From c0944c2230e57e7d153e9cfbe08da2a80781dd5a Mon Sep 17 00:00:00 2001 From: Natalee Webb <100899613+nattywombat@users.noreply.github.com> Date: Fri, 23 Jun 2023 08:27:38 -0700 Subject: [PATCH] Adding docs for all new partner patterns (#38349) Co-authored-by: Mariam <15mariams@github.com> Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> Co-authored-by: Kevin Heis --- .../secret-scanning-pattern-table-updates.yml | 1 + data/secret-scanning.yml | 158 +++++++++++++++++- 2 files changed, 158 insertions(+), 1 deletion(-) diff --git a/.github/workflows/secret-scanning-pattern-table-updates.yml b/.github/workflows/secret-scanning-pattern-table-updates.yml index f65ba691ab..3712213537 100644 --- a/.github/workflows/secret-scanning-pattern-table-updates.yml +++ b/.github/workflows/secret-scanning-pattern-table-updates.yml @@ -10,6 +10,7 @@ on: - data/secret-scanning.yml permissions: pull-requests: write + repository-projects: write jobs: Process-secret-scanning-PR: runs-on: ubuntu-latest diff --git a/data/secret-scanning.yml b/data/secret-scanning.yml index 4a78634c76..9a25814b60 100644 --- a/data/secret-scanning.yml +++ b/data/secret-scanning.yml @@ -115,6 +115,19 @@ hasPushProtection: true hasValidityCheck: false +- provider: 'Amazon' + supportedSecret: 'Amazon OAuth Client Secret' + secretType: 'amazon_oauth_client_secret' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>=3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + - provider: 'Amazon Web Services (AWS)' supportedSecret: 'Amazon AWS Access Key ID with Amazon AWS Secret Access Key' secretType: 'aws_access_key_id
aws_secret_access_key' @@ -514,6 +527,19 @@ hasPushProtection: false hasValidityCheck: false +- provider: 'Defined' + supportedSecret: 'Defined Networking Nebula API Key' + secretType: 'defined_networking_nebula_api_key' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>=3.10' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + - provider: 'DevCycle' supportedSecret: 'DevCycle Client API Key' secretType: 'devcycle_client_api_key' @@ -1536,7 +1562,7 @@ ghec: '*' ghes: '>3.8' ghae: '>3.8' - isPublic: false + isPublic: true isPrivateWithGhas: true hasPushProtection: true hasValidityCheck: false @@ -1591,6 +1617,32 @@ hasPushProtection: false hasValidityCheck: false +- provider: 'Mercury' + supportedSecret: 'Mercury Non-Production API Token' + secretType: 'mercury_non_production_api_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>=3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + +- provider: 'Mercury' + supportedSecret: 'Mercury Production API Token' + secretType: 'mercury_production_api_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>=3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + - provider: 'MessageBird' supportedSecret: 'MessageBird API Key' secretType: 'messagebird_api_key' @@ -1773,6 +1825,71 @@ hasPushProtection: false hasValidityCheck: false +- provider: 'OneChronos' + supportedSecret: 'OneChronos API Token' + secretType: 'onechronos_api_key' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>= 3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + +- provider: 'OneChronos' + supportedSecret: 'OneChronos Expressive Bidding API Key' + secretType: 'onechronos_eb_api_key' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>= 3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + +- provider: 'OneChronos' + supportedSecret: 'OneChronos Expressive Bidding Encryption Key' + secretType: 'onechronos_eb_encryption_key' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>= 3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + +- provider: 'OneChronos' + supportedSecret: 'OneChronos OAuth Token' + secretType: 'onechronos_oauth_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>= 3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + +- provider: 'OneChronos' + supportedSecret: 'OneChronos Refresh Token' + secretType: 'onechronos_refresh_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>=3.10' + ghae: '>= 3.10' + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + - provider: 'Onfido' supportedSecret: 'Onfido Live API Token' secretType: 'onfido_live_api_token' @@ -1851,6 +1968,32 @@ hasPushProtection: false hasValidityCheck: false +- provider: 'Pinterest' + supportedSecret: 'Pinterest Access Token' + secretType: 'pinterest_access_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>3.10' + ghae: '>3.10' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + +- provider: 'Pinterest' + supportedSecret: 'Pinterest Refresh Token' + secretType: 'pinterest_refresh_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>3.10' + ghae: '>3.10' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + - provider: 'PlanetScale' supportedSecret: 'PlanetScale Database Password' secretType: 'planetscale_database_password' @@ -2681,6 +2824,19 @@ hasPushProtection: true hasValidityCheck: false +- provider: 'Workato' + supportedSecret: 'Workato Developer API Token' + secretType: 'workato_developer_api_token' + versions: + fpt: '*' + ghec: '*' + ghes: '>3.11' + ghae: '>3.11' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + - provider: 'WorkOS' supportedSecret: 'WorkOS Production API Key' secretType: 'workos_production_api_key'