From bf64003ac8b209f34b88f228918a96d4f9dac5e0 Mon Sep 17 00:00:00 2001
From: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Date: Fri, 30 Aug 2024 13:15:10 +0600
Subject: [PATCH] fix(secret): use `.eyJ` keyword for JWT secret (#7410)

---
 pkg/fanal/secret/builtin-rules.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/fanal/secret/builtin-rules.go b/pkg/fanal/secret/builtin-rules.go
index 9cb0aa361025..a83d8eba35ba 100644
--- a/pkg/fanal/secret/builtin-rules.go
+++ b/pkg/fanal/secret/builtin-rules.go
@@ -604,7 +604,7 @@ var builtinRules = []Rule{
 		Title:    "JWT token",
 		Severity: "MEDIUM",
 		Regex:    MustCompile(`ey[a-zA-Z0-9]{17,}\.ey[a-zA-Z0-9\/\\_-]{17,}\.(?:[a-zA-Z0-9\/\\_-]{10,}={0,2})?`),
-		Keywords: []string{"jwt"},
+		Keywords: []string{".eyJ"},
 	},
 	{
 		ID:       "linear-api-token",