@octocodeai/octocode-engine 16.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +558 -0
- package/dist/lsp/client.d.ts +28 -0
- package/dist/lsp/client.js +98 -0
- package/dist/lsp/config.d.ts +3 -0
- package/dist/lsp/config.js +7 -0
- package/dist/lsp/evidence.d.ts +4 -0
- package/dist/lsp/evidence.js +28 -0
- package/dist/lsp/index.d.ts +7 -0
- package/dist/lsp/index.js +6 -0
- package/dist/lsp/initConstants.d.ts +4 -0
- package/dist/lsp/initConstants.js +27 -0
- package/dist/lsp/lspClientPool.d.ts +27 -0
- package/dist/lsp/lspClientPool.js +87 -0
- package/dist/lsp/lspErrorCodes.d.ts +12 -0
- package/dist/lsp/lspErrorCodes.js +12 -0
- package/dist/lsp/manager.d.ts +23 -0
- package/dist/lsp/manager.js +94 -0
- package/dist/lsp/native.d.ts +35 -0
- package/dist/lsp/native.js +3 -0
- package/dist/lsp/resolver.d.ts +26 -0
- package/dist/lsp/resolver.js +73 -0
- package/dist/lsp/schemas.d.ts +9 -0
- package/dist/lsp/schemas.js +30 -0
- package/dist/lsp/types.d.ts +85 -0
- package/dist/lsp/types.js +1 -0
- package/dist/lsp/uri.d.ts +15 -0
- package/dist/lsp/uri.js +24 -0
- package/dist/lsp/validation.d.ts +6 -0
- package/dist/lsp/validation.js +23 -0
- package/dist/lsp/workspaceRoot.d.ts +2 -0
- package/dist/lsp/workspaceRoot.js +7 -0
- package/dist/security/commandUtils.d.ts +1 -0
- package/dist/security/commandUtils.js +7 -0
- package/dist/security/commandValidator.d.ts +7 -0
- package/dist/security/commandValidator.js +472 -0
- package/dist/security/contentSanitizer.d.ts +2 -0
- package/dist/security/contentSanitizer.js +181 -0
- package/dist/security/filePatterns.d.ts +1 -0
- package/dist/security/filePatterns.js +209 -0
- package/dist/security/ignoredPathFilter.d.ts +3 -0
- package/dist/security/ignoredPathFilter.js +72 -0
- package/dist/security/index.d.ts +16 -0
- package/dist/security/index.js +13 -0
- package/dist/security/mask.d.ts +1 -0
- package/dist/security/mask.js +49 -0
- package/dist/security/maskUtils.d.ts +1 -0
- package/dist/security/maskUtils.js +7 -0
- package/dist/security/native.d.ts +9 -0
- package/dist/security/native.js +161 -0
- package/dist/security/paramExtractors.d.ts +7 -0
- package/dist/security/paramExtractors.js +75 -0
- package/dist/security/pathPatterns.d.ts +1 -0
- package/dist/security/pathPatterns.js +26 -0
- package/dist/security/pathUtils.d.ts +1 -0
- package/dist/security/pathUtils.js +37 -0
- package/dist/security/pathValidator.d.ts +22 -0
- package/dist/security/pathValidator.js +229 -0
- package/dist/security/regexes/ai-providers.d.ts +2 -0
- package/dist/security/regexes/ai-providers.js +177 -0
- package/dist/security/regexes/analytics.d.ts +2 -0
- package/dist/security/regexes/analytics.js +50 -0
- package/dist/security/regexes/auth-crypto.d.ts +6 -0
- package/dist/security/regexes/auth-crypto.js +255 -0
- package/dist/security/regexes/aws.d.ts +2 -0
- package/dist/security/regexes/aws.js +68 -0
- package/dist/security/regexes/cloudProviders.d.ts +2 -0
- package/dist/security/regexes/cloudProviders.js +328 -0
- package/dist/security/regexes/communications.d.ts +4 -0
- package/dist/security/regexes/communications.js +260 -0
- package/dist/security/regexes/databases.d.ts +2 -0
- package/dist/security/regexes/databases.js +135 -0
- package/dist/security/regexes/devTools.d.ts +2 -0
- package/dist/security/regexes/devTools.js +236 -0
- package/dist/security/regexes/index.d.ts +3 -0
- package/dist/security/regexes/index.js +31 -0
- package/dist/security/regexes/monitoring.d.ts +2 -0
- package/dist/security/regexes/monitoring.js +92 -0
- package/dist/security/regexes/payments-commerce.d.ts +3 -0
- package/dist/security/regexes/payments-commerce.js +197 -0
- package/dist/security/regexes/types.d.ts +2 -0
- package/dist/security/regexes/types.js +1 -0
- package/dist/security/regexes/vcs.d.ts +2 -0
- package/dist/security/regexes/vcs.js +105 -0
- package/dist/security/registry.d.ts +48 -0
- package/dist/security/registry.js +156 -0
- package/dist/security/securityConstants.d.ts +3 -0
- package/dist/security/securityConstants.js +12 -0
- package/dist/security/types.d.ts +35 -0
- package/dist/security/types.js +1 -0
- package/dist/security/withSecurityValidation.d.ts +21 -0
- package/dist/security/withSecurityValidation.js +107 -0
- package/index.cjs +97 -0
- package/index.d.ts +934 -0
- package/index.js +652 -0
- package/package.json +311 -0
|
@@ -0,0 +1,328 @@
|
|
|
1
|
+
export const cloudProviderPatterns = [
|
|
2
|
+
{
|
|
3
|
+
name: 'googleApiKey',
|
|
4
|
+
description: 'Google API key (GCP, Gemini, Maps, YouTube, etc.)',
|
|
5
|
+
regex: /\bAIza[a-zA-Z0-9_-]{30,}\b/g,
|
|
6
|
+
matchAccuracy: 'high',
|
|
7
|
+
},
|
|
8
|
+
{
|
|
9
|
+
name: 'googleOAuth2ClientId',
|
|
10
|
+
description: 'Google OAuth2 client ID',
|
|
11
|
+
regex: /\b[0-9]+-[a-z0-9]+\.apps\.googleusercontent\.com\b/g,
|
|
12
|
+
matchAccuracy: 'high',
|
|
13
|
+
},
|
|
14
|
+
{
|
|
15
|
+
name: 'googleOAuthClientSecret',
|
|
16
|
+
description: 'Google OAuth client secret',
|
|
17
|
+
regex: /\b"client_secret":\s*"[a-zA-Z0-9-_]{24}"\b/g,
|
|
18
|
+
matchAccuracy: 'high',
|
|
19
|
+
},
|
|
20
|
+
{
|
|
21
|
+
name: 'gcpServiceAccountEmail',
|
|
22
|
+
description: 'GCP service account email',
|
|
23
|
+
regex: /\b[a-z0-9-]+@[a-z0-9-]+\.iam\.gserviceaccount\.com\b/g,
|
|
24
|
+
matchAccuracy: 'high',
|
|
25
|
+
},
|
|
26
|
+
{
|
|
27
|
+
name: 'azureStorageConnectionString',
|
|
28
|
+
description: 'Azure storage account connection string',
|
|
29
|
+
regex: /\bDefaultEndpointsProtocol=https?;AccountName=[a-z0-9]+;AccountKey=[a-zA-Z0-9+/]+={0,2};EndpointSuffix=core\.windows\.net\b/g,
|
|
30
|
+
matchAccuracy: 'high',
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
name: 'azureSubscriptionId',
|
|
34
|
+
description: 'Azure subscription ID',
|
|
35
|
+
regex: /\b['"]?(?:AZURE|azure)?_?(?:SUBSCRIPTION|subscription)_?(?:ID|id)?['"]?\s*(?::|=>|=)\s*['"]?[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}['"]?\b/gi,
|
|
36
|
+
matchAccuracy: 'high',
|
|
37
|
+
fileContext: /(?:\.env|config|settings|secrets)/i,
|
|
38
|
+
},
|
|
39
|
+
{
|
|
40
|
+
name: 'azureTenantDomain',
|
|
41
|
+
description: 'Azure tenant domain (onmicrosoft.com)',
|
|
42
|
+
regex: /\b[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\.onmicrosoft\.com\b/gi,
|
|
43
|
+
matchAccuracy: 'medium',
|
|
44
|
+
fileContext: /(?:\.env|config|settings|secrets)/i,
|
|
45
|
+
},
|
|
46
|
+
{
|
|
47
|
+
name: 'azureCosmosDbConnectionString',
|
|
48
|
+
description: 'Azure Cosmos DB connection string',
|
|
49
|
+
regex: /\bAccountEndpoint=https:\/\/[a-z0-9-]+\.documents\.azure\.com:443\/;AccountKey=[a-zA-Z0-9+/]+={0,2}\b/g,
|
|
50
|
+
matchAccuracy: 'high',
|
|
51
|
+
},
|
|
52
|
+
{
|
|
53
|
+
name: 'azureServiceBusConnectionString',
|
|
54
|
+
description: 'Azure Service Bus connection string',
|
|
55
|
+
regex: /\bEndpoint=sb:\/\/[a-z0-9-]+\.servicebus\.windows\.net\/;SharedAccessKeyName=[a-zA-Z0-9]+;SharedAccessKey=[a-zA-Z0-9+/]+={0,2}\b/g,
|
|
56
|
+
matchAccuracy: 'high',
|
|
57
|
+
},
|
|
58
|
+
{
|
|
59
|
+
name: 'dropboxAccessToken',
|
|
60
|
+
description: 'Dropbox access token',
|
|
61
|
+
regex: /\bsl\.[a-zA-Z0-9_-]{64}\b/g,
|
|
62
|
+
matchAccuracy: 'high',
|
|
63
|
+
},
|
|
64
|
+
{
|
|
65
|
+
name: 'dropboxAppKey',
|
|
66
|
+
description: 'Dropbox app key',
|
|
67
|
+
regex: /\b[a-z0-9]{15}\.(?:app|apps)\.dropbox\.com\b/g,
|
|
68
|
+
matchAccuracy: 'high',
|
|
69
|
+
},
|
|
70
|
+
{
|
|
71
|
+
name: 'supabaseServiceKey',
|
|
72
|
+
description: 'Supabase personal access token',
|
|
73
|
+
regex: /\bsbp_[a-f0-9]{40}\b/g,
|
|
74
|
+
matchAccuracy: 'high',
|
|
75
|
+
},
|
|
76
|
+
{
|
|
77
|
+
name: 'supabaseSecretKey',
|
|
78
|
+
description: 'Supabase secret API key',
|
|
79
|
+
regex: /\bsb_secret_[a-zA-Z0-9_-]{22}_[a-fA-F0-9]{8}\b/g,
|
|
80
|
+
matchAccuracy: 'high',
|
|
81
|
+
},
|
|
82
|
+
{
|
|
83
|
+
name: 'planetScaleConnectionString',
|
|
84
|
+
description: 'PlanetScale connection string',
|
|
85
|
+
regex: /\bmysql:\/\/[a-zA-Z0-9_-]+:[a-zA-Z0-9_=-]+@[a-z0-9.-]+\.psdb\.cloud\/[a-zA-Z0-9_-]+\?sslaccept=strict\b/g,
|
|
86
|
+
matchAccuracy: 'high',
|
|
87
|
+
},
|
|
88
|
+
{
|
|
89
|
+
name: 'planetScaleToken',
|
|
90
|
+
description: 'PlanetScale API token',
|
|
91
|
+
regex: /\bpscale_tkn_[a-zA-Z0-9_-]{38,43}\b/g,
|
|
92
|
+
matchAccuracy: 'high',
|
|
93
|
+
},
|
|
94
|
+
{
|
|
95
|
+
name: 'sendgridApiKey',
|
|
96
|
+
description: 'SendGrid API key',
|
|
97
|
+
regex: /\bSG\.[A-Za-z0-9_-]{20,22}\.[A-Za-z0-9_-]{43}\b/g,
|
|
98
|
+
matchAccuracy: 'high',
|
|
99
|
+
},
|
|
100
|
+
{
|
|
101
|
+
name: 'mailgunApiKey',
|
|
102
|
+
description: 'Mailgun API key',
|
|
103
|
+
regex: /\bkey-[0-9a-z]{32}\b/g,
|
|
104
|
+
matchAccuracy: 'high',
|
|
105
|
+
},
|
|
106
|
+
{
|
|
107
|
+
name: 'mailchimpApiKey',
|
|
108
|
+
description: 'MailChimp API key',
|
|
109
|
+
regex: /\b[0-9a-f]{32}-us[0-9]{1,2}\b/g,
|
|
110
|
+
matchAccuracy: 'high',
|
|
111
|
+
},
|
|
112
|
+
{
|
|
113
|
+
name: 'telegramBotToken',
|
|
114
|
+
description: 'Telegram bot token',
|
|
115
|
+
regex: /\b[0-9]{8,10}:[A-Za-z0-9_-]{35}\b/g,
|
|
116
|
+
matchAccuracy: 'high',
|
|
117
|
+
},
|
|
118
|
+
{
|
|
119
|
+
name: 'twilioApiKey',
|
|
120
|
+
description: 'Twilio API key',
|
|
121
|
+
regex: /\bSK[a-z0-9]{32}\b/g,
|
|
122
|
+
matchAccuracy: 'high',
|
|
123
|
+
},
|
|
124
|
+
{
|
|
125
|
+
name: 'twilioAccountSid',
|
|
126
|
+
description: 'Twilio account SID',
|
|
127
|
+
regex: /\bAC[0-9a-fA-F]{32}\b/g,
|
|
128
|
+
matchAccuracy: 'high',
|
|
129
|
+
},
|
|
130
|
+
{
|
|
131
|
+
name: 'dockerHubToken',
|
|
132
|
+
description: 'Docker Hub personal access token',
|
|
133
|
+
regex: /\bdckr_pat_[a-zA-Z0-9_]{36}\b/g,
|
|
134
|
+
matchAccuracy: 'high',
|
|
135
|
+
},
|
|
136
|
+
{
|
|
137
|
+
name: 'pypiApiToken',
|
|
138
|
+
description: 'PyPI API token',
|
|
139
|
+
regex: /\bpypi-[a-zA-Z0-9_-]{84}\b/g,
|
|
140
|
+
matchAccuracy: 'high',
|
|
141
|
+
},
|
|
142
|
+
{
|
|
143
|
+
name: 'figmaToken',
|
|
144
|
+
description: 'Figma personal access token',
|
|
145
|
+
regex: /\bfigd_[a-zA-Z0-9_-]{43}\b/g,
|
|
146
|
+
matchAccuracy: 'high',
|
|
147
|
+
},
|
|
148
|
+
{
|
|
149
|
+
name: 'renderToken',
|
|
150
|
+
description: 'Render API token',
|
|
151
|
+
regex: /\brnd_[a-zA-Z0-9_-]{43}\b/g,
|
|
152
|
+
matchAccuracy: 'high',
|
|
153
|
+
},
|
|
154
|
+
{
|
|
155
|
+
name: 'airtablePersonalAccessToken',
|
|
156
|
+
description: 'Airtable personal access token',
|
|
157
|
+
regex: /\bpat[a-zA-Z0-9]{14}\.[a-zA-Z0-9]{64}\b/g,
|
|
158
|
+
matchAccuracy: 'high',
|
|
159
|
+
},
|
|
160
|
+
{
|
|
161
|
+
name: 'typeformToken',
|
|
162
|
+
description: 'Typeform API token',
|
|
163
|
+
regex: /\btfp_[a-zA-Z0-9_-]{43}\b/g,
|
|
164
|
+
matchAccuracy: 'high',
|
|
165
|
+
},
|
|
166
|
+
{
|
|
167
|
+
name: 'intercomAccessToken',
|
|
168
|
+
description: 'Intercom access token',
|
|
169
|
+
regex: /\bdG9rOi[a-zA-Z0-9+/]{46,48}={0,2}\b/g,
|
|
170
|
+
matchAccuracy: 'high',
|
|
171
|
+
},
|
|
172
|
+
{
|
|
173
|
+
name: 'digitalOceanToken',
|
|
174
|
+
description: 'DigitalOcean API token',
|
|
175
|
+
regex: /\bdop_v1_[a-f0-9]{64}\b/g,
|
|
176
|
+
matchAccuracy: 'high',
|
|
177
|
+
},
|
|
178
|
+
{
|
|
179
|
+
name: 'digitalOceanOAuthToken',
|
|
180
|
+
description: 'DigitalOcean OAuth access token',
|
|
181
|
+
regex: /\bdoo_v1_[a-f0-9]{64}\b/g,
|
|
182
|
+
matchAccuracy: 'high',
|
|
183
|
+
},
|
|
184
|
+
{
|
|
185
|
+
name: 'digitalOceanRefreshToken',
|
|
186
|
+
description: 'DigitalOcean OAuth refresh token',
|
|
187
|
+
regex: /\bdor_v1_[a-f0-9]{64}\b/g,
|
|
188
|
+
matchAccuracy: 'high',
|
|
189
|
+
},
|
|
190
|
+
{
|
|
191
|
+
name: 'cloudflareApiKey',
|
|
192
|
+
description: 'Cloudflare API key',
|
|
193
|
+
regex: /\b['"]?(?:cloudflare)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-z0-9_-]{40}['"]?\b/gi,
|
|
194
|
+
matchAccuracy: 'medium',
|
|
195
|
+
},
|
|
196
|
+
{
|
|
197
|
+
name: 'cloudflareGlobalApiKey',
|
|
198
|
+
description: 'Cloudflare Global API key',
|
|
199
|
+
regex: /\b['"]?(?:cloudflare)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-f0-9]{37}['"]?\b/gi,
|
|
200
|
+
matchAccuracy: 'medium',
|
|
201
|
+
},
|
|
202
|
+
{
|
|
203
|
+
name: 'cloudflareOriginCaKey',
|
|
204
|
+
description: 'Cloudflare Origin CA key',
|
|
205
|
+
regex: /\bv1\.0-[a-f0-9]{24}-[a-f0-9]{146}\b/g,
|
|
206
|
+
matchAccuracy: 'high',
|
|
207
|
+
},
|
|
208
|
+
{
|
|
209
|
+
name: 'flyioAccessToken',
|
|
210
|
+
description: 'Fly.io API access token',
|
|
211
|
+
regex: /\bfo1_[\w-]{43}\b/g,
|
|
212
|
+
matchAccuracy: 'high',
|
|
213
|
+
},
|
|
214
|
+
{
|
|
215
|
+
name: 'flyioMachineToken',
|
|
216
|
+
description: 'Fly.io machine token',
|
|
217
|
+
regex: /\bfm[12][ar]?_[a-zA-Z0-9+/]{100,}={0,3}\b/g,
|
|
218
|
+
matchAccuracy: 'high',
|
|
219
|
+
},
|
|
220
|
+
{
|
|
221
|
+
name: 'dopplerApiToken',
|
|
222
|
+
description: 'Doppler API token',
|
|
223
|
+
regex: /\bdp\.pt\.[a-z0-9]{43}\b/gi,
|
|
224
|
+
matchAccuracy: 'high',
|
|
225
|
+
},
|
|
226
|
+
{
|
|
227
|
+
name: 'dynatraceApiToken',
|
|
228
|
+
description: 'Dynatrace API token',
|
|
229
|
+
regex: /\bdt0c01\.[a-z0-9]{24}\.[a-z0-9]{64}\b/gi,
|
|
230
|
+
matchAccuracy: 'high',
|
|
231
|
+
},
|
|
232
|
+
{
|
|
233
|
+
name: 'netlifyAccessToken',
|
|
234
|
+
description: 'Netlify access token',
|
|
235
|
+
regex: /\b['"]?(?:netlify)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-z0-9=_-]{40,46}['"]?\b/gi,
|
|
236
|
+
matchAccuracy: 'medium',
|
|
237
|
+
},
|
|
238
|
+
{
|
|
239
|
+
name: 'scalingoApiToken',
|
|
240
|
+
description: 'Scalingo API token',
|
|
241
|
+
regex: /\btk-us-[\w-]{48}\b/g,
|
|
242
|
+
matchAccuracy: 'high',
|
|
243
|
+
},
|
|
244
|
+
{
|
|
245
|
+
name: 'infracostApiToken',
|
|
246
|
+
description: 'Infracost API token',
|
|
247
|
+
regex: /\bico-[a-zA-Z0-9]{32}\b/g,
|
|
248
|
+
matchAccuracy: 'high',
|
|
249
|
+
},
|
|
250
|
+
{
|
|
251
|
+
name: 'harnessApiKey',
|
|
252
|
+
description: 'Harness Access Token (PAT or SAT)',
|
|
253
|
+
regex: /\b(?:pat|sat)\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9]{24}\.[a-zA-Z0-9]{20}\b/g,
|
|
254
|
+
matchAccuracy: 'high',
|
|
255
|
+
},
|
|
256
|
+
{
|
|
257
|
+
name: 'azureAdClientSecret',
|
|
258
|
+
description: 'Azure AD client secret',
|
|
259
|
+
regex: /(?:^|[\\'"` \s>=:(,)])([a-zA-Z0-9_~.]{3}\dQ~[a-zA-Z0-9_~.-]{31,34})(?:$|[\\'"` \s<),])/g,
|
|
260
|
+
matchAccuracy: 'high',
|
|
261
|
+
},
|
|
262
|
+
{
|
|
263
|
+
name: 'herokuApiKeyV2',
|
|
264
|
+
description: 'Heroku API key (new format)',
|
|
265
|
+
regex: /\bHRKU-AA[0-9a-zA-Z_-]{58}\b/g,
|
|
266
|
+
matchAccuracy: 'high',
|
|
267
|
+
},
|
|
268
|
+
{
|
|
269
|
+
name: 'microsoftTeamsWebhook',
|
|
270
|
+
description: 'Microsoft Teams incoming webhook URL',
|
|
271
|
+
regex: /https:\/\/[a-z0-9]+\.webhook\.office\.com\/webhookb2\/[a-z0-9]{8}-(?:[a-z0-9]{4}-){3}[a-z0-9]{12}@[a-z0-9]{8}-(?:[a-z0-9]{4}-){3}[a-z0-9]{12}\/IncomingWebhook\/[a-z0-9]{32}\/[a-z0-9]{8}-(?:[a-z0-9]{4}-){3}[a-z0-9]{12}/gi,
|
|
272
|
+
matchAccuracy: 'high',
|
|
273
|
+
},
|
|
274
|
+
{
|
|
275
|
+
name: 'oktaAccessToken',
|
|
276
|
+
description: 'Okta access token',
|
|
277
|
+
regex: /\b['"]?(?:okta)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?00[\w=-]{40}['"]?\b/gi,
|
|
278
|
+
matchAccuracy: 'high',
|
|
279
|
+
},
|
|
280
|
+
{
|
|
281
|
+
name: 'openshiftUserToken',
|
|
282
|
+
description: 'OpenShift user token',
|
|
283
|
+
regex: /\bsha256~[\w-]{43}\b/g,
|
|
284
|
+
matchAccuracy: 'high',
|
|
285
|
+
},
|
|
286
|
+
{
|
|
287
|
+
name: 'denoDeployToken',
|
|
288
|
+
description: 'Deno Deploy access token',
|
|
289
|
+
regex: /\bddp_[a-zA-Z0-9]{40}\b/g,
|
|
290
|
+
matchAccuracy: 'high',
|
|
291
|
+
},
|
|
292
|
+
{
|
|
293
|
+
name: 'resendApiKey',
|
|
294
|
+
description: 'Resend email API key',
|
|
295
|
+
regex: /\bre_[a-zA-Z0-9]{30,}\b/g,
|
|
296
|
+
matchAccuracy: 'high',
|
|
297
|
+
},
|
|
298
|
+
{
|
|
299
|
+
name: 'azureOpenaiApiKey',
|
|
300
|
+
description: 'Azure OpenAI API key',
|
|
301
|
+
regex: /\b['"]?(?:AZURE_OPENAI|azure_openai)_?(?:API|api)?_?(?:KEY|key)['"]?\s*(?::|=>|=)\s*['"]?[a-f0-9]{32}['"]?\b/gi,
|
|
302
|
+
matchAccuracy: 'high',
|
|
303
|
+
},
|
|
304
|
+
{
|
|
305
|
+
name: 'railwayApiToken',
|
|
306
|
+
description: 'Railway API token',
|
|
307
|
+
regex: /\b['"]?(?:RAILWAY|railway)_?(?:API|api)?_?(?:TOKEN|token)['"]?\s*(?::|=>|=)\s*['"]?[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}['"]?\b/gi,
|
|
308
|
+
matchAccuracy: 'high',
|
|
309
|
+
},
|
|
310
|
+
{
|
|
311
|
+
name: 'convexDeployKey',
|
|
312
|
+
description: 'Convex deployment key',
|
|
313
|
+
regex: /\b(?:prod|dev):[a-zA-Z0-9_-]+:[a-zA-Z0-9_-]{40,}\b/g,
|
|
314
|
+
matchAccuracy: 'medium',
|
|
315
|
+
},
|
|
316
|
+
{
|
|
317
|
+
name: 'upstashKafkaCredentials',
|
|
318
|
+
description: 'Upstash Kafka REST credentials',
|
|
319
|
+
regex: /\b['"]?(?:UPSTASH_KAFKA)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-zA-Z0-9=_-]{40,}['"]?\b/gi,
|
|
320
|
+
matchAccuracy: 'medium',
|
|
321
|
+
},
|
|
322
|
+
{
|
|
323
|
+
name: 'cloudflareApiTokenPrefixed',
|
|
324
|
+
description: 'Cloudflare scannable API credential',
|
|
325
|
+
regex: /\bcf(?:k|ut|at)_[a-zA-Z0-9]{40}[a-fA-F0-9]{8}\b/g,
|
|
326
|
+
matchAccuracy: 'high',
|
|
327
|
+
},
|
|
328
|
+
];
|
|
@@ -0,0 +1,260 @@
|
|
|
1
|
+
export const slackPatterns = [
|
|
2
|
+
{
|
|
3
|
+
name: 'slackBotToken',
|
|
4
|
+
description: 'Slack bot token',
|
|
5
|
+
regex: /\bxoxb-[0-9]{10,13}-[0-9]{10,13}[a-zA-Z0-9-]*\b/g,
|
|
6
|
+
matchAccuracy: 'high',
|
|
7
|
+
},
|
|
8
|
+
{
|
|
9
|
+
name: 'slackUserToken',
|
|
10
|
+
description: 'Slack user token',
|
|
11
|
+
regex: /\bxoxp-[0-9]{10,13}-[0-9]{10,13}[a-zA-Z0-9-]*\b/g,
|
|
12
|
+
matchAccuracy: 'high',
|
|
13
|
+
},
|
|
14
|
+
{
|
|
15
|
+
name: 'slackWorkspaceToken',
|
|
16
|
+
description: 'Slack workspace token',
|
|
17
|
+
regex: /\bxoxa-[0-9]{10,13}-[0-9]{10,13}[a-zA-Z0-9-]*\b/g,
|
|
18
|
+
matchAccuracy: 'high',
|
|
19
|
+
},
|
|
20
|
+
{
|
|
21
|
+
name: 'slackRefreshToken',
|
|
22
|
+
description: 'Slack refresh token',
|
|
23
|
+
regex: /\bxoxr-[0-9]{10,13}-[0-9]{10,13}[a-zA-Z0-9-]*\b/g,
|
|
24
|
+
matchAccuracy: 'high',
|
|
25
|
+
},
|
|
26
|
+
{
|
|
27
|
+
name: 'slackWebhookUrl',
|
|
28
|
+
description: 'Slack incoming webhook URL',
|
|
29
|
+
regex: /(?:https?:\/\/)?hooks\.slack\.com\/(?:services|workflows|triggers)\/[A-Za-z0-9+/]{43,56}/gi,
|
|
30
|
+
matchAccuracy: 'high',
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
name: 'slackWebhookUrlClassic',
|
|
34
|
+
description: 'Slack classic incoming webhook URL',
|
|
35
|
+
regex: /\bhttps:\/\/hooks\.slack\.com\/services\/[A-Z0-9]{8,12}\/[A-Z0-9]{8,12}\/[A-Za-z0-9]{20,32}\b/g,
|
|
36
|
+
matchAccuracy: 'high',
|
|
37
|
+
fileContext: /(?:\.env|config|settings|secrets)/i,
|
|
38
|
+
},
|
|
39
|
+
{
|
|
40
|
+
name: 'slackAppToken',
|
|
41
|
+
description: 'Slack app-level token',
|
|
42
|
+
regex: /\bxapp-\d-[A-Z0-9]+-\d+-[a-z0-9]+\b/gi,
|
|
43
|
+
matchAccuracy: 'high',
|
|
44
|
+
},
|
|
45
|
+
{
|
|
46
|
+
name: 'slackConfigAccessToken',
|
|
47
|
+
description: 'Slack configuration access token',
|
|
48
|
+
regex: /\bxoxe\.xox[bp]-\d-[A-Z0-9]{163,166}\b/gi,
|
|
49
|
+
matchAccuracy: 'high',
|
|
50
|
+
},
|
|
51
|
+
{
|
|
52
|
+
name: 'sendbirdAccessToken',
|
|
53
|
+
description: 'Sendbird access token',
|
|
54
|
+
regex: /\b['"]?(?:sendbird)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-f0-9]{40}['"]?\b/gi,
|
|
55
|
+
matchAccuracy: 'medium',
|
|
56
|
+
},
|
|
57
|
+
{
|
|
58
|
+
name: 'messagebirdApiToken',
|
|
59
|
+
description: 'MessageBird API token',
|
|
60
|
+
regex: /\b['"]?(?:messagebird|message_bird|message-bird)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-z0-9]{25}['"]?\b/gi,
|
|
61
|
+
matchAccuracy: 'medium',
|
|
62
|
+
},
|
|
63
|
+
{
|
|
64
|
+
name: 'mattermostAccessToken',
|
|
65
|
+
description: 'Mattermost access token',
|
|
66
|
+
regex: /\b['"]?(?:mattermost)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-z0-9]{26}['"]?\b/gi,
|
|
67
|
+
matchAccuracy: 'medium',
|
|
68
|
+
},
|
|
69
|
+
{
|
|
70
|
+
name: 'zendeskSecretKey',
|
|
71
|
+
description: 'Zendesk secret key',
|
|
72
|
+
regex: /\b['"]?(?:zendesk)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-z0-9]{40}['"]?\b/gi,
|
|
73
|
+
matchAccuracy: 'medium',
|
|
74
|
+
},
|
|
75
|
+
{
|
|
76
|
+
name: 'freshdeskApiKey',
|
|
77
|
+
description: 'Freshdesk API key',
|
|
78
|
+
regex: /\b['"]?(?:freshdesk)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-zA-Z0-9]{20}['"]?\b/gi,
|
|
79
|
+
matchAccuracy: 'medium',
|
|
80
|
+
},
|
|
81
|
+
{
|
|
82
|
+
name: 'sendinblueApiToken',
|
|
83
|
+
description: 'Sendinblue (Brevo) API token',
|
|
84
|
+
regex: /\bxkeysib-[a-f0-9]{64}-[a-z0-9]{16}\b/g,
|
|
85
|
+
matchAccuracy: 'high',
|
|
86
|
+
},
|
|
87
|
+
{
|
|
88
|
+
name: 'pusherAppSecret',
|
|
89
|
+
description: 'Pusher app secret',
|
|
90
|
+
regex: /\b['"]?(?:PUSHER|pusher)_?(?:APP|app)?_?(?:SECRET|secret)['"]?\s*(?::|=>|=)\s*['"]?[a-f0-9]{20}['"]?\b/gi,
|
|
91
|
+
matchAccuracy: 'medium',
|
|
92
|
+
},
|
|
93
|
+
{
|
|
94
|
+
name: 'streamApiSecret',
|
|
95
|
+
description: 'Stream (GetStream.io) API secret',
|
|
96
|
+
regex: /\b['"]?(?:STREAM|stream|GETSTREAM)_?(?:API|api)?_?(?:SECRET|secret|KEY|key)['"]?\s*(?::|=>|=)\s*['"]?[a-z0-9]{40,}['"]?\b/gi,
|
|
97
|
+
matchAccuracy: 'medium',
|
|
98
|
+
},
|
|
99
|
+
{
|
|
100
|
+
name: 'postmarkServerToken',
|
|
101
|
+
description: 'Postmark server API token',
|
|
102
|
+
regex: /\b[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\b/g,
|
|
103
|
+
matchAccuracy: 'medium',
|
|
104
|
+
fileContext: /postmark/i,
|
|
105
|
+
},
|
|
106
|
+
{
|
|
107
|
+
name: 'vonageApiSecret',
|
|
108
|
+
description: 'Vonage/Nexmo API secret',
|
|
109
|
+
regex: /\b['"]?(?:VONAGE|NEXMO|vonage|nexmo)_?(?:API|api)?_?(?:SECRET|secret)['"]?\s*(?::|=>|=)\s*['"]?[a-zA-Z0-9]{16}['"]?\b/gi,
|
|
110
|
+
matchAccuracy: 'medium',
|
|
111
|
+
},
|
|
112
|
+
{
|
|
113
|
+
name: 'customerIoApiKey',
|
|
114
|
+
description: 'Customer.io API key',
|
|
115
|
+
regex: /\b['"]?(?:CUSTOMERIO|customer_io|CUSTOMER_IO)_?(?:API|api)?_?(?:KEY|key)['"]?\s*(?::|=>|=)\s*['"]?[a-f0-9]{32,}['"]?\b/gi,
|
|
116
|
+
matchAccuracy: 'medium',
|
|
117
|
+
},
|
|
118
|
+
];
|
|
119
|
+
export const socialMediaPatterns = [
|
|
120
|
+
{
|
|
121
|
+
name: 'twitterBearerToken',
|
|
122
|
+
description: 'Twitter/X Bearer token',
|
|
123
|
+
regex: /\bAAAAAAAAAAAAAAAAAAAAA[a-zA-Z0-9%]{50,}\b/g,
|
|
124
|
+
matchAccuracy: 'high',
|
|
125
|
+
},
|
|
126
|
+
{
|
|
127
|
+
name: 'facebookAccessToken',
|
|
128
|
+
description: 'Facebook/Meta access token',
|
|
129
|
+
regex: /\bEAA[a-zA-Z0-9]{80,120}\b/g,
|
|
130
|
+
matchAccuracy: 'high',
|
|
131
|
+
},
|
|
132
|
+
{
|
|
133
|
+
name: 'facebookPageAccessToken',
|
|
134
|
+
description: 'Facebook/Meta page access token',
|
|
135
|
+
regex: /\bEAAB[a-zA-Z0-9+/]{100,}\b/g,
|
|
136
|
+
matchAccuracy: 'high',
|
|
137
|
+
},
|
|
138
|
+
{
|
|
139
|
+
name: 'instagramAccessToken',
|
|
140
|
+
description: 'Instagram access token',
|
|
141
|
+
regex: /\bIGQV[a-zA-Z0-9_-]{100,}\b/g,
|
|
142
|
+
matchAccuracy: 'high',
|
|
143
|
+
},
|
|
144
|
+
{
|
|
145
|
+
name: 'discordSocialBotToken',
|
|
146
|
+
description: 'Discord social bot token',
|
|
147
|
+
regex: /\b[MN][A-Za-z\d]{23}\.[A-Za-z\d-_]{6}\.[A-Za-z\d-_]{27}\b/g,
|
|
148
|
+
matchAccuracy: 'high',
|
|
149
|
+
},
|
|
150
|
+
{
|
|
151
|
+
name: 'discordSocialWebhookUrl',
|
|
152
|
+
description: 'Discord social webhook URL',
|
|
153
|
+
regex: /\bhttps:\/\/discord(?:app)?\.com\/api\/webhooks\/[0-9]{17,19}\/[A-Za-z0-9_-]{68}\b/g,
|
|
154
|
+
matchAccuracy: 'high',
|
|
155
|
+
},
|
|
156
|
+
{
|
|
157
|
+
name: 'pinterestAccessToken',
|
|
158
|
+
description: 'Pinterest access token',
|
|
159
|
+
regex: /\bpina_[a-zA-Z0-9]{32}\b/g,
|
|
160
|
+
matchAccuracy: 'high',
|
|
161
|
+
},
|
|
162
|
+
{
|
|
163
|
+
name: 'linkedinApiToken',
|
|
164
|
+
description: 'LinkedIn API token',
|
|
165
|
+
regex: /\b['"]?(?:linkedin|linked_in|linked-in)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-z0-9]{14,16}['"]?\b/gi,
|
|
166
|
+
matchAccuracy: 'medium',
|
|
167
|
+
},
|
|
168
|
+
{
|
|
169
|
+
name: 'youtubeApiKey',
|
|
170
|
+
description: 'YouTube Data API key',
|
|
171
|
+
regex: /\b['"]?(?:youtube)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?AIza[a-zA-Z0-9_-]{35}['"]?\b/gi,
|
|
172
|
+
matchAccuracy: 'high',
|
|
173
|
+
},
|
|
174
|
+
{
|
|
175
|
+
name: 'tiktokApiToken',
|
|
176
|
+
description: 'TikTok API token',
|
|
177
|
+
regex: /\b['"]?(?:tiktok)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-zA-Z0-9_-]{40,}['"]?\b/gi,
|
|
178
|
+
matchAccuracy: 'medium',
|
|
179
|
+
},
|
|
180
|
+
];
|
|
181
|
+
export const shippingLogisticsPatterns = [
|
|
182
|
+
{
|
|
183
|
+
name: 'shippoApiToken',
|
|
184
|
+
description: 'Shippo API token',
|
|
185
|
+
regex: /\bshippo_(?:live|test)_[a-fA-F0-9]{40}\b/g,
|
|
186
|
+
matchAccuracy: 'high',
|
|
187
|
+
},
|
|
188
|
+
{
|
|
189
|
+
name: 'easypostApiToken',
|
|
190
|
+
description: 'EasyPost API token',
|
|
191
|
+
regex: /\bEZAK[a-z0-9]{54}\b/gi,
|
|
192
|
+
matchAccuracy: 'high',
|
|
193
|
+
},
|
|
194
|
+
{
|
|
195
|
+
name: 'easypostTestApiToken',
|
|
196
|
+
description: 'EasyPost test API token',
|
|
197
|
+
regex: /\bEZTK[a-z0-9]{54}\b/gi,
|
|
198
|
+
matchAccuracy: 'high',
|
|
199
|
+
},
|
|
200
|
+
{
|
|
201
|
+
name: 'duffelApiToken',
|
|
202
|
+
description: 'Duffel travel API token',
|
|
203
|
+
regex: /\bduffel_(?:test|live)_[a-z0-9_\-=]{43}\b/gi,
|
|
204
|
+
matchAccuracy: 'high',
|
|
205
|
+
},
|
|
206
|
+
{
|
|
207
|
+
name: 'frameioApiToken',
|
|
208
|
+
description: 'Frame.io API token',
|
|
209
|
+
regex: /\bfio-u-[a-z0-9\-_=]{64}\b/gi,
|
|
210
|
+
matchAccuracy: 'high',
|
|
211
|
+
},
|
|
212
|
+
{
|
|
213
|
+
name: 'maxmindLicenseKey',
|
|
214
|
+
description: 'MaxMind license key',
|
|
215
|
+
regex: /\b[A-Za-z0-9]{6}_[A-Za-z0-9]{29}_mmk\b/g,
|
|
216
|
+
matchAccuracy: 'high',
|
|
217
|
+
},
|
|
218
|
+
{
|
|
219
|
+
name: 'asanaPersonalAccessToken',
|
|
220
|
+
description: 'Asana personal access token',
|
|
221
|
+
regex: /\b['"]?(?:asana)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[0-9]{16}['"]?\b/gi,
|
|
222
|
+
matchAccuracy: 'medium',
|
|
223
|
+
},
|
|
224
|
+
{
|
|
225
|
+
name: 'mondayApiToken',
|
|
226
|
+
description: 'Monday.com API token',
|
|
227
|
+
regex: /\b['"]?(?:monday)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?eyJ[a-zA-Z0-9_-]{100,}['"]?\b/gi,
|
|
228
|
+
matchAccuracy: 'medium',
|
|
229
|
+
},
|
|
230
|
+
{
|
|
231
|
+
name: 'trelloApiKey',
|
|
232
|
+
description: 'Trello API key',
|
|
233
|
+
regex: /\b['"]?(?:trello)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-f0-9]{32}['"]?\b/gi,
|
|
234
|
+
matchAccuracy: 'medium',
|
|
235
|
+
},
|
|
236
|
+
{
|
|
237
|
+
name: 'jiraApiToken',
|
|
238
|
+
description: 'Jira API token',
|
|
239
|
+
regex: /\b['"]?(?:jira)(?:[\s\w.-]{0,20})['"]?\s*(?::|=>|=)\s*['"]?[a-zA-Z0-9]{24}['"]?\b/gi,
|
|
240
|
+
matchAccuracy: 'medium',
|
|
241
|
+
},
|
|
242
|
+
{
|
|
243
|
+
name: 'settlemintApplicationAccessToken',
|
|
244
|
+
description: 'SettleMint application access token',
|
|
245
|
+
regex: /\bsm_aat_[a-zA-Z0-9]{16}\b/g,
|
|
246
|
+
matchAccuracy: 'high',
|
|
247
|
+
},
|
|
248
|
+
{
|
|
249
|
+
name: 'settlemintPersonalAccessToken',
|
|
250
|
+
description: 'SettleMint personal access token',
|
|
251
|
+
regex: /\bsm_pat_[a-zA-Z0-9]{16}\b/g,
|
|
252
|
+
matchAccuracy: 'high',
|
|
253
|
+
},
|
|
254
|
+
{
|
|
255
|
+
name: 'settlemintServiceAccessToken',
|
|
256
|
+
description: 'SettleMint service access token',
|
|
257
|
+
regex: /\bsm_sat_[a-zA-Z0-9]{16}\b/g,
|
|
258
|
+
matchAccuracy: 'high',
|
|
259
|
+
},
|
|
260
|
+
];
|