File: github.go

package info (click to toggle)
gitleaks 8.16.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 1,288 kB
  • sloc: makefile: 26; python: 19
file content (89 lines) | stat: -rw-r--r-- 2,220 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
 
package rules

import (
	"regexp"

	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
	"github.com/zricethezav/gitleaks/v8/config"
)

func GitHubPat() *config.Rule {
	// define rule
	r := config.Rule{
		Description: "GitHub Personal Access Token",
		RuleID:      "github-pat",
		Regex:       regexp.MustCompile(`ghp_[0-9a-zA-Z]{36}`),
		Keywords:    []string{"ghp_"},
	}

	// validate
	tps := []string{
		generateSampleSecret("github", "ghp_"+secrets.NewSecret(alphaNumeric("36"))),
	}
	return validate(r, tps, nil)
}

func GitHubFineGrainedPat() *config.Rule {
	// define rule
	r := config.Rule{
		Description: "GitHub Fine-Grained Personal Access Token",
		RuleID:      "github-fine-grained-pat",
		Regex:       regexp.MustCompile(`github_pat_[0-9a-zA-Z_]{82}`),
		Keywords:    []string{"github_pat_"},
	}

	// validate
	tps := []string{
		generateSampleSecret("github", "github_pat_"+secrets.NewSecret(alphaNumeric("82"))),
	}
	return validate(r, tps, nil)
}

func GitHubOauth() *config.Rule {
	// define rule
	r := config.Rule{
		Description: "GitHub OAuth Access Token",
		RuleID:      "github-oauth",
		Regex:       regexp.MustCompile(`gho_[0-9a-zA-Z]{36}`),
		Keywords:    []string{"gho_"},
	}

	// validate
	tps := []string{
		generateSampleSecret("github", "gho_"+secrets.NewSecret(alphaNumeric("36"))),
	}
	return validate(r, tps, nil)
}

func GitHubApp() *config.Rule {
	// define rule
	r := config.Rule{
		Description: "GitHub App Token",
		RuleID:      "github-app-token",
		Regex:       regexp.MustCompile(`(ghu|ghs)_[0-9a-zA-Z]{36}`),
		Keywords:    []string{"ghu_", "ghs_"},
	}

	// validate
	tps := []string{
		generateSampleSecret("github", "ghu_"+secrets.NewSecret(alphaNumeric("36"))),
		generateSampleSecret("github", "ghs_"+secrets.NewSecret(alphaNumeric("36"))),
	}
	return validate(r, tps, nil)
}

func GitHubRefresh() *config.Rule {
	// define rule
	r := config.Rule{
		Description: "GitHub Refresh Token",
		RuleID:      "github-refresh-token",
		Regex:       regexp.MustCompile(`ghr_[0-9a-zA-Z]{36}`),
		Keywords:    []string{"ghr_"},
	}

	// validate
	tps := []string{
		generateSampleSecret("github", "ghr_"+secrets.NewSecret(alphaNumeric("36"))),
	}
	return validate(r, tps, nil)
}