fix(password-secret): valid regex for one-liner files

americanexpress · Aug 6, 2021 · 7c5e455 · 7c5e455
1 parent 0f519db
commit 7c5e455
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/config/earlybird.json b/config/earlybird.json
@@ -57,6 +57,6 @@
   "display_threshold_level": 3,
   "display_confidence_threshold_level": 2,
   "earlybird_config_url": "https://raw.githubusercontent.com/americanexpress/earlybird/main/config/earlybird.json",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "name": "earlybird"
 }
diff --git a/config/rules/password-secret.yaml b/config/rules/password-secret.yaml
@@ -572,7 +572,7 @@ rules:
       - CWE-257
       - CWE-259
   - Code: 3065
-    Pattern: heroku.*[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}
+    Pattern: heroku.{0,55}[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}
     Caption: Heroku key
     Category: password-secret
     Example: 'heroku: ''A0AAA0AA-aAaa-AAAA-aaAA-Aa00AaAA0a0A'''
@@ -600,7 +600,7 @@ rules:
       - CWE-257
       - CWE-259
   - Code: 3067
-    Pattern: facebook.*['"'"'"][0-9a-f]{32,255}['"'"'"]
+    Pattern: facebook.{0,55}['"'"'"][0-9a-f]{32,255}['"'"'"]
     Caption: Facebook key
     Category: password-secret
     Example: 'facebook: ''a00000aa0aaa0aa0a00aa00a00000aaa0a000a0a0aaa0a0a0a00aa00a000aaa0'''
@@ -614,7 +614,7 @@ rules:
       - CWE-257
       - CWE-259
   - Code: 3068
-    Pattern: twitter.*['"'"'"][a-zA-Z0-9]{35,44}['"'"'"]
+    Pattern: twitter.{0,55}['"'"'"][a-zA-Z0-9]{35,44}['"'"'"]
     Caption: Twitter key
     Category: password-secret
     Example: 'twitter: ''0aaAaA0AAAA0000a0a0A0a0aaa0AaAA0a0a'''