version: v0.1
Comments / Notes:
- Removed from Secret Scanning for private repositories: https://github.blog/changelog/2021-10-18-secret-scanning-no-longer-supports-azure-sql-connection-strings-in-private-repos/
Pattern Format
(?i)[a-z][a-z0-9-]+\.database(?:\.secure)?\.(?:(?:windows|usgovcloudapi)\.net|chinacloudapi\.cn|cloudapi\.de)version: v0.1
Pattern Format
eyJrIjoi[A-Za-z0-9_=-]{42}version: v0.1
Comments / Notes:
- Deprecated (supported by Secret Scanning)
Pattern Format
SG\.[a-zA-Z0-9-]{5,}\.[a-zA-Z0-9-]{5,}End Pattern
\z|[^a-zA-Z0-9-]version: v0.1
Pattern Format
[a-fA-F0-9]{64}Start Pattern
(?:\A|[\r\n])(?:\[auth\][^[]*\ntoken=|(?:export )?SENTRY_AUTH_TOKEN=|sentry-cli [^\r\n]*--auth-token |auth\.token=)End Pattern
\z|\sAdditional Matches
Add these additional matches to the [Secret Scanning Custom Pattern](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#example-of-a-custom-pattern-specified-using-additional-requirements).
- Match:
\d\D|\D\d
version: v0.1
Pattern Format
[a-fA-F0-9]{32}Start Pattern
(?:\A|[\r\n])(?:\[auth\][^[]*\napi_key=|(?:export )?SENTRY_API_KEY=|sentry-cli [^\r\n]*--api-key |auth\.api_key=)End Pattern
\z|\sAdditional Matches
Add these additional matches to the [Secret Scanning Custom Pattern](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#example-of-a-custom-pattern-specified-using-additional-requirements).
- Match:
\d\D|\D\d
version: v0.1
Comments / Notes:
- The secret part of the DSN is optional and effectively deprecated, and should be removed from the DSN: https://docs.sentry.io/product/sentry-basics/dsn-explainer
Pattern Format
[a-fA-F0-9]{32}Start Pattern
https://[a-fA-F0-9]{32}:End Pattern
@([a-z0-9-.]+\.)?sentry\.io(?:/[^?#]*)?/\d+Additional Matches
Add these additional matches to the [Secret Scanning Custom Pattern](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#example-of-a-custom-pattern-specified-using-additional-requirements).
- Match:
\d\D|\D\d
version: v0.1
Pattern Format
(?:[a-fA-F0-9]{32}|[a-fA-F0-9]{64})Start Pattern
new SentryPlugin\(\s*\{[^}]*[,\n \t]apiKey:\s*['"]End Pattern
['"]Additional Matches
Add these additional matches to the [Secret Scanning Custom Pattern](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#example-of-a-custom-pattern-specified-using-additional-requirements).
- Match:
\d\D|\D\d
version: v0.1
Pattern Format
[a-fA-F0-9]{64}Start Pattern
(?:\A|[\r\n])provider "sentry" {[^}]*[\n \t]token\s*=\s*['"]End Pattern
['"]Additional Matches
Add these additional matches to the [Secret Scanning Custom Pattern](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#example-of-a-custom-pattern-specified-using-additional-requirements).
- Match:
\d\D|\D\d
version: v0.1
Comments / Notes:
- Okta token, starting with
00and 40 random alphanumeric with _ and -
Pattern Format
(0{2}[0-9A-Za-z_-]{40})Start Pattern
(\A|[^0-9A-Za-z_+/-])End Pattern
(\z|[^0-9A-Za-z_+/=-])Additional Matches
Add these additional matches to the [Secret Scanning Custom Pattern](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#example-of-a-custom-pattern-specified-using-additional-requirements).
- Not Match:
[0-9A-Fa-f-]{30} - Not Match:
[a-zA-Z_-]{30} - Not Match:
^\d+(\.\d+)?e[+-]?\d+$ - Not Match:
[\d_]{30}
version: v0.1
Comments / Notes:
- Looks for surrounding context to confirm this is a DataDog API key, not some other 32-byte hex string
Pattern Format
[a-f0-9]{32}Start Pattern
(\A|\b)(((?i)(DD|DATADOG)_API_KEY)['"]?\s*(value)?[=:,]\s*['"]?|new DataDogWinston\({[^}]*apiKey:\s*'|terraformer import datadog [^\n]*--api-key=|provider "datadog" {[^}]*api_key\s*=\s*")End Pattern
\z|\bAdditional Matches
Add these additional matches to the [Secret Scanning Custom Pattern](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#example-of-a-custom-pattern-specified-using-additional-requirements).
- Not Match:
^0+$ - Not Match:
^1+$ - Not Match:
^ef8d5de700e7989468166c40fc8a0ccd$ - Not Match:
^(a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5|1234567890abcdef1234567890abcdef)$
version: v0.1
Comments / Notes:
- Looks for surrounding context to confirm this is a DataDog App key, not some other 40-byte hex string
Pattern Format
[a-f0-9]{40}Start Pattern
(\A|\b)(((?i)(DD|DATADOG)_APP(LICATION)?_KEY)['"]?\s*(value)?[=:,]\s*['"]?|new DataDogWinston\({[^}]*apiKey:\s*'|terraformer import datadog [^\n]*--api-key=|provider "datadog" {[^}]*api_key\s*=\s*")End Pattern
\z|\bAdditional Matches
Add these additional matches to the [Secret Scanning Custom Pattern](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#example-of-a-custom-pattern-specified-using-additional-requirements).
- Not Match:
^0+$ - Not Match:
^1+$ - Not Match:
a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5e6f7a8b9