From 31ef9e60b27de7de67de6c690964cdcc5ece2ebe Mon Sep 17 00:00:00 2001 From: Brad Larsen Date: Tue, 7 Feb 2023 16:35:05 -0500 Subject: [PATCH] Add rule for Figma personal access tokens --- CHANGELOG.md | 1 + data/default/rules/figma.yml | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 data/default/rules/figma.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index 32413575d..678572fde 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - DigitalOcean Application Access Token - DigitalOcean Personal Access Token - DigitalOcean Refresh Token + - Figma Personal Access Token - GitLab Personal Access Token - GitLab Pipeline Trigger Token - GitLab Runner Registration Token diff --git a/data/default/rules/figma.yml b/data/default/rules/figma.yml new file mode 100644 index 000000000..6a5ebe1bf --- /dev/null +++ b/data/default/rules/figma.yml @@ -0,0 +1,25 @@ +rules: + +- name: Figma Personal Access Token + + # The key material looks like a v4 UUID with an extra 4 hex digits up front + pattern: | + (?x)(?i) + figma.{0,20} + \b + ( + [0-9a-f]{4}- + [0-9a-f]{8}- + [0-9a-f]{4}- + [0-9a-f]{4}- + [0-9a-f]{4}- + [0-9a-f]{12} + ) + \b + + references: + - https://www.figma.com/developers/api + - https://www.figma.com/developers/api#access-tokens + + examples: + - "--header='X-Figma-Token: 1394-0ca7a5be-8e22-40ee-8c40-778d41ab2313'"