keyhog-core 0.5.4

# Docs: https://developers.upcloud.com/1-introduction/
# Format: Username is alphanumeric, Password is user-defined (8-256 chars with complexity requirements)
# Verify: GET /1.3/account with Basic auth returns 200 if valid
# Prefix: none (requires context anchoring for username, password has no pattern)

[detector]
id = "upcloud-api-credentials"
name = "UpCloud API Credentials"
service = "upcloud"
severity = "critical"
keywords = ["UPCLOUD_USERNAME", "UPCLOUD_PASSWORD", "upcloud"]

[[detector.patterns]]
regex = "(?:UPCLOUD_USERNAME|upcloud_username)[=:\\s\"'']+([a-z0-9_]+)"
description = "UpCloud API username with context anchor"
group = 1

[[detector.patterns]]
regex = "(?:UPCLOUD_PASSWORD|upcloud_password)[=:\\s\"'']+([A-Za-z0-9!@#$%^&*()_+\\-=\\[\\]{};\\'\":\"\\\\|,.<>/?]{8,256})"
description = "UpCloud API password with context anchor"
group = 1

[[detector.companions]]
name = "upcloud_username"
regex = "(?:UPCLOUD_USERNAME|upcloud_username)[=:\\s\"'']+([a-z0-9_]+)"
within_lines = 3