Closes #

Proposed Changes

• Fully moved rules from gitleaks to our own, to package ruledefine
• Validations that previously occurred, for every rule, every time 2ms ran, now run in unit tests
• Created new rule struct, replacing our previous rule struct that wrapped gitleaks Rule.
• The new Rule struct has all fields that are in practice used by gitleaks Rules; fields which are not used by default rules of gitleaks were not included.
• Added new fields to results:
  • severity - for now High as default for every rule. Rules that can perform validation on their results (eg, github-pat) will bump the severity to Critical if the secret is Valid; and lower the severity to Medium if the secret is Invalid
  • ruleCategory - used to classify and groups rules
  • baseRuleID- a uuid4 that identifies a rule. It will be used in the future to identify a rule even if its ruleID changes.

The purpose of these changes is to allow us to have more control over the rules, in preparation for:

1. Allowing users to create their own rules in the open source tool. In the future the user will be able to define more fields than simply the regex (currently supported with --regex flag)
2. Allowing query editing in Checkmarx One.

Changes to rules

• clojars-api-token - reintroduced entropy to 2, like it is in gitleaks
• github-app-token - reintroduced entropy to 3, like it is in gitleaks
• plaid-client-id - updated entropy from 3 to 3.5, like it is in gitleaks
• vault-service-token - updated regex according to latest version of gitleaks; reintroduced entropy to 3.5, like it is in gitleaks

Checklist

• I covered my changes with tests.
• I Updated the documentation that is affected by my changes:
  • Change in the CLI arguments
  • Change in the configuration file

I submit this contribution under the Apache-2.0 license.