From a3ab4e8ac5e3a3dfceb0165febee801b17878f34 Mon Sep 17 00:00:00 2001
From: wayne-snyk <100307369+wayne-snyk@users.noreply.github.com>
Date: Mon, 23 Oct 2023 15:11:37 -0400
Subject: [PATCH] refactor: more explicit rules (#1280)

---
 cmd/generate/config/rules/snyk.go | 18 ++++++++++++++----
 config/gitleaks.toml              |  4 ++--
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/cmd/generate/config/rules/snyk.go b/cmd/generate/config/rules/snyk.go
index 70e3a78ca..6bd51fe3d 100644
--- a/cmd/generate/config/rules/snyk.go
+++ b/cmd/generate/config/rules/snyk.go
@@ -5,25 +5,35 @@ import (
 )
 
 func Snyk() *config.Rule {
+
+	keywords := []string{
+		"snyk_token",
+		"snyk_key",
+		"snyk_api_token",
+		"snyk_api_key",
+		"snyk_oauth_token",
+	}
+
 	// define rule
 	r := config.Rule{
 		Description: "Snyk API token",
 		RuleID:      "snyk-api-token",
 		SecretGroup: 1,
-		Regex:       generateSemiGenericRegex([]string{"snyk"}, hex8_4_4_4_12(), true),
-		Keywords:    []string{"snyk"},
+		Regex:       generateSemiGenericRegex(keywords, hex8_4_4_4_12(), true),
+		Keywords:    keywords,
 	}
 
 	// validate
 	tps := []string{
 		`const SNYK_TOKEN = "12345678-ABCD-ABCD-ABCD-1234567890AB"`, // gitleaks:allow
 		`const SNYK_KEY = "12345678-ABCD-ABCD-ABCD-1234567890AB"`,   // gitleaks:allow
-		`const SNYK = "12345678-ABCD-ABCD-ABCD-1234567890AB"`,       // gitleaks:allow
-		`SNYK = "12345678-ABCD-ABCD-ABCD-1234567890AB"`,             // gitleaks:allow
 		`SNYK_TOKEN := "12345678-ABCD-ABCD-ABCD-1234567890AB"`,      // gitleaks:allow
 		`SNYK_TOKEN ::= "12345678-ABCD-ABCD-ABCD-1234567890AB"`,     // gitleaks:allow
 		`SNYK_TOKEN :::= "12345678-ABCD-ABCD-ABCD-1234567890AB"`,    // gitleaks:allow
 		`SNYK_TOKEN ?= "12345678-ABCD-ABCD-ABCD-1234567890AB"`,      // gitleaks:allow
+		`SNYK_API_KEY ?= "12345678-ABCD-ABCD-ABCD-1234567890AB"`,    // gitleaks:allow
+		`SNYK_API_TOKEN = "12345678-ABCD-ABCD-ABCD-1234567890AB"`,   // gitleaks:allow
+		`SNYK_OAUTH_TOKEN = "12345678-ABCD-ABCD-ABCD-1234567890AB"`, // gitleaks:allow
 	}
 	return validate(r, tps, nil)
 }
diff --git a/config/gitleaks.toml b/config/gitleaks.toml
index a3c7b6571..9bb077b1a 100644
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -2751,10 +2751,10 @@ keywords = [
 [[rules]]
 id = "snyk-api-token"
 description = "Snyk API token"
-regex = '''(?i)(?:snyk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
+regex = '''(?i)(?:snyk_token|snyk_key|snyk_api_token|snyk_api_key|snyk_oauth_token)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
 secretGroup = 1
 keywords = [
-    "snyk",
+    "snyk_token","snyk_key","snyk_api_token","snyk_api_key","snyk_oauth_token",
 ]
 
 [[rules]]