From 70eff4c697b23c89f9e7320c8df39f45fade7245 Mon Sep 17 00:00:00 2001
From: Sourav Patnaik <souravpatnaik123@gmail.com>
Date: Mon, 4 Dec 2023 21:31:22 +0530
Subject: [PATCH] added support of Docker registry credentials Issue:
 https://github.com/aquasecurity/trivy/issues/5669

---
 pkg/fanal/secret/builtin-rules.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pkg/fanal/secret/builtin-rules.go b/pkg/fanal/secret/builtin-rules.go
index b868967b6696..419c0190b0dc 100644
--- a/pkg/fanal/secret/builtin-rules.go
+++ b/pkg/fanal/secret/builtin-rules.go
@@ -68,6 +68,7 @@ var (
 	CategoryLinkedIn             = types.SecretRuleCategory("LinkedIn")
 	CategoryTwitch               = types.SecretRuleCategory("Twitch")
 	CategoryTypeform             = types.SecretRuleCategory("Typeform")
+	CategoryDocker               = types.SecretRuleCategory("Docker")
 )
 
 // Reusable regex patterns
@@ -792,4 +793,13 @@ var builtinRules = []Rule{
 		SecretGroupName: "secret",
 		Keywords:        []string{"typeform"},
 	},
+	{
+		ID:              "dockerconfig-secret",
+		Category:        CategoryDocker,
+		Title:           "Dockerconfig secret exposed",
+		Severity:        "HIGH",
+		Regex:           MustCompile(`(?i)(\.(dockerconfigjson|dockercfg):\s*\|*\s*(ey|ew)+)`),
+		SecretGroupName: "secret",
+		Keywords:        []string{"dockerconfig"},
+	},
 }