Skip to content

Commit

Permalink
fix(secret): use .eyJ keyword for JWT secret (aquasecurity#7410)
Browse files Browse the repository at this point in the history
  • Loading branch information
DmitriyLewen authored and fhielpos committed Dec 20, 2024
1 parent 3c2d7a5 commit 5a3e397
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion pkg/fanal/secret/builtin-rules.go
Original file line number Diff line number Diff line change
Expand Up @@ -604,7 +604,7 @@ var builtinRules = []Rule{
Title: "JWT token",
Severity: "MEDIUM",
Regex: MustCompile(`ey[a-zA-Z0-9]{17,}\.ey[a-zA-Z0-9\/\\_-]{17,}\.(?:[a-zA-Z0-9\/\\_-]{10,}={0,2})?`),
Keywords: []string{"jwt"},
Keywords: []string{".eyJ"},
},
{
ID: "linear-api-token",
Expand Down

0 comments on commit 5a3e397

Please sign in to comment.