From c52fb76da2cab5e902124a41f204d5ede0b418b5 Mon Sep 17 00:00:00 2001
From: Allen <allen.burgess1@nhs.net>
Date: Tue, 13 Feb 2024 08:41:47 +0000
Subject: [PATCH] mesh-2025: added new secret scanning patterns

---
 .gitallowed    | 6 +++++-
 .gitdisallowed | 5 +++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/.gitallowed b/.gitallowed
index 31996d2..efff7cd 100644
--- a/.gitallowed
+++ b/.gitallowed
@@ -11,4 +11,8 @@
 
 String token = _validateToken
 token = token
-token = find.byKey\(const Key\('token'\)\)
\ No newline at end of file
+token = find.byKey\(const Key\('token'\)\)
+
+.*(GITHUB|SONAR)_TOKEN: \$\{\{ secrets.(GITHUB|SONAR)_TOKEN \}\}
+.*final mailboxPassword = find.byKey\(const Key\('mailbox_password'\)\);
+.*final (_validateToken|_generatedToken|_mailboxPassword) = TextEditingController\(\);
diff --git a/.gitdisallowed b/.gitdisallowed
index 937e835..ac9c0ec 100644
--- a/.gitdisallowed
+++ b/.gitdisallowed
@@ -14,7 +14,8 @@ AIza[0-9A-Za-z\\-_]{35}
 -----BEGIN[[:blank:]]CERTIFICATE-----
 [0-9a-fA-F]{1,4}:[0-9a-fA-F]{1,4}:[0-9a-fA-F]{1,4}:[0-9a-fA-F]{1,4}:[0-9a-fA-F]{1,4}:[0-9a-fA-F]{1,4}:[0-9a-fA-F]{1,4}:[0-9a-fA-F]{1,4}
 (CLIENT|client|Client)(_|\s)(SECRET|secret|Secret)\s*(:|=>|=)\s*("|')?(\{)?[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12}(\})?("|')?
-("|'?)[Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd]("|'?)\s*(=|:)\s*.+
-("|'?)[Tt][Oo][Kk][Ee][Nn]("|'?)\s*(=|:)\s*.+
+.*("|'?)[Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd](S|s?)("|'?)\s*(=|:)\s*.+
+.*("|'?)[Tt][Oo][Kk][Ee][Nn]("|'?)(S|s?)\s*(=|:)\s*.+
+.*("|'?)[Ss][Ee][Cc][Rr][Ee][Tt](S|s?)("|'?)\s*(=|:)\s*.+
 
 ###_NOTE_REMOVED_PREVIOUS_IP_RULE_:[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}###