Check for GitLab tokens
Opened this issue · 0 comments
mueller-ma commented
Summary
According to the Readme there's no check for GitLab tokens.
Desired Behaviour
The behaviour for leaked GitLab tokens should be similar to other leaked tokens.
Possible Solution
Token prefixes are listed in the docs: https://docs.gitlab.com/ee/security/token_overview.html#token-prefixes
Additional context
I'm using https://github.com/kubewarden/env-variable-secrets-scanner-policy to scan Kubernetes enviroment variables for secrets and I want to ensure they don't contain GitLab tokens.