Update default rules to add JWT and private keys

github · Nov 15, 2023 · 524fdc5 · 524fdc5
1 parent 1d6b7d5
commit 524fdc5
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/lib/patterns/default.rb b/lib/patterns/default.rb
@@ -5,6 +5,8 @@ module Patterns
   DEFAULT = [
     /ghp_[A-Za-z0-9]{36,}|[0-9A-Fa-f]{40,}/, # GitHub Personal Access Token
     /github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59}/, # GitHub Personal Access Token (fine-grained)
-    /ghs_[a-zA-Z0-9]{36}/ # Temporary GitHub Actions Tokens
+    /ghs_[a-zA-Z0-9]{36}/, # Temporary GitHub Actions Tokens
+    /\b(ey[a-zA-Z0-9]{17,}\.ey[a-zA-Z0-9\/\\_-]{17,}\.(?:[a-zA-Z0-9\/\\_-]{10,}={0,2})?)(?:['|\"|\n|\r|\s|\x60|;]|$)/, # JWT tokens
+    /(?i)-----BEGIN[ A-Z0-9_-]{0,100}PRIVATE KEY( BLOCK)?-----[\s\S-]*KEY( BLOCK)?----/ # private keys
   ].freeze
 end