RubyGems - gitlab-secret_detection - Versions diffs - 0.20.8 → 0.21.0 - Mend

gitlab-secret_detection 0.20.8 → 0.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/gitlab/secret_detection/core/secret_push_protection_rules.toml +11 -48
data/lib/gitlab/secret_detection/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b6825b32d5bcbbf4e249fea71941553d80ee4fbd6353c98ec539c0450d26c880
-  data.tar.gz: 3882b690256d74491871592340b7a70e296170834d61687f4892ca2a581bbb54
+  metadata.gz: edc523ab4e978a6870d4ec9d8055390cfe54b96bf5d2db9c5165dc860b8068a3
+  data.tar.gz: 55c39c2c1862db5f17a183eb77bebd00bb7faebcb10bfc83ea5956d69f718031
 SHA512:
-  metadata.gz: 025a923fbf1887acbb95ad67f4ce99ab20ed65d689d02aedd73cc70d8d558b974c159673e53e4db724cc6efe21c536a811a2c5b1c86eb9d9bf53cf9fc4382318
-  data.tar.gz: a46e7e0194fa0e7336fe54c67f3c2da9294aaf3ae5e00a31fa9561d97191e63e806b2514853736cd8fc9a81eefc782a4c6e04837e063e716a0838b1e0d11c677
+  metadata.gz: afa785c41b6b0af5f7f462a80b7618874b8d6b408e0fd8921b06bf4a58ae9cf75bd2e23352fd67fc840475d047c9a760172de8278152a44c4daa99a33c584e9a
+  data.tar.gz: 71a2de7afb06997658c98cd14b2167b05c1a4ca191bb854aef7f309a5d40c0353de1feeba462f35012cd0fed47f3e2a41a95a527a8dfe5e172b03d28f2d532e3

data/lib/gitlab/secret_detection/core/secret_push_protection_rules.toml CHANGED Viewed

@@ -1,4 +1,4 @@
-# rule-set version: 0.6.1
+# rule-set version: 0.8.0
 # Rules are auto-generated. See https://gitlab.com/gitlab-org/security-products/secret-detection/secret-detection-rules for instructions on updating the rules.
 [[rules]]
 id = 'anthropic_key'
@@ -6,9 +6,8 @@ regex = '\b(sk-ant-[a-z]{3}\d{2}-[A-Za-z0-9\\-_]{86}-[A-Za-z0-9\\-_]{8})(?:[[:pu
 description = "An Anthropic API key was detected. Anthropic keys are used to access generative AI services. Malicious\nactors could use these keys to build up excessive charges to your account."
 title = 'Anthropic API key'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo remediate a leaked Anthropic key, you should delete it from the list of API keys for your organization.\n\n- Sign in to your [Anthropic account](https://console.anthropic.com/)\n- Go to \"API settings\" by selecting your profile icon and then selecting \"API Keys\" or through the Settings tab\n- Identify the leaked API key and select the meatball menu (three horizontal dots) next to the key you want to delete\n- Select \"Delete API Key\"\n  - Note: Deleting an API key is a permanent action and cannot be undone\n- Generate a new key by selecting \"Create Key\" and give it a descriptive name\n\nFor more information, please see Anthropic's website: <https://support.anthropic.com/en/articles/8384961-what-should-i-do-if-i-suspect-my-api-key-has-been-compromised>."
-tags = ['gitlab_blocking']
+tags = ['gitlab_blocking', 'client_side_sd']
 keywords = ['sk-ant-']
-examples = ['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', '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', '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', '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', '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']
 [[rules]]
 id = 'AWS'
@@ -18,7 +17,6 @@ title = 'AWS access token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo delete an access key:\n\n- In the \"Access keys\" section, find the key that was identified\n- Select \"Actions\"\n- Select \"Delete\"\n- Follow the instructions in the dialog to first deactivate and then confirm the deletion\n\nFor information on how to manage and revoke access keys for AWS please see their [documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_CreateAccessKey)."
 tags = ['aws', 'revocation_type', 'gitlab_blocking']
 keywords = ['AKIA']
-examples = ['AKIAT2KV5DSWWSVRCUGP', 'AKIAT2KV5DSW7OXGDEWS', 'AKIAT2KV5DSW64ABURJ2', 'AKIAT2KV5DSWUK3ZBIJE', 'AKIAT2KV5DSWU7SNOI66']
 [[rules]]
 id = 'GCP API key'
@@ -28,7 +26,6 @@ title = 'GCP API key'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke an API key:\n\n- Sign in to your GCP account and go to <https://console.cloud.google.com/apis/credentials>\n- Under the \"Actions\" column of the \"API Keys\" table, select the kebab menu (vertical ellipsis) for the identified key\n- Select \"Delete API Key\"\n- When prompted select \"Delete\" in the \"Delete credential\" dialog\n\nFor more information please see [https://cloud.google.com/docs/authentication/api-keys](https://cloud.google.com/docs/authentication/api-keys)"
 tags = ['gitlab_partner_token', 'revocation_type', 'gitlab_blocking']
 keywords = ['AIza']
-examples = ['AIzaSyD7ncvI609LcKJWm50OeQHzLbtTWeaQHrY', 'AIzaSyCtwNzXH9qnS6ejDeQidZ6GlxL6T1Rd2Ik', 'AIzaSyBM_CYHZXOE0AeQ1n2223x54zE0SJhPev8', 'AIzaSyB8otsACvltRM7GnlcDjvXe7tKce4XY9V0', 'AIzaSyCyQUmnK1WVKfVM6WZexUTnqqpdmAzF9lo']
 [[rules]]
 id = 'GCP OAuth client secret'
@@ -38,7 +35,6 @@ title = 'GCP OAuth client secret'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke the OAuth client secret:\n\n- Sign in to your GCP account and go to <https://console.cloud.google.com/apis/credentials>\n- Under the \"Name\" column of \"OAuth 2.0 Client IDs\" table, select the name of the client of the identified key\n- Under the \"Client secrets\" section, you must first add a new secret, select \"Add Secret\"\n- For the identified key, select \"Disable\"\n- When prompted, select \"Disable\" in the \"Disable this secret?\" dialog\n- You may now select the trash icon to delete the disabled key\n\nFor more information, please see [Googles authentication documentation on setting up OAuth 2.0](https://support.google.com/cloud/answer/6158849?hl=en)"
 tags = ['gitlab_partner_token', 'revocation_type', 'gitlab_blocking']
 keywords = ['GOCSPX-']
-examples = ['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', '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', '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', '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', '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']
 [[rules]]
 id = 'Google (GCP) Service-account'
@@ -48,7 +44,6 @@ title = 'Google (GCP) service account'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke the GCP Service account:\n\n- Sign in to your GCP account and go to <https://console.cloud.google.com/iam-admin/serviceaccounts>\n- Select the correct project from the list (if given a choice)\n- Find the key ID and the associated service account in the \"Service accounts\" table\n- Select the kebab menu (vertical ellipsis) for the identified key and select \"Manage keys\"\n- Select the trash icon next to the identified key\n\nFor more information, please see [Googles documentation on creating service account keys](https://cloud.google.com/iam/docs/keys-create-delete)."
 tags = ['gitlab_partner_token', 'revocation_type', 'gitlab_blocking']
 keywords = ['"private_key":', 'BEGIN PRIVATE KEY']
-examples = []
 [[rules]]
 id = 'Github Personal Access Token'
@@ -58,7 +53,6 @@ title = 'GitHub personal access token (classic)'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo regenerate a personal access token:\n\n- Sign in to your GitHub account and access <https://github.com/settings/tokens>\n- Find the token that was identified and select the name\n- Select \"Regenerate token\" at the top of the page\n\nAlternatively, you could select \"Delete this token\" at the bottom of the page and create a new one. Be sure to note\nthe scopes and permissions set before doing this action.\n\nFor more information, please see [GitHubs documentation on personal access tokens](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens)."
 tags = ['gitlab_blocking']
 keywords = ['ghp_']
-examples = ['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', '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', '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', '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', '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']
 [[rules]]
 id = 'Github OAuth Access Token'
@@ -68,7 +62,6 @@ title = 'GitHub OAuth Access Token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nFor more information, please see [GitHubs documentation to revoke an OAuth access tokens](https://docs.github.com/en/rest/apps/oauth-applications?apiVersion=2022-11-28#delete-an-app-token).\n\nAlso note, GitHub Apps are preferred over OAuth apps, please see [GitHubs documentation for more details](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps)."
 tags = ['gitlab_blocking']
 keywords = ['gho_']
-examples = ['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', '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', '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', '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', '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']
 [[rules]]
 id = 'Github App Token'
@@ -78,7 +71,6 @@ title = 'GitHub app token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet)."
 tags = ['gitlab_blocking']
 keywords = ['ghu_', 'ghs_']
-examples = ['ghu_y7dK1sBhuwXKEY0Xqb3RFk8uWdN1Cr3n9lS6', 'ghu_FM4I3LxPopaiufPx8Ipxio1FY4Ia9B1tkQdI', 'ghu_xKgLhPRmOv9hcxh68o5uu631ivc8FH2bWft0', 'ghu_TDTtpQXiEbsWeXFWLc7zrETqzhlsGo4S7P5S', 'ghu_CD7rA7x5nFP8wTJMzrADH4ypICN51V0USPUa']
 [[rules]]
 id = 'Github Refresh Token'
@@ -88,7 +80,6 @@ title = 'GitHub refresh token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet)."
 tags = ['gitlab_blocking']
 keywords = ['ghr_']
-examples = ['ghr_ITRO0crlZfa4uXNqK438UvsRNNppMsTMpaGS6hlPDaTtU7A9UbTxEfXVruMVOuJPKwCCE32tIa23', 'ghr_3PpqJ7QHRXa1tOnfsmCNXHXGdTy3HC2vPp64b2DI1z695r40XY8SibP40bkfY3VcDFvQuc1ef4qi', 'ghr_6iH3FuHopoiiIzV0W8F5eUy0lviwdxG2EbfondPNI17x5xSpF3lWe6IByzGGTHZ0h05yrQ0oMY8f', 'ghr_SmNefjeZC03MKAUppsyzZVHOG3716LAoEaZ2e4Ci7fGzkzrRJxaJNEUFxZVZLakB15duC805wMoc', 'ghr_pj36SvV8XiDV5uHwPPjQfCkD3cjapYwuPLc2DOcz3rmU3mpqjbhocv6By0iFSy3HPB42Cu1D6Dso']
 [[rules]]
 id = 'gitlab_personal_access_token'
@@ -96,9 +87,8 @@ regex = '\b(glpat-[0-9a-zA-Z_\-]{20})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)'
 description = "A GitLab personal access token was identified. Personal access tokens can be used to access GitLab services\nas the user who created them. In most cases these tokens are given read-write access to all repositories. A malicious\nactor with access to this token can execute functionality on behalf of the user with the given permissions of the token."
 title = 'GitLab personal access token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo regenerate a personal access token:\n\n- Sign in to your GitLab account and access: <https://gitlab.com/-/profile/preferences>\n- In the \"User settings\" left-hand side menu, select \"Access tokens\"\n- Find the access token that was identified in the \"Active personal access tokens\" table\n- Note the permissions that were assigned to this token\n- Select the trash icon in the \"Action\" column of the token\n- When prompted, select \"Revoke\""
-tags = ['gitlab', 'revocation_type', 'gitlab_blocking']
+tags = ['gitlab', 'revocation_type', 'gitlab_blocking', 'client_side_sd']
 keywords = ['glpat']
-examples = ['glpat-vzDNJu3Lvh4YCCekKsnx', 'glpat-PUhSbkjSK4S6ccPtS_nu', 'glpat-u8jzQK8cz9jNCjo775aG', 'glpat-gBbQ1iU-BDYCF-71JETg', 'glpat-WdCGu2_tGeZ6SqMbKuc6', 'glpat-zvP5wYSKsXLppzFuLydC']
 [[rules]]
 id = 'gitlab_personal_access_token_routable'
@@ -106,9 +96,8 @@ regex = '\bglpat-[0-9a-zA-Z_-]{27,300}\.[0-9a-z]{2}[0-9a-z]{7}\b'
 description = 'GitLab Personal Access Token (routable)'
 title = 'GitLab Personal Access Token (routable)'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet)."
-tags = ['gitlab', 'revocation_type', 'gitlab_blocking']
+tags = ['gitlab', 'revocation_type', 'gitlab_blocking', 'client_side_sd']
 keywords = ['glpat-']
-examples = ['glpat-bzox79Of-KE9FD2LjoXXF4CvyxA.0r03gxo7s', 'glpat-YzozdzVlMTEyNjRzZ3NmCmc6M3c1ZTExMjY0c2dzZgpoOjN3NWUxMTI2NHNnc2YKajozdzVlMTEyNjRzZ3NmCms6M3c1ZTExMjY0c2dzZgpsOjN3NWUxMTI2NHNnc2YKbTozdzVlMTEyNjRzZ3NmCm86M3c1ZTExMjY0c2dzZgpwOjN3NWUxMTI2NHNnc2YKdTozdzVlMTEyNjRzZ3NmPcvif4caKLQwleVqBR5hp3vDX9WAKZKrT318xMVLFzdtP-OZciT7mCO-NDPZnozuj2_LP-aLYwRfzxHkPrxDbBlB.8c1f6ihl5']
 [[rules]]
 id = 'gitlab_pipeline_trigger_token'
@@ -116,9 +105,8 @@ regex = '\b(glptt-[0-9a-zA-Z_\-]{40})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)'
 description = "A GitLab pipeline trigger token was identified. Pipeline trigger tokens can be used to execute pipelines for a branch\nor tag of a project. The token impersonates a user's project access and permissions. A malicious actor with access to\nthis token can execute pipelines with custom variables, potentially being able to compromise the repository."
 title = 'GitLab pipeline trigger token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke a pipeline trigger token:\n\n- Sign in to your GitLab account and visit the project that created the pipeline trigger token\n- In the left-hand menu, select \"Settings\"\n- Under the \"Settings\" options, select \"CI/CD\"\n- Under the \"Pipeline trigger tokens\" section find the identified token\n- Select the trash icon in the \"Actions\" column of the \"Active pipeline trigger tokens\" table\n- When prompted, select \"Revoke trigger\"\n\nFor more information, please see [GitLabs documentation on pipeline trigger tokens](https://docs.gitlab.com/ee/ci/triggers/index.html#create-a-pipeline-trigger-token)."
-tags = ['gitlab', 'gitlab_blocking']
+tags = ['gitlab', 'gitlab_blocking', 'client_side_sd']
 keywords = ['glptt']
-examples = ['glptt-3148005ee63d3decf8c0307ee4b491fbfdbcde2b', 'glptt-47cfe3286b8a496483e8de33ebf8ae99fc09cc02', 'glptt-36296c2ff270f79a5662b6f951bb6cab3b636488', 'glptt-f248878a8bd4a0b5cdf140e3ff47bd40b1fe26c0', 'glptt-d4b33b1347addf641cf23e2227c3c3a462c7d226']
 [[rules]]
 id = 'gitlab_runner_registration_token'
@@ -128,7 +116,6 @@ title = 'GitLab runner registration token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo rotate a runner registration token:\n\n- Sign in to your GitLab account and visit the project that created the runner registration token\n- In the left-hand menu, select \"Settings\"\n- Under the \"Settings\" options, select \"CI/CD\"\n- Under the \"Runners\" section, select the kebab menu (vertical ellipsis) next to the \"New project runner\"\n- Select \"Reset registration token\" from the dropdown list\n- When prompted select \"Reset token\" in the \"Reset registration token\" dialog\n\nFor more information, please see [GitLabs documentation on using runner authentication tokens instead](https://docs.gitlab.com/runner/register/#register-with-a-runner-authentication-token)."
 tags = ['gitlab', 'gitlab_blocking']
 keywords = ['GR1348941']
-examples = []
 [[rules]]
 id = 'gitlab_runner_auth_token'
@@ -136,9 +123,8 @@ regex = '\b(glrt-[0-9a-zA-Z_\-]{20})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)'
 description = "A GitLab runner authentication token was identified. These tokens allow users to register or authenticate as a runner\nwith the selected project. A malicious actor with access to this token can add a custom runner to the pipeline and\npossibly compromise the repository if the runner was used."
 title = 'GitLab runner authentication token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke a runner authentication token, the runner needs to be removed and re-created\n\n- Sign in to your GitLab account and visit the project that created the runner registration token\n- In the left-hand menu, select \"Settings\"\n- Under the \"Settings\" options, select \"CI/CD\"\n- Under the \"Runners\" section, find the runner with the identified token, (you can check the runner `config.toml` if you\n  are unsure)\n- Select \"Remove runner\"\n- When prompted, select \"Remove\"\n\nFor more information, please see [GitLabs documentation on registering runners](https://docs.gitlab.com/runner/register/)."
-tags = ['gitlab', 'gitlab_blocking']
+tags = ['gitlab', 'gitlab_blocking', 'client_side_sd']
 keywords = ['glrt']
-examples = []
 [[rules]]
 id = 'gitlab_oauth_app_secret'
@@ -146,9 +132,8 @@ regex = '\b(gloas-[0-9a-zA-Z_\-]{64})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)'
 description = "A GitLab OAuth application secret was identified. OAuth secrets are used when allowing users to sign in to your\napplication. Depending on the scopes assigned, a malicious actor could impersonate the service to access their\nrepositories or data."
 title = 'GitLab OAuth application secret'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo regenerate an OAuth secret:\n\n- Sign in to your GitLab account and access: <https://gitlab.com/-/profile/preferences>\n- In the \"User settings\" left-hand side menu, select \"Applications\"\n- Find the application that uses the identified token and select the name link in the \"Name\" column\n- Select \"Renew secret\" in the application details page\n- When prompted, select \"Renew secret\"\n\nFor more information, please see [GitLabs documentation on configuring an OAuth 2.0 provider](https://docs.gitlab.com/ee/integration/oauth_provider.html)"
-tags = ['gitlab', 'gitlab_blocking']
+tags = ['gitlab', 'gitlab_blocking', 'client_side_sd']
 keywords = ['gloas']
-examples = []
 [[rules]]
 id = 'gitlab_feed_token_v2'
@@ -156,9 +141,8 @@ regex = '\b(glft-[0-9a-zA-Z_\-]{20})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)'
 description = "A GitLab feed token was identified. Your feed token authenticates you when your RSS reader loads a personalized RSS feed\nor when your calendar application loads a personalized calendar. It is visible in those feed URLs. It cannot be used to\naccess any other data. A malicious actor with access to this token can read your personalized RSS feed and issue RSS\nfeeds to your calendar feed as if they were you."
 title = 'GitLab feed token v2'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo regenerate a feed token:\n\n- Sign in to your GitLab account and access: <https://gitlab.com/-/profile/preferences>\n- In the \"User settings\" left-hand side menu, select \"Access tokens\"\n- Under the \"Feed token\" section, select the \"reset this token\" link\n- When prompted select \"OK\"\n\nFor more information, please see [GitLabs documentation on feed tokens](https://docs.gitlab.com/ee/security/tokens/#feed-token)."
-tags = ['gitlab', 'gitlab_blocking']
+tags = ['gitlab', 'gitlab_blocking', 'client_side_sd']
 keywords = ['glft']
-examples = ['glft-_-jaYhe-BDGxJL5cftsT', 'glft-Kbu1dHAFZkkSxHXHQrj9', 'glft-RrZsD6dU_GB15_6gsTUA', 'glft-k2fG9yscyVYjqPPSAEc8', 'glft-jNGswsjgUxxoweyBLCxL']
 [[rules]]
 id = 'gitlab_kubernetes_agent_token'
@@ -166,9 +150,8 @@ regex = '\b(glagent-[0-9a-zA-Z_\-]{50})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)
 description = "A GitLab Agent for Kubernetes token was identified. The Kubernetes access token is used to authenticate the GitLab agent\nwith a Kubernetes cluster. A malicious actor with access to this token can access source code in the agent's\nconfiguration project, access source code in any public project on the GitLab instance, or even, under very specific\nconditions, obtain a Kubernetes manifest."
 title = 'GitLab Kubernetes agent token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nFor more information please see [GitLabs documentation on rotating the Kubernetes agent token](https://docs.gitlab.com/ee/user/clusters/agent/work_with_agent.html#reset-the-agent-token)."
-tags = ['gitlab', 'gitlab_blocking']
+tags = ['gitlab', 'gitlab_blocking', 'client_side_sd']
 keywords = ['glagent']
-examples = []
 [[rules]]
 id = 'gitlab_incoming_email_token'
@@ -176,9 +159,8 @@ regex = '\b(glimt-[0-9a-zA-Z_\-]{25})(?:[[:punct:]]|[[:space:]]|[[:blank:]]|$)'
 description = "A GitLab incoming email token was identified. Your incoming email token authenticates you when you create a new issue\nby email, and is included in your personal project-specific email addresses. It cannot be used to access any other data.\nA malicious actor with access to this token can create issues as if they were you."
 title = 'GitLab incoming email token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo regenerate a feed token:\n\n- Sign in to your GitLab account and access: <https://gitlab.com/-/profile/preferences>\n- In the \"User settings\" left-hand side menu, select \"Access tokens\"\n- Under the \"Incoming email token\" section, select the \"reset this token\" link\n- When prompted select \"OK\"\n\nFor more information, please see [GitLabs documentation on feed tokens](https://docs.gitlab.com/ee/security/tokens/#feed-token)."
-tags = ['gitlab', 'gitlab_blocking']
+tags = ['gitlab', 'gitlab_blocking', 'client_side_sd']
 keywords = ['glimt']
-examples = ['glimt-ayq56xygb566edb4tfmujvm7j', 'glimt-9geeuorhl93039xz1qkvcx2dr', 'glimt-8r4ce2t4i84cujpk7tql8a74g', 'glimt-egyyns3scx2zr71n9d4619c7c', 'glimt-ahsxcdernt30bkka3de3xagik']
 [[rules]]
 id = 'Grafana API token'
@@ -188,7 +170,6 @@ title = 'Grafana API token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet)."
 tags = ['gitlab_blocking']
 keywords = ['eyJrIjoi']
-examples = ['glsa_BHu6ehiG4fZMUqrT0GfDLlrGdfOfjqJd_129dc16e', 'glsa_zPJHWa4D2XqzyQe0MFCIdKIGaEva4cI5_babe87d0', 'glsa_m7Xe5Oap7AoNghVDS37mQvhrlNqyVT2t_e092d808', 'glsa_ADe8xD1o0nqKtDmdaNGluiy5dNhJUpE8_bd8bfed6', 'glsa_xsvHn93uOUHcOL03xcFOTNxbcGogZSZ8_5deb528f', 'glc_eyJvIjoiMTI1OTk5OCIsIm4iOiJwZGMtc2VjcmV0cy1kZWZhdWx0LWZvbyIsImsiOiJPOFBtcjgzRE02MkJzQTg0OTQwTlpYWUciLCJtIjp7InIiOiJwcm9kLXVzLWVhc3QtMCJ9fQ==', 'glc_eyJvIjoiMTI1OTk5OCIsIm4iOiJwZGMtc2VjcmV0cy1kZWZhdWx0LWZvbzIiLCJrIjoiM3NVYjd4MjZnYnM5bzJNcTR3RDM2cDlJIiwibSI6eyJyIjoicHJvZC11cy1lYXN0LTAifX0=', 'glc_eyJvIjoiMTI1OTk5OCIsIm4iOiJwZGMtc2VjcmV0cy1kZWZhdWx0LWYiLCJrIjoiNzFIakp2NnoxNmo5STNSZ1lCbzZaTzg5IiwibSI6eyJyIjoicHJvZC11cy1lYXN0LTAifX0=', 'glc_eyJvIjoiMTI1OTk5OCIsIm4iOiJwZGMtc2VjcmV0cy1kZWZhdWx0LTEiLCJrIjoid2Q4OVhQOHhDNm5ZczI5MjBYOG1NeDZhIiwibSI6eyJyIjoicHJvZC11cy1lYXN0LTAifX0=', 'glc_eyJvIjoiMTI1OTk5OCIsIm4iOiJwZGMtc2VjcmV0cy1kZWZhdWx0LTMiLCJrIjoiNTQwMVlvWVB3TGRhNzExOEk0aHoyeHNKIiwibSI6eyJyIjoicHJvZC11cy1lYXN0LTAifX0=']
 [[rules]]
 id = 'Hashicorp Terraform user/org API token'
@@ -198,7 +179,6 @@ title = 'HashiCorp Terraform API token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke an API token:\n\n- Sign in to the Terraform HCP console and access <https://app.terraform.io/app/settings/tokens>\n- Find the token that was identified\n- Select the trash icon on the right hand side of the token\n- When prompted, select \"Confirm\" in the \"Deleting token ...\" dialog\n\nFor more information, please see [Terraform's documentation on API tokens](https://app.terraform.io/app/settings/tokens)."
 tags = ['gitlab_blocking']
 keywords = ['.atlasv1.']
-examples = ['BizztZSVkU3rqw.atlasv1.hFSzMR14YYmIE8nZ2v4Kocqcr3epoR45XYM9JWShqMCFCkiqqDSN4j2DdGFvLwyqCbg', 'b78m834YOAEGew.atlasv1.IllPgz65bZAzWhF3hws2vGdFaQbyGo3thWawyESHYEWYJLcuoEhyHfTU4BzNfn10JB8', 'Ye7wiL8D6GaHNw.atlasv1.NBTyurc9MNA7bogNoQQ3rM2ni7gLzSmSAGB56Rj7kBxTEOIMmdg76nJKtzL2u01P33U', '77K50cHYnMqzVw.atlasv1.Nr9NqT7567yBTjBsByxzrICUdFzyCFyIYzLXWcGBOwYyy5IGjbxoqmH24j5Eb1IZCAU', '5zdzwLEyAzFhSA.atlasv1.4KETQ2Nd15EUEFO9wagBxzREco6U4Kgqs9AXNFozoRdPIqKUDgiH7t5WdZyyzuyzJJ8', 'D0HrDKkRFRuwiQ.atlasv1.ys8WrENRB1avyTdaYrtStzfGVbPIB5yKJg5UtosC829DQ6a0xno3nXNVzK9z7rIlAYY', 'jcFTJPFZmXd4Sw.atlasv1.vAwLxCQ6pk3zqxT5z0jCasXdgynt3YyQZIycCIv8b2QEf6zKczA9rgpVYBym82b2X2Y', 'X0mfzdxgqgLAXw.atlasv1.NpQWlBmSpgFnP8dX5LiNmsCussVvFKxNgyUy1eVVQa7np0P8bEQx4qKzIHWMREzuKtg', 'Qkc1U9jGuTgDug.atlasv1.qG48mzxAsXp8Buul5ZcFF2WNS3dQ02LeLccOZNtKs03sFep8gNDuEhTTuD8DSNeJlRY']
 [[rules]]
 id = 'Hashicorp Vault batch token'
@@ -208,7 +188,6 @@ title = 'HashiCorp Vault batch token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nBatch tokens cannot be revoked so you should use very short \"time to live\" values when creating batch tokens.\n\nFor more information, please see [Vault's documentation on batch tokens](https://developer.hashicorp.com/vault/tutorials/tokens/batch-tokens)."
 tags = ['gitlab_blocking']
 keywords = ['b.AAAAAQ']
-examples = []
 [[rules]]
 id = 'Mailchimp API key'
@@ -218,7 +197,6 @@ title = 'Mailchimp API key'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke an API key:\n\n- Sign in to your Mailchimp account at <https://login.mailchimp.com/>\n- Select your profile icon then select Profile\n- Select the Extras dropdown list then choose \"API keys\"\n- Find the identified key and select \"Revoke\"\n- When prompted, type \"REVOKE\" to confirm and select \"Revoke\" in the \"Revoke API Key\" dialog\n\nFor more information, please see [Mailchimp's documentation on API key security](https://mailchimp.com/help/about-api-keys/#api+key+security)."
 tags = ['gitlab_blocking']
 keywords = ['mailchimp']
-examples = ['309fe248df0ecc5cee6767160cede8c7-us8', '9a06f5c22e96e09309dbd2891da2b342-us8', 'e8add115c8e1c93ebc6b123e589c239d-us8', '1db33fdeae034cedace1a9f60993bc38-us8', 'f24ac423f0ea9cc7f2e11ebdc95d579f-us8']
 [[rules]]
 id = 'Mailgun private API token'
@@ -228,7 +206,6 @@ title = 'Mailgun private API token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo rotate a private API token:\n\n- Sign in to your Mailgun account and access the dashboard at <https://app.mailgun.com/>\n- On the top right-hand side, select your account profile and then select \"API Security\"\n- Find the identified key and select the trash icon\n  - If you cannot select the trash icon, you must first generate a new key by selecting \"Add new key\"\n- When prompted, select \"Delete\" in the \"Delete API Key\" dialog\n\nFor more information, please see [Mailgun's documentation on API keys](https://documentation.mailgun.com/docs/mailgun/user-manual/get-started/#primary-account-api-key)."
 tags = ['gitlab_blocking']
 keywords = ['mailgun']
-examples = ['bae699190ebfc8aefa84f3bb699cdc0c-72e4a3d5-3cb9d956', 'f64e1d7ec2b9d3571096f0a2fa980104-72e4a3d5-7fdee90c', '254b8c8823761388d8af5ec2498bbfbb-72e4a3d5-69f67519', '9eed30445bb4526c68d90cf2c7fbcaf8-72e4a3d5-32dc5817', '5d2b7ad6d9af5b04c97133121ef527e1-72e4a3d5-ea5a0c8f']
 [[rules]]
 id = 'Mailgun webhook signing key'
@@ -238,7 +215,6 @@ title = 'Mailgun webhook signing key'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo rotate your HTTP webhook signing key:\n\n- Sign in to your Mailgun account and access the dashboard at <https://app.mailgun.com/>\n- On the top right-hand side, select your account profile and select \"API Security\"\n- In the \"HTTP webhook signing key\" section, select the rotate arrow icon in the right hand side\n- When prompted, select \"Reset Key\" in the \"Reset HTTP webhook signing key\" dialog\n\nFor more information, please see [Mailgun's documentation on webhooks](https://documentation.mailgun.com/docs/mailgun/user-manual/tracking-messages/#securing-webhooks)."
 tags = ['gitlab_blocking']
 keywords = ['mailgun']
-examples = ['bb9b2f6d3f66695305c2f702b8ed1f10', '10884bc5a2a5abb00a9082336ab87dd6', 'f5b37201455bbb7770869f1f66bd0d00', 'e9710ebe95c09a17e0f63bbdd0a1406c', 'aeaeace2708a8da745b25158df79720c']
 [[rules]]
 id = 'New Relic user API Key'
@@ -248,17 +224,15 @@ title = 'New Relic user API key'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nFor more information, please see [New Relic's documentation on rotating API keys](https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#rotate-keys)."
 tags = ['gitlab_blocking']
 keywords = ['NRAK']
-examples = ['NRAK-YG8Z45MCUC8JLOZSBAZDAD7E3PV', 'NRAK-1CE8GEWKR62LKB8Q9E23PB5LG4Z', 'NRAK-9KV2EB65ATZAGAVFQ11CTUXBTHA', 'NRAK-U3QT1WH79AX2RB0DT7BI73MN3KE', 'NRAK-7JOW06Q0HVF8LLIMBQD2XL0MDQS']
 [[rules]]
 id = 'New Relic user API ID'
 regex = "(?i)newrelic[a-z0-9_ .\\-,]{0,25}(?:=|>|:=|\\|\\|:|<=|=>|:).{0,5}['\\\"]([A-Z0-9]{64})['\\\"]"
 description = 'New Relic user API ID'
-title = 'New Relic New Relic user API ID'
+title = 'New Relic user API ID'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nFor more information, please see [New Relic's documentation on rotating API keys](https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#rotate-keys)."
 tags = ['gitlab_blocking']
 keywords = ['newrelic']
-examples = []
 [[rules]]
 id = 'npm access token'
@@ -268,7 +242,6 @@ title = 'npm access token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke an access token from the UI:\n\n- Sign in to your npm account at <https://www.npmjs.com/login>\n- In the top right corner, select your profile picture and then select \"Access Tokens\"\n- Find the token that was identified and select \"x\" in the \"Delete\" column\n- When prompted, select \"OK\" in the dialog\n\nFor more information, please see [npm's documentation on revoking access tokens](https://docs.npmjs.com/revoking-access-tokens)."
 tags = ['gitlab_blocking']
 keywords = ['npm_']
-examples = ['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', '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', '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', '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', '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']
 [[rules]]
 id = 'PyPI upload token'
@@ -278,7 +251,6 @@ title = 'PyPi upload token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nIt is strongly recommended to switch to OIDC Connect instead of using PyPi upload tokens.\nPlease see [PyPi's documentation on trusted publishers](https://docs.pypi.org/trusted-publishers/).\n\nTo delete a PyPi upload token:\n\n- Sign in to your PyPi account and visit <https://pypi.org/manage/account/>\n- Scroll down to the \"API tokens\" section\n- Find the identified token and select the \"Options\" dropdown list\n- Select \"Remove token\"\n- When prompted, enter your password and select \"Remove API Token\"\n\nFor more information, please see [PyPi's documentation on upload tokens](https://pypi.org/help/#apitoken)."
 tags = ['pypi', 'revocation_type', 'gitlab_blocking']
 keywords = ['pypi-AgEIcHlwaS5vcmc']
-examples = ['pypi-AgEIcHlwaS5vcmcCJDhmYTNhZDI3LTVlMDgtNDM3Mi1hMTRhLTU0OWQzNmU1OWI1YwACKlszLCIwODAxOGIxNy03Y2ZlLTQwMDktOTRhZC1iNzM2M2FlMDc0M2EiXQAABiAzqOE4WXxBGDNleANVrOBbWKIgVgpyRNc1U9rXe7wm7A', 'pypi-AgEIcHlwaS5vcmcCJGIyODA0MjkwLTIwNWUtNDU0My1hNjJhLWNkZjk0ZDZjYjM2ZQACKlszLCIwODAxOGIxNy03Y2ZlLTQwMDktOTRhZC1iNzM2M2FlMDc0M2EiXQAABiC_icNR31mWnlcp61UqaDUStiNq1Z8P5eFj5hLtdPqQfQ', 'pypi-AgEIcHlwaS5vcmcCJDE3NzJlM2Q2LWI2NTItNDc1MS1iNWE0LWRjODYxODAyYjExNwACKlszLCIwODAxOGIxNy03Y2ZlLTQwMDktOTRhZC1iNzM2M2FlMDc0M2EiXQAABiCmA5HUpuGEc5DTRqIo2hxe7l5Z9tkXZcBqY-rSJ36NpA', 'pypi-AgEIcHlwaS5vcmcCJDU3MzNjNTU3LTBmODEtNGM3MS1hZmIxLTQ0YWRmYTIwYTljYwACKlszLCIwODAxOGIxNy03Y2ZlLTQwMDktOTRhZC1iNzM2M2FlMDc0M2EiXQAABiBCWxQhPVpUrRsnTZGscqQaSfFn-qoTzQ-1irZ7dXUuRg', 'pypi-AgEIcHlwaS5vcmcCJGFmY2Q1NWZiLTUxNTktNDc0Ny1hNTRhLWQxZjE4ZDk0NDdlYgACKlszLCIwODAxOGIxNy03Y2ZlLTQwMDktOTRhZC1iNzM2M2FlMDc0M2EiXQAABiCnUB78AmNi3pxdqqX-k4iuPAxo-u82eOOGFVvSQYpYKQ']
 [[rules]]
 id = 'Rubygem API token'
@@ -288,7 +260,6 @@ title = 'RubyGems API token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke the API token:\n\n- Sign in to your RubyGems account and access <https://rubygems.org/settings/edit>\n- Scroll down to and select \"API Keys\" or go to <https://rubygems.org/profile/api_keys>\n- Find the identified token and select \"Delete\"\n- When prompted, select \"OK\" in the dialog.\n\nFor more information, please see the [RubyGems documentation on API tokens](https://guides.rubygems.org/api-key-scopes/)."
 tags = ['gitlab_blocking']
 keywords = ['rubygems_']
-examples = ['rubygems_7cb1efb21659eb13f80743b3ad583f1fa016ec90b11a26e1', 'rubygems_4e8e148f86acbb6c437d710f2aeb9e9edbb45fc690019aa0', 'rubygems_f73f741a14437ca06bc535c2bc645342b450ba11e3c66093', 'rubygems_d999bf141a090b45ae493b48164b72ba67e99b22d0c09425', 'rubygems_2b29c365e09f660785ca8e0c50318c4c9e6a2cf03b1b46d4']
 [[rules]]
 id = 'Segment Public API token'
@@ -298,7 +269,6 @@ title = 'Segment public API token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo rotate a Public API token:\n\n- Sign in to your Segment account and access your workspace from <https://app.segment.com/>\n- From the left-hand menu, select \"Settings\" and go to \"Workspace settings\"\n- Select the \"Access Management\" tab in the \"Workspace settings\" page\n- Select the \"Tokens\" tab under \"Access Management\"\n- Find the key that was identified, and select it\n- In the right hand side, select \"Edit token\" in the \"Token Permissions\" section\n- Select \"Remove token\" in the top right corner\n- When prompted, select \"Remove Token\" in the dialog\n\nFor more information, please see [Segment's documentation on their public API](https://segment.com/docs/api/public-api/)."
 tags = ['gitlab_blocking']
 keywords = ['sgp_']
-examples = ['sgp_jb7lIOyJPlwE0E9hRP6XvpaT1kigZlNJeArhTnkbenQWqfQjfCnWmSvcnNKp8sg7', 'sgp_BYBhebjZZDGPPBxOMHxInS7SO7vKenng94UOMOGXpxqmwSLQhwnbd2L4zZCjiuYW', 'sgp_xytsOCZ9KhxtFlI5wwYigJtwTqLrxT8aPUHCE3YJqj1OZnrPjqBR3jIAdAkayLwE', 'sgp_7t1w0iF9YMCSPNyORHR7DxqY6Y3jJczqo03vMsxOGg2HcXRyuHEcCPB4xCQgtk7A', 'sgp_vtEF4OslsPGWct9uXvCEkmtgi7BRbPg81AWTD4d6ffEZEx2F7pthsw1dx9qJEYWP']
 [[rules]]
 id = 'Sendgrid API token'
@@ -308,7 +278,6 @@ title = 'SendGrid API token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet)."
 tags = ['gitlab_blocking']
 keywords = ['SG.']
-examples = ['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', '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', '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', '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', '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']
 [[rules]]
 id = 'Shopify shared secret'
@@ -318,7 +287,6 @@ title = 'Shopify shared secret'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet)."
 tags = ['gitlab_blocking']
 keywords = ['shpss_']
-examples = []
 [[rules]]
 id = 'Shopify access token'
@@ -328,7 +296,6 @@ title = 'Shopify personal access token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nAccess tokens cannot be revoked, you must uninstall and reinstall the application.\n\nPlease see [Shopify's documentation for more details](https://shopify.dev/docs/apps/build/authentication-authorization/access-tokens/generate-app-access-tokens-admin#rotating-api-credentials-for-admin-created-apps)."
 tags = ['gitlab_blocking']
 keywords = ['shpat_']
-examples = ['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', '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', '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', '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', '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']
 [[rules]]
 id = 'Shopify custom app access token'
@@ -338,7 +305,6 @@ title = 'Shopify custom app access token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet)."
 tags = ['gitlab_blocking']
 keywords = ['shpca_']
-examples = []
 [[rules]]
 id = 'Shopify private app access token'
@@ -348,7 +314,6 @@ title = 'Shopify private app access token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet)."
 tags = ['gitlab_blocking']
 keywords = ['shppa_']
-examples = []
 [[rules]]
 id = 'Slack token'
@@ -358,7 +323,6 @@ title = 'Slack bot user OAuth token'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nTo revoke a Slack bot user OAuth token (Note: This requires all users to re-authorize your application):\n\n- Sign in to Slack and access <https://api.slack.com/apps>\n- Find the application with the identified token and select the name\n- In the left-hand menu, select \"OAuth & Permissions\"\n- Scroll down to \"Revoke All OAuth Tokens\" and select \"Revoke tokens\"\n- When prompted, select \"Yes, I'm sure\" in the \"Are you sure?\" dialog\n- After some time, scroll back up to the \"OAuth Tokens\" section and select \"Reinstall to XXX\", where XXX is your\n  workspace name\n\nFor more information, please see [Slack's documentation on OAuth](https://api.slack.com/authentication/oauth-v2)"
 tags = ['gitlab_blocking']
 keywords = ['xoxb', 'xoxa', 'xoxp', 'xoxr', 'xoxs']
-examples = ['xoxb-7967898138371-7967934633779-exwFiPuoIDixBZFjvyHTPGka', 'xoxb-7967898138371-7967934633779-bihkcIaslf2w5ZaJg6Dny1ke', 'xoxb-7967898138371-7967934633779-50c2xbrQg8vbzDVtS4hyViRt', 'xoxb-7967898138371-7967934633779-xS74FK9ie42Hv3lvVqDA6fdd', 'xoxb-7967898138371-7990872428240-B3ylbmfAcjxqrIeblHcM8ijH']
 [[rules]]
 id = 'Stripe'
@@ -368,4 +332,3 @@ title = 'Stripe key'
 remediation = "For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on\n[Credential exposure to the internet](https://docs.gitlab.com/ee/security/responding_to_security_incidents.html#credential-exposure-to-public-internet).\n\nFor more information, please see [Stripe's documentation on API keys](https://docs.stripe.com/keys)."
 tags = ['gitlab_blocking']
 keywords = ['sk_test', 'pk_test', 'sk_live', 'pk_live']
-examples = ['pk_live_51QGHnCH7jd4CxLOX5EgcLOzh7PvDrgn3okp8oY2HFWfS5qbCaNI7N3Th004JgJUDgMcnu2d25Aq85503U8r0UaJ100Dpah7Z3f', 'pk_live_51QGHnCH7jd4CxLOXsN1YAZLL6dS3JJfxzy3G5c5kn1j1EhXrjFe1VTwnQZY1gzxKtMvpSIkBV8vmVBtwhWBkbbue0042ZK1LEG', 'pk_live_51QGHnCH7jd4CxLOX4Sg6FZvYoyEFf6Qo0OWABij5eDusHesHJ5R3MdHbqXjyTe9QSyn9vPVZtwSMuaGklkVNhBqK00RA5uErYg', 'pk_live_51QGHnCH7jd4CxLOXBEoPeRyUgtaZaMboLkC0CC6sljqtqGESA3ow6pYFWWtwglB2mbLtc8xUpy321FkQHnQoTrox00Lz2Y0lch', 'pk_live_51QGHnCH7jd4CxLOXZGjJpO9C0FzDoREDdvCv6NsiOGzMIs4R2U0WnXMXltv4V01H13H5THZTVS4nivzPLAMdUXKC008VRUINkL', 'pk_test_51QGIryH5iQO6W72FRj5h33OWLZ3CDDANIOqUGYVrxINOVsTvJkvTkEQMd0idXB9qPD0ADD6sfy3cR03fK4D7npEf008ZtepyDY']

data/lib/gitlab/secret_detection/version.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module Gitlab
     class Gem
       # Ensure to maintain the same version in CHANGELOG file.
       # More details available under 'Release Process' section in the README.md file.
-      VERSION = "0.20.8"
+      VERSION = "0.21.0"
       # SD_ENV env var is used to determine which environment the
       # server is running. This var is defined in `.runway/env-<env>.yml` files.

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-secret_detection
 version: !ruby/object:Gem::Version
-  version: 0.20.8
+  version: 0.21.0
 platform: ruby
 authors:
 - group::secret detection
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-14 00:00:00.000000000 Z
+date: 2025-03-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc