Add rule to detect GitLab Feed token
Related issue: https://gitlab.com/gitlab-org/security-products/analyzers/secrets/-/issues/102
What does this MR do?
Add new detection rule for GitLab Feed tokens.
Why this is important?
Anyone who has your token can read activity and issue RSS feeds or your calendar feed as if they were you, including confidential issues.
Example
https://regex101.com/r/A99QS9/1
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added -
If you are adding a new rule, a link to a regex101 example is included in the description -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Dheeraj Joshi