save progress

2026-01-04 14:54:52 +02:00
parent c49b03a254
commit 3098e84de4
132 changed files with 19783 additions and 31 deletions
--- a/offline/rules/secrets/sources/jwt-secret.json
+++ b/offline/rules/secrets/sources/jwt-secret.json
@@ -0,0 +1,17 @@
+{
+  "id": "stellaops.secrets.jwt-secret",
+  "version": "1.0.0",
+  "name": "JWT Secret Key",
+  "description": "Detects JWT secret keys in configuration",
+  "type": "regex",
+  "pattern": "(?i)(?:jwt[_-]?secret|jwt[_-]?key|secret[_-]?key)['\"]?\\s*[:=]\\s*['\"]?([A-Za-z0-9+/=_-]{32,})['\"]?",
+  "severity": "high",
+  "confidence": "medium",
+  "keywords": ["jwt_secret", "jwt_key", "secret_key", "JWT"],
+  "filePatterns": ["*.yml", "*.yaml", "*.json", "*.env", "*.properties", "*.config", "appsettings.json"],
+  "enabled": true,
+  "tags": ["jwt", "authentication", "credentials"],
+  "references": [
+    "https://jwt.io/introduction"
+  ]
+}