZTK",
-]
-[[rules]]
-id = "Fastly API token"
-description = "Fastly API token"
-regex = '''(?i)(fastly[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9\-=_]{32})['\"]'''
-secretGroup = 3
-keywords = [
-    "fastly",
-]
-[[rules]]
-id = "Finicity client secret"
-description = "Finicity client secret"
-regex = '''(?i)(finicity[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{20})['\"]'''
-secretGroup = 3
-keywords = [
-    "finicity",
-]
-[[rules]]
-id = "Finicity API token"
-description = "Finicity API token"
-regex = '''(?i)(finicity[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32})['\"]'''
-secretGroup = 3
-keywords = [
-    "finicity",
-]
-[[rules]]
-id = "Flutterwave public key"
-description = "Flutterwave public key"
-regex = '''FLWPUBK_TEST-(?i)[a-h0-9]{32}-X'''
-keywords = [
-    "FLWPUBK_TEST",
-]
-[[rules]]
-id = "Flutterwave secret key"
-description = "Flutterwave secret key"
-regex = '''FLWSECK_TEST-(?i)[a-h0-9]{32}-X'''
-keywords = [
-    "FLWSECK_TEST",
-]
-[[rules]]
-id = "Flutterwave encrypted key"
-description = "Flutterwave encrypted key"
-regex = '''FLWSECK_TEST[a-h0-9]{12}'''
-keywords = [
-    "FLWSECK_TEST",
-]
-[[rules]]
-id = "Frame.io API token"
-description = "Frame.io API token"
-regex = '''fio-u-(?i)[a-z0-9-_=]{64}'''
-keywords = [
-    "fio-u-",
-]
-[[rules]]
-id = "GoCardless API token"
-description = "GoCardless API token"
-regex = '''['\"]live_(?i)[a-z0-9-_=]{40}['\"]'''
-keywords = [
-    "gocardless",
-]
-[[rules]]
-id = "Grafana API token"
-description = "Grafana API token"
-regex = '''['\"]eyJrIjoi(?i)[a-z0-9-_=]{72,92}['\"]'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "grafana",
-]
-[[rules]]
-id = "Hashicorp Terraform user/org API token"
-description = "Hashicorp Terraform user/org API token"
-regex = '''['\"](?i)[a-z0-9]{14}\.atlasv1\.[a-z0-9-_=]{60,70}['\"]'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "atlasv1",
-    "hashicorp",
-    "terraform"
-]
-[[rules]]
-id = "Hashicorp Vault batch token"
-description = "Hashicorp Vault batch token"
-regex = '''b\.AAAAAQ[0-9a-zA-Z_-]{156}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "hashicorp",
-    "AAAAAQ",
-    "vault"
-]
-[[rules]]
-id = "Hubspot API token"
-description = "Hubspot API token"
-regex = '''(?i)(hubspot[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-h0-9]{8}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{12})['\"]'''
-secretGroup = 3
-keywords = [
-    "hubspot",
-]
-[[rules]]
-id = "Intercom API token"
-description = "Intercom API token"
-regex = '''(?i)(intercom[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9=_]{60})['\"]'''
-secretGroup = 3
-keywords = [
-    "intercom",
-]
-[[rules]]
-id = "Intercom client secret/ID"
-description = "Intercom client secret/ID"
-regex = '''(?i)(intercom[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-h0-9]{8}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{12})['\"]'''
-secretGroup = 3
-keywords = [
-    "intercom",
-]
-[[rules]]
-id = "Ionic API token"
-description = "Ionic API token"
-regex = '''\bion_(?i)[a-z0-9]{42}\b'''
-keywords = [
-    "ion_",
-]
-[[rules]]
-id = "Linear API token"
-description = "Linear API token"
-regex = '''lin_api_(?i)[a-z0-9]{40}'''
-keywords = [
-    "lin_api_",
-]
-[[rules]]
-id = "Linear client secret/ID"
-description = "Linear client secret/ID"
-regex = '''(?i)(linear[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32})['\"]'''
-secretGroup = 3
-keywords = [
-    "linear",
-]
-[[rules]]
-id = "Lob API Key"
-description = "Lob API Key"
-regex = '''(?i)(lob[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]((live|test)_[a-f0-9]{35})['\"]'''
-secretGroup = 3
-keywords = [
-    "lob",
-]
-[[rules]]
-id = "Lob Publishable API Key"
-description = "Lob Publishable API Key"
-regex = '''(?i)(lob[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]((test|live)_pub_[a-f0-9]{31})['\"]'''
-secretGroup = 3
-keywords = [
-    "lob",
-]
-[[rules]]
-id = "Mailchimp API key"
-description = "Mailchimp API key"
-regex = '''(?i)(mailchimp[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-f0-9]{32}-us20)['\"]'''
-secretGroup = 3
-tags = ["gitlab_blocking"]
-keywords = [
-    "mailchimp",
-]
-[[rules]]
-id = "Mailgun private API token"
-description = "Mailgun private API token"
-regex = '''(?i)(mailgun[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"](key-[a-f0-9]{32})['\"]'''
-secretGroup = 3
-tags = ["gitlab_blocking"]
-keywords = [
-    "mailgun",
-]
-[[rules]]
-id = "Mailgun public validation key"
-description = "Mailgun public validation key"
-regex = '''(?i)(mailgun[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"](pubkey-[a-f0-9]{32})['\"]'''
-secretGroup = 3
-keywords = [
-    "mailgun",
-]
-[[rules]]
-id = "Mailgun webhook signing key"
-description = "Mailgun webhook signing key"
-regex = '''(?i)(mailgun[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-h0-9]{32}-[a-h0-9]{8}-[a-h0-9]{8})['\"]'''
-secretGroup = 3
-tags = ["gitlab_blocking"]
-keywords = [
-    "mailgun",
-]
-[[rules]]
-id = "Mapbox API token"
-description = "Mapbox API token"
-regex = '''(?i)(pk\.[a-z0-9]{60}\.[a-z0-9]{22})'''
-keywords = [
-    "mapbox",
-]
-[[rules]]
-id = "messagebird-api-token"
-description = "MessageBird API token"
-regex = '''(?i)(messagebird[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{25})['\"]'''
-secretGroup = 3
-keywords = [
-    "messagebird",
-]
-[[rules]]
-id = "MessageBird API client ID"
-description = "MessageBird API client ID"
-regex = '''(?i)(messagebird[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-h0-9]{8}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{12})['\"]'''
-secretGroup = 3
-keywords = [
-    "messagebird",
-]
-[[rules]]
-id = "New Relic user API Key"
-description = "New Relic user API Key"
-regex = '''['\"](NRAK-[A-Z0-9]{27})['\"]'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "NRAK",
-]
-[[rules]]
-id = "New Relic user API ID"
-description = "New Relic user API ID"
-regex = '''(?i)(newrelic[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([A-Z0-9]{64})['\"]'''
-secretGroup = 3
-tags = ["gitlab_blocking"]
-keywords = [
-    "newrelic",
-]
-[[rules]]
-id = "New Relic ingest browser API token"
-description = "New Relic ingest browser API token"
-regex = '''['\"](NRJS-[a-f0-9]{19})['\"]'''
-keywords = [
-    "NRJS",
-]
-[[rules]]
-id = "npm access token"
-description = "npm access token"
-regex = '''['\"](npm_(?i)[a-z0-9]{36})['\"]'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "npm_",
-]
-[[rules]]
-id = "Planetscale password"
-description = "Planetscale password"
-regex = '''pscale_pw_(?i)[a-z0-9\-_\.]{43}'''
-keywords = [
-    "pscale_pw_",
-]
-[[rules]]
-id = "Planetscale API token"
-description = "Planetscale API token"
-regex = '''pscale_tkn_(?i)[a-z0-9\-_\.]{43}'''
-keywords = [
-    "pscale_tkn_",
-]
-[[rules]]
-id = "Postman API token"
-description = "Postman API token"
-regex = '''PMAK-(?i)[a-f0-9]{24}\-[a-f0-9]{34}'''
-keywords = [
-    "PMAK-",
-]
-[[rules]]
-id = "Pulumi API token"
-description = "Pulumi API token"
-regex = '''pul-[a-f0-9]{40}'''
-keywords = [
-    "pul-",
-]
-[[rules]]
-id = "Rubygem API token"
-description = "Rubygem API token"
-regex = '''rubygems_[a-f0-9]{48}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "rubygems_",
-]
-[[rules]]
-id = "Segment Public API token"
-description = "Segment Public API token"
-regex = '''sgp_[a-zA-Z0-9]{64}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "sgp_",
-]
-[[rules]]
-id = "Sendgrid API token"
-description = "Sendgrid API token"
-regex = '''SG\.(?i)[a-z0-9_\-\.]{66}'''
-tags = ["gitlab_blocking"]
-keywords = [
-    "sendgrid",
-]
-[[rules]]
-id = "Sendinblue API token"
-description = "Sendinblue API token"
-regex = '''xkeysib-[a-f0-9]{64}\-(?i)[a-z0-9]{16}'''
-keywords = [
-    "xkeysib-",
-]
-[[rules]]
-id = "Sendinblue SMTP token"
-description = "Sendinblue SMTP token"
-regex = '''xsmtpsib-[a-f0-9]{64}\-(?i)[a-z0-9]{16}'''
-keywords = [
-    "xsmtpsib-",
-]
-[[rules]]
-id = "Shippo API token"
-description = "Shippo API token"
-regex = '''shippo_(live|test)_[a-f0-9]{40}'''
-keywords = [
-    "shippo_",
-]
-[[rules]]
-id = "Linkedin Client secret"
-description = "Linkedin Client secret"
-regex = '''(?i)(linkedin[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z]{16})['\"]'''
-secretGroup = 3
-keywords = [
-    "linkedin",
-]
-[[rules]]
-id = "Linkedin Client ID"
-description = "Linkedin Client ID"
-regex = '''(?i)(linkedin[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{14})['\"]'''
-secretGroup = 3
-keywords = [
-    "linkedin",
-]
-[[rules]]
-id = "Twitch API token"
-description = "Twitch API token"
-regex = '''(?i)(twitch[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([a-z0-9]{30})['\"]'''
-secretGroup = 3
-keywords = [
-    "twitch",
-]
-[[rules]]
-id = "Typeform API token"
-description = "Typeform API token"
-regex = '''(?i)(typeform[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}(tfp_[a-z0-9\-_\.=]{59})'''
-secretGroup = 3
-keywords = [
-    "typeform",
-]
-[[rules]]
-id = "Yandex.Cloud IAM Cookie v1 - 1"
-description = "Yandex.Cloud IAM Cookie v1"
-regex = '''\bc1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2}['|\"|\n|\r|\s|\x60]'''
-keywords = [
-    "yandex",
-]
-[[rules]]
-id = "Yandex.Cloud IAM Cookie v1 - 2"
-description = "Yandex.Cloud IAM Token v1"
-regex = '''\bt1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2}['|\"|\n|\r|\s|\x60]'''
-keywords = [
-    "yandex",
-]
-[[rules]]
-id = "Yandex.Cloud IAM Cookie v1 - 3"
-description = "Yandex.Cloud IAM API key v1"
-regex = '''\bAQVN[A-Za-z0-9_\-]{35,38}['|\"|\n|\r|\s|\x60]'''
-keywords = [
-    "yandex",
-]
-[[rules]]
-id = "Yandex.Cloud AWS API compatible Access Secret"
-description = "Yandex.Cloud AWS API compatible Access Secret"
-regex = '''\bYC[a-zA-Z0-9_\-]{38}['|\"|\n|\r|\s|\x60]'''
-keywords = [
-    "yandex",
-]
-[[rules]]
-id = "Meta access token"
-description = "Meta access token"
-regex = '''\bEA[a-zA-Z0-9]{90,400}['|\"|\n|\r|\s|\x60]'''
-keywords = [
-    "EA",
-]
-[[rules]]
-id = "Oculus access token"
-description = "Oculus access token"
-regex = '''\bOC[a-zA-Z0-9]{90,400}['|\"|\n|\r|\s|\x60]'''
-keywords = [
-    "OC",
-]
-[[rules]]
-id = "Instagram access token"
-description = "Instagram access token"
-regex = '''\bIG[a-zA-Z0-9]{90,400}['|\"|\n|\r|\s|\x60]'''
-keywords = [
-    "IG",
-]
-[[rules]]
-id = "CircleCI access tokens"
-description = "CircleCI access tokens"
-regex = '''\bCCI(?:PAT|PRJ)_[a-zA-Z0-9]{22}_[a-f0-9]{40}'''
-keywords = [
-    "CircleCI"
-]
-[[rules]]
-description = "Open AI API key"
-id = "open ai token"
-regex = '''\bsk-[a-zA-Z0-9]{48}\b'''
-keywords = [
-    "sk-",
-]
-[[rules]]
-id = "Tailscale key"
-description = "Tailscale keys"
-regex = '''\btskey-\w+-\w+-\w+\b'''
-keywords = [
-    "tskey-",
-]