rust-sanitize 0.11.0

Deterministic one-way data sanitization engine
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

# AWS CLI — access key IDs, session tokens

# AWS access key ID (AKIA = long-term, ABIA = STS assumed role, ACCA = cognito, ASIA = STS temporary)
- kind: regex
  pattern: '\b((?:AKIA|ABIA|ACCA|ASIA)[A-Z0-9]{16})\b'
  category: auth_token
  label: aws_access_key_id

# Context-keyed secret access key (40-char base64url-like string)
- kind: regex
  pattern: '(?i)(?:aws_secret_access_key|aws_secret|secret_access_key)[\s:="'']+([A-Za-z0-9+/]{40})\b'
  category: auth_token
  label: aws_secret_access_key

# AWS session token (temporary credentials, long base64 blob)
- kind: regex
  pattern: '(?i)(?:aws_session_token|aws_security_token)[\s:="'']+([A-Za-z0-9+/]{100,}={0,2})'
  category: auth_token
  label: aws_session_token

- kind: allow
  values:
    - "aws"
    - "aws-cli"
    - "amazonaws.com"
    - "aws.amazon.com"
    - "us-east-1"
    - "us-east-2"
    - "us-west-1"
    - "us-west-2"
    - "eu-west-1"
    - "eu-west-2"
    - "eu-west-3"
    - "eu-central-1"
    - "eu-north-1"
    - "ap-southeast-1"
    - "ap-southeast-2"
    - "ap-northeast-1"
    - "ap-northeast-2"
    - "ap-south-1"
    - "ca-central-1"
    - "sa-east-1"
    - "true"
    - "false"
    - "yes"
    - "no"
    - "null"
    - "none"
    - "nil"
    - "0"
    - "1"
    - "localhost"
    - "127.0.0.1"
    - "0.0.0.0"
    - "::1"
    - "changeme"
    - "example"
    - "sample"
    - "placeholder"
    - "${*}"
    - "{{*}}"
    - "example.com"
    - "example.org"
    - "00000000-0000-0000-0000-000000000000"
    - "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
    - "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa"
    - "12345678-1234-1234-1234-123456789abc"