17 lines
663 B
JSON
17 lines
663 B
JSON
{
|
|
"id": "stellaops.secrets.generic-password",
|
|
"version": "1.0.0",
|
|
"name": "Generic Password Assignment",
|
|
"description": "Detects hardcoded password assignments in configuration and code",
|
|
"type": "regex",
|
|
"pattern": "(?i)(?:password|passwd|pwd)['\"]?\\s*[:=]\\s*['\"]([^'\"\\s]{8,})['\"]",
|
|
"severity": "high",
|
|
"confidence": "low",
|
|
"keywords": ["password", "passwd", "pwd"],
|
|
"filePatterns": ["*.yml", "*.yaml", "*.json", "*.env", "*.properties", "*.config", "*.xml"],
|
|
"enabled": true,
|
|
"allowlistPatterns": ["\\$\\{", "\\{\\{", "%[A-Z_]+%", "\\$env:", "process\\.env"],
|
|
"tags": ["password", "credentials", "generic"],
|
|
"references": []
|
|
}
|