Add: Readme, rubygems, scalingo, sendinblue, shippo

keyshade-xyz · Sep 16, 2024 · d58ae51 · d58ae51
1 parent fff1935
commit d58ae51
Show file tree

Hide file tree

Showing 8 changed files with 194 additions and 4 deletions.
diff --git a/packages/secret-scan/src/denylist.ts b/packages/secret-scan/src/denylist.ts
@@ -53,7 +53,7 @@ import {
   infracost,
   intra42,
   // kubernetes,
-  linear, lob, planetscale, postman, prefect, pulumi
+  linear, lob, planetscale, postman, prefect, pulumi, readme, rubygems, scalingo, sendinblue, shippo
 } from '@/rules'
 
 const denylist: SecretConfig = {
@@ -180,7 +180,17 @@ const denylist: SecretConfig = {
 
   prefect: prefect(),
 
-  pulumi: pulumi()
+  pulumi: pulumi(),
+
+  readme: readme(),
+
+  rubygems: rubygems(),
+
+  scalingo: scalingo(),
+
+  sendinblue: sendinblue(),
+
+  shippo: shippo()
 }
 
 export default denylist
diff --git a/packages/secret-scan/src/rules/index.ts b/packages/secret-scan/src/rules/index.ts
@@ -60,6 +60,11 @@ import planetscale from './planetscale'
 import postman from './postman'
 import prefect from './prefect'
 import pulumi from './pulumi'
+import readme from './readme'
+import rubygems from './rubygems'
+import scalingo from './scalingo'
+import sendinblue from './sendinblue'
+import shippo from './shippo'
 
 export {
   private_key,
@@ -123,5 +128,10 @@ export {
   planetscale,
   postman,
   prefect,
-  pulumi
+  pulumi,
+  readme,
+  rubygems,
+  scalingo,
+  sendinblue,
+  shippo
 }
diff --git a/packages/secret-scan/src/rules/readme.ts b/packages/secret-scan/src/rules/readme.ts
@@ -0,0 +1,30 @@
+// keyshade-ignore-all
+import type { TestCase }from '@/types'
+
+export default function readme(): RegExp[] {
+	return [
+		// Readme API Key regex
+		/rdme_[a-z0-9]{70}/
+	]
+}
+
+const testcase: TestCase[] = [
+	{
+		input: 'rdme_gmof25sb3fpcxljii5qvo1bqm7bartk9plo3r1yzus98rp1r7m6ljbn6wca140bra0luib',
+		expected: true
+	},
+	{
+		input: 'rdme_5the1frp29hldpuswj1qxczbk5w2m5hxza48zwi3mvppjr9w4fjqzed74znqvd2sku3c3h',
+		expected: true
+	},
+	{
+		input: 'rdme_',
+		expected: false
+	},
+	{
+		input: 'README',
+		expected: false
+	}
+]
+
+readme.testcases = testcase
diff --git a/packages/secret-scan/src/rules/rubygems.ts b/packages/secret-scan/src/rules/rubygems.ts
@@ -0,0 +1,30 @@
+// keyshade-ignore-all
+import type { TestCase }from '@/types'
+
+export default function rubygems(): RegExp[] {
+	return [
+		// Ruby Gems API Key regex
+		/rubygems_[a-f0-9]{48}/
+	]
+}
+
+const testcase: TestCase[] = [
+	{
+		input: 'rubygems_fb6bff4ec114a74a96c4cd82bd34969fbc7873b15f4a0465',
+		expected: true
+	},
+	{
+		input: 'rubygems_afff37f44056352348e9b97b33315e55792c0680841ba6bd',
+		expected: true
+	},
+	{
+		input: 'rubygems_',
+		expected: false
+	},
+	{
+		input: 'RubyGems',
+		expected: false
+	}
+]
+
+rubygems.testcases = testcase
diff --git a/packages/secret-scan/src/rules/scalingo.ts b/packages/secret-scan/src/rules/scalingo.ts
@@ -0,0 +1,30 @@
+// keyshade-ignore-all
+import type { TestCase }from '@/types'
+
+export default function scalingo(): RegExp[] {
+	return [
+		// Scalingo API Key regex
+		/tk-us-[a-zA-Z0-9-_]{48}/
+	]
+}
+
+const testcase: TestCase[] = [
+	{
+		input: 'tk-us-TPdFpIyuvXJLQytNSugN3RBeN0YYLed3ib1b7uJiPqk_XAws',
+		expected: true
+	},
+	{
+		input: 'tk-us-h0rx7zIiaoFsmloQDcfCdkhaAljG9QjQRkmuF894qCCnp4XX',
+		expected: true
+	},
+	{
+		input: 'tk-us-',
+		expected: false
+	},
+	{
+		input: 'Scalingo',
+		expected: false
+	}
+]
+
+scalingo.testcases = testcase
diff --git a/packages/secret-scan/src/rules/sendinblue.ts b/packages/secret-scan/src/rules/sendinblue.ts
@@ -0,0 +1,30 @@
+// keyshade-ignore-all
+import type { TestCase }from '@/types'
+
+export default function sendinblue(): RegExp[] {
+	return [
+		// SendInBlue API Key regex
+		/xkeysib-[a-f0-9]{64}-[a-z0-9]{16}/i
+	]
+}
+
+const testcase: TestCase[] = [
+	{
+		input: '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',
+		expected: true
+	},
+	{
+		input: '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',
+		expected: true
+	},
+	{
+		input: 'xkeysib-',
+		expected: false
+	},
+	{
+		input: 'SENDINBLUE',
+		expected: false
+	}
+]
+
+sendinblue.testcases = testcase
diff --git a/packages/secret-scan/src/rules/shippo.ts b/packages/secret-scan/src/rules/shippo.ts
@@ -0,0 +1,30 @@
+// keyshade-ignore-all
+import type { TestCase }from '@/types'
+
+export default function shippo(): RegExp[] {
+	return [
+		// Shippo API Key regex
+		/shippo_(live|test)_[a-f0-9]{40}/i
+	]
+}
+
+const testcase: TestCase[] = [
+	{
+		input: 'shippo_test_db8536f152f40910e83640bc9567783f3ac7965f',
+		expected: true
+	},
+	{
+		input: 'shippo_live_e844246554cebd546a8b2cce0aad583992368c82',
+		expected: true
+	},
+	{
+		input: 'shippo_',
+		expected: false
+	},
+	{
+		input: 'Shippo',
+		expected: false
+	}
+]
+
+shippo.testcases = testcase
diff --git a/packages/secret-scan/src/test/secret.test.ts b/packages/secret-scan/src/test/secret.test.ts
@@ -62,7 +62,12 @@ import {
   planetscale,
   postman,
   prefect,
-  pulumi
+  pulumi,
+  readme,
+  rubygems,
+  scalingo,
+  sendinblue,
+  shippo
 } from '@/rules'
 import type { TestCase } from '@/types'
 import secretDetector from '@/index'
@@ -286,4 +291,19 @@ describe('Detect Secrets from string', () => {
   it(testcaseTitleTemplate('Pulumi Key'), () => {
     testSecret(pulumi.testcases)
   });
+  it(testcaseTitleTemplate('Readme Key'), () => {
+    testSecret(readme.testcases)
+  });
+  it(testcaseTitleTemplate('Rubygems Key'), () => {
+    testSecret(rubygems.testcases)
+  });
+  it(testcaseTitleTemplate('Scalingo Key'), () => {
+    testSecret(scalingo.testcases)
+  });
+  it(testcaseTitleTemplate('Sendinblue Key'), () => {
+    testSecret(sendinblue.testcases)
+  });
+  it(testcaseTitleTemplate('Shippo Key'), () => {
+    testSecret(shippo.testcases)
+  });
 })