• Home
• org.sonarsource.text
• sonar-text-plugin
• 2.20.0.5038
• source code
• postman.yaml

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.sonar.plugins.secrets.configuration.postman.yaml Maven / Gradle / Ivy

provider:
  metadata:
    name: Postman
    category: Web API Management
    message: Make sure this Postman token gets revoked, changed, and removed from the code.

  rules:
    - id: postman-token
      rspecKey: S6771
      metadata:
        name: Postman tokens should not be disclosed
      detection:
        pre:
          include:
            content:
              - PMAK-
        matching:
          pattern: "\\b(PMAK-(?i)[a-f0-9]{24}\\-[a-f0-9]{34})\\b"
      examples:
        - text: |
            X-API-Key': 'PMAK-6502e63761882f002a69f0cb-6d9bc58cd0cc60ff5547f81cf2ca141bb9
          containsSecret: true
          match: PMAK-6502e63761882f002a69f0cb-6d9bc58cd0cc60ff5547f81cf2ca141bb9