diff --git a/.github/workflows/secret-scanning-pattern-table-updates.yml b/.github/workflows/secret-scanning-pattern-table-updates.yml index f65ba691ab..3712213537 100644 --- a/.github/workflows/secret-scanning-pattern-table-updates.yml +++ b/.github/workflows/secret-scanning-pattern-table-updates.yml @@ -10,6 +10,7 @@ on: - data/secret-scanning.yml permissions: pull-requests: write + repository-projects: write jobs: Process-secret-scanning-PR: runs-on: ubuntu-latest diff --git a/data/secret-scanning.yml b/data/secret-scanning.yml index 4a78634c76..9a25814b60 100644 --- a/data/secret-scanning.yml +++ b/data/secret-scanning.yml @@ -115,6 +115,19 @@ hasPushProtection: true hasValidityCheck: false +- provider: 'Amazon' + supportedSecret: 'Amazon OAuth Client Secret' + secretType: 'amazon_oauth_client_secret' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>=3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + - provider: 'Amazon Web Services (AWS)' supportedSecret: 'Amazon AWS Access Key ID with Amazon AWS Secret Access Key' secretType: 'aws_access_key_id
aws_secret_access_key' @@ -514,6 +527,19 @@ hasPushProtection: false hasValidityCheck: false +- provider: 'Defined' + supportedSecret: 'Defined Networking Nebula API Key' + secretType: 'defined_networking_nebula_api_key' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>=3.10' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + - provider: 'DevCycle' supportedSecret: 'DevCycle Client API Key' secretType: 'devcycle_client_api_key' @@ -1536,7 +1562,7 @@ ghec: '*' ghes: '>3.8' ghae: '>3.8' - isPublic: false + isPublic: true isPrivateWithGhas: true hasPushProtection: true hasValidityCheck: false @@ -1591,6 +1617,32 @@ hasPushProtection: false hasValidityCheck: false +- provider: 'Mercury' + supportedSecret: 'Mercury Non-Production API Token' + secretType: 'mercury_non_production_api_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>=3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + +- provider: 'Mercury' + supportedSecret: 'Mercury Production API Token' + secretType: 'mercury_production_api_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>=3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + - provider: 'MessageBird' supportedSecret: 'MessageBird API Key' secretType: 'messagebird_api_key' @@ -1773,6 +1825,71 @@ hasPushProtection: false hasValidityCheck: false +- provider: 'OneChronos' + supportedSecret: 'OneChronos API Token' + secretType: 'onechronos_api_key' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>= 3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + +- provider: 'OneChronos' + supportedSecret: 'OneChronos Expressive Bidding API Key' + secretType: 'onechronos_eb_api_key' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>= 3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + +- provider: 'OneChronos' + supportedSecret: 'OneChronos Expressive Bidding Encryption Key' + secretType: 'onechronos_eb_encryption_key' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>= 3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + +- provider: 'OneChronos' + supportedSecret: 'OneChronos OAuth Token' + secretType: 'onechronos_oauth_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>= 3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + +- provider: 'OneChronos' + supportedSecret: 'OneChronos Refresh Token' + secretType: 'onechronos_refresh_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>= 3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + - provider: 'Onfido' supportedSecret: 'Onfido Live API Token' secretType: 'onfido_live_api_token' @@ -1851,6 +1968,32 @@ hasPushProtection: false hasValidityCheck: false +- provider: 'Pinterest' + supportedSecret: 'Pinterest Access Token' + secretType: 'pinterest_access_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>3.10' + ghae: '>3.10' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + +- provider: 'Pinterest' + supportedSecret: 'Pinterest Refresh Token' + secretType: 'pinterest_refresh_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>3.10' + ghae: '>3.10' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + - provider: 'PlanetScale' supportedSecret: 'PlanetScale Database Password' secretType: 'planetscale_database_password' @@ -2681,6 +2824,19 @@ hasPushProtection: true hasValidityCheck: false +- provider: 'Workato' + supportedSecret: 'Workato Developer API Token' + secretType: 'workato_developer_api_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>3.11' + ghae: '>3.11' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + - provider: 'WorkOS' supportedSecret: 'WorkOS Production API Key' secretType: 'workos_production_api_key'