Open vimfn opened 2 months ago
I'm not a familiar with Discord tokens, however, it appears the existing GitLeaks rules only check for generic alpha/numeric patterns.
For the test, we used this key:
MTIwMTE0MDk0MDQ2Nzg3MTc1NA.GIA1aR.l4cyaDp557_lJ_AV_wFHanBKwFJlB1KOxfKG6I
I'm guessing that "bot tokens" are a distinct secret that would need to be added, and are not the same as "API keys".
During the use of gitleaks, it was found that it does not detect Discord Bot Tokens.
We found a rule that should check these key types, but it doesn't work:
For the test, we used this key:
MTIwMTE0MDk0MDQ2Nzg3MTc1NA.GIA1aR.l4cyaDp557_lJ_AV_wFHanBKwFJlB1KOxfKG6I
This key in the source code wasn't detected. If you want me to look into it and make a PR with a fix let me know.