@atomist/sdm-pack-aspect
Version:
an Atomist SDM Extension Pack for visualizing drift across an organization
58 lines (56 loc) • 1.95 kB
YAML
# List of glob patterns to match files to look for secrets in
globs:
- "**"
- "!**/package-lock.json"
- "!**/shrinkwrap.yaml"
- "!**/yarn.lock"
secrets:
# List of secrets, with regex and description
# These come from Table III at https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04B-3_Meli_paper.pdf
- secret:
pattern: "[1-9][0-9]+-[0-9a-zA-Z]{40}"
description: "Twitter access token"
- secret:
pattern: "EAACEdEose0cBA[0-9A-Za-z]+"
description: "Facebook access token"
- secret:
pattern: "AIza[0-9A-Za-z\-_]{35}"
description: "Google API key"
- secret:
pattern: "[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com"
description: "Google Oauth ID"
- secret:
pattern: "sk_live_[0-9a-z]{32}"
description: "Picatic API Key"
- secret:
pattern: "sk_live_[0-9a-zA-Z]{24}"
description: "Stripe regular API key"
- secret:
pattern: "sq0csp-[0-9A-Za-z\-_]{43}"
description: "Stripe restricted API key"
- secret:
pattern: "sq0atp-[0-9A-Za-z\-_]{22}"
description: "Square access token"
- secret:
pattern: "sq0csp-[0-9A-Za-z\-_]{43}"
description: "Square Oauth Secret"
- secret:
pattern: "access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}"
description: "PayPal Braintree access token"
- secret:
pattern: "amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
description: "Amazon MWS auth token"
- secret:
pattern: "SK[0-9a-fA-F]{32}"
description: "Twilio API key"
- secret:
pattern: "key-[0-9a-zA-Z]{32}"
description: "MailGun API key"
- secret:
pattern: "[0-9a-f]{32}-us[0-9]{1,2}"
description: "MailChimp API key"
- secret:
pattern: "AKIA[0-9A-Z]{16}"
description: "AWS access key ID"
# List of acceptable secret-like literals
whitelist: