Linting refactor to make yamllint happy

2020-05-25 17:22:12 +05:30 · 2020-05-25 17:22:12 +05:30 · 1758728197
parent 10145eae51
commit 1758728197
7 changed files with 116 additions and 116 deletions
--- a/.github/workflows/syntax-checking.yml
+++ b/.github/workflows/syntax-checking.yml
@ -1,17 +1,19 @@
 name: syntax-checking
-on:
+"on":
  push:
-    branches: [ master ]
+    branches:
      - master
  pull_request:
-    branches: [ master ]
+    branches:
      - master
 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
-    - name: 'Yamllint'
+      - name: Yamllint
        uses: karancode/yamllint-github-action@master
        with:
          yamllint_config_filepath: .yamllint
--- a/basic-detections/general-tokens.yaml
+++ b/basic-detections/general-tokens.yaml
@ -1,7 +1,5 @@
 id: general-tokens
 #this will create a huge load of false positive
 info:
  name: General Tokens
  author: nadino
@ -10,23 +8,23 @@ info:
 requests:
  - method: GET
    path:
-      - "{{BaseURL}}"
+      - '{{BaseURL}}'
    matchers:
      - type: dsl
        dsl:
-        - 'regex("TOKEN[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))'                  #any TOKEN word
+          - regex("TOKEN[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
-        - 'regex("API[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))'                    #any API word
+          - regex("API[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
-        - 'regex("KEY[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))'                    #any KEY word
+          - regex("KEY[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
-        - 'regex("SECRET[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))'                 #any SECRET word
+          - regex("SECRET[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
-        - 'regex("AUTHORIZATION[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))'          #any AUTHORIZATION word
+          - regex("AUTHORIZATION[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
-        - 'regex("PASSWORD[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))'               #any PASSWORD word
+          - regex("PASSWORD[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
    extractors:
      - type: regex
        part: body
        regex:
-          - "(T|t)(O|o)(K|k)(E|e)(N|n)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)+( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
+          - (T|t)(O|o)(K|k)(E|e)(N|n)[\-|_|A-Za-z0-9]*(\''|")?( )*(:|=)+()*(\''|")?[ 0-9A-Za-z\-_]+(\''|")?
-          - "(A|a)(P|p)(Ii)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
+          - (A|a)(P|p)(Ii)[\-|_|A-Za-z0-9]*(\''|")?( )*(:|=)( )*(\''|")?[0-9A-Za-z\-_]+(\''|")?
-          - "(K|k)(E|e)(Y|y)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
+          - (K|k)(E|e)(Y|y)[\-|_|A-Za-z0-9]*(\''|")?( )*(:|=)( )*(\''|")?[0-9A-Za-z\-_]+(\''|")?
-          - "(S|s)(E|e)(C|c)(R|r)(E|e)(T|t)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
+          - (S|s)(E|e)(C|c)(R|r)(E|e)(T|t)[\-|_|A-Za-z0-9]*(\''|")?( )*(:|=)()*(\''|")?[ 0-9A-Za-z\-_]+(\''|")?
-          - "(A|a)(U|u)(T|t)(H|h)(O|o)(R|r)(I|i)(Z|z)(A|a)(T|t)(I|i)(O|o)(N|n)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
+          - (A|a)(U|u)(T|t)(H|h)(O|o)(R|r)(I|i)(Z|z)(A|a)(T|t)(I|i)(O|o)(N|n)[\-|_|A-Za-z0-9]*(\''|")?()*(:|=)( )*(\''|")?[ 0-9A-Za-z\-_]+(\''|")?
-          - "(P|p)(A|a)(S|s)(S|s)(W|w)(O|o)(R|r)(D|d)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
+          - (P|p)(A|a)(S|s)(S|s)(W|w)(O|o)(R|r)(D|d)[\-|_|A-Za-z0-9]*(\''|")?()*(:|=)( )*(\''|")?[ 0-9A-Za-z\-_]+(\''|")?
--- a/security-misconfiguration/basic-cors.yaml
+++ b/security-misconfiguration/basic-cors.yaml
@ -10,7 +10,7 @@ requests:
    path:
      - "{{BaseURL}}"
    headers:
-      Origin: https://evil.com
+      Origin: "https://evil.com"
    matchers:
      - type: word
        words:
--- a/subdomain-takeover/detect-all-takeovers.yaml
+++ b/subdomain-takeover/detect-all-takeovers.yaml
@ -163,7 +163,7 @@ requests:
      - type: word
        name: helpscout
        words:
-        - 'No settings were found for this company:'
+          - "No settings were found for this company:"
      - type: word
        name: cargo
--- a/tokens/slack-access-token.yaml
+++ b/tokens/slack-access-token.yaml
@ -1,7 +1,7 @@
 id: slack-access-token
-#xoxp-702234529XXX-688970480XXX-109182524XXXX-87fa5b4d2e62ac5c16fc6ea93bXXXXXX
+# xoxp-702234529XXX-688970480XXX-109182524XXXX-87fa5b4d2e62ac5c16fc6ea93bXXXXXX
-#xoxb-702234529XXX-1076883857XXX-Ou9aRuvtFZ4DuTsepevXXXXX
+# xoxb-702234529XXX-1076883857XXX-Ou9aRuvtFZ4DuTsepevXXXXX
 info:
  name: Slack access token
--- a/vulnerabilities/cached-aem-pages.yaml
+++ b/vulnerabilities/cached-aem-pages.yaml
@ -4,7 +4,7 @@ info:
  name: Invalidate / Flush Cached Pages From AEM
  author: hetroublemakr
  severity: low
-  #reference: @AEMSecurity
+  # reference: @AEMSecurity
 requests:
  - method: GET