From ec1ca610cf75925b3e5a20aa6d500a5100121706 Mon Sep 17 00:00:00 2001
From: Tobias <10854916+tobiasgyoerfi@users.noreply.github.com>
Date: Fri, 17 May 2024 17:59:56 +0200
Subject: [PATCH 1/5] Adding Databricks PAT rule

Adding Databricks PAT rule
---
 .../data/default/builtin/rules/databricks.yml        | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 crates/noseyparker/data/default/builtin/rules/databricks.yml

diff --git a/crates/noseyparker/data/default/builtin/rules/databricks.yml b/crates/noseyparker/data/default/builtin/rules/databricks.yml
new file mode 100644
index 000000000..e38969a63
--- /dev/null
+++ b/crates/noseyparker/data/default/builtin/rules/databricks.yml
@@ -0,0 +1,12 @@
+rules:
+
+- name: Databricks Personal Access Token
+  id: np.databricks.1
+  pattern: '\b(dapi[a-zA-Z0-9\-]{32})\b'
+
+  references:
+  - https://docs.databricks.com/en/dev-tools/auth/pat.html
+
+  examples:
+  - "DATABRICKS_TOKEN: 'dapicd295a7be286969133e18a58e4afe7bd-3'"
+  - "dapif21ee53d2b3648c2a1ed38953312a203"

From c4a0930a2fe7c04d8ac876a1b1aa3a397484617a Mon Sep 17 00:00:00 2001
From: Tobias <10854916+tobiasgyoerfi@users.noreply.github.com>
Date: Fri, 17 May 2024 18:02:40 +0200
Subject: [PATCH 2/5] Adding Databricks PAT to default ruleset

---
 crates/noseyparker/data/default/builtin/rulesets/default.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crates/noseyparker/data/default/builtin/rulesets/default.yml b/crates/noseyparker/data/default/builtin/rulesets/default.yml
index e122a0177..4f2f89ca7 100644
--- a/crates/noseyparker/data/default/builtin/rulesets/default.yml
+++ b/crates/noseyparker/data/default/builtin/rulesets/default.yml
@@ -34,6 +34,7 @@ rulesets:
   - np.blynk.7        # Blynk Organization Client Secret (URL last)
   - np.codeclimate.1  # CodeClimate
   - np.cratesio.1     # crates.io API Key
+  - np.databricks.1   # Databricks Personal Access Token
   - np.dtrack.1       # Dependency-Track API Key
   - np.digitalocean.1 # DigitalOcean Application Access Token
   - np.digitalocean.2 # DigitalOcean Personal Access Token

From 52021c7f634297010bccc5dc4ffdd7300f85dd3d Mon Sep 17 00:00:00 2001
From: Brad Larsen <bradford.larsen@praetorian.com>
Date: Fri, 17 May 2024 15:27:44 -0400
Subject: [PATCH 3/5] Retrain tests for new rule

---
 ...parker__rules__rules_check_builtins-2.snap |  2 +-
 ...noseyparker__rules__rules_list_json-2.snap | 20 ++++++++++++++++++-
 ...seyparker__rules__rules_list_noargs-2.snap |  3 ++-
 3 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_check_builtins-2.snap b/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_check_builtins-2.snap
index ab83a31b4..c195b70db 100644
--- a/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_check_builtins-2.snap
+++ b/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_check_builtins-2.snap
@@ -2,4 +2,4 @@
 source: crates/noseyparker-cli/tests/rules/mod.rs
 expression: stdout
 ---
-141 rules and 3 rulesets: no issues detected
+142 rules and 3 rulesets: no issues detected
diff --git a/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_json-2.snap b/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_json-2.snap
index 00cb42e38..6e95bd80c 100644
--- a/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_json-2.snap
+++ b/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_json-2.snap
@@ -478,6 +478,24 @@ expression: stdout
         ]
       }
     },
+    {
+      "id": "np.databricks.1",
+      "structural_id": "e4b5256bd60d4d5e84d87cc4288a37354c41ec38",
+      "name": "Databricks Personal Access Token",
+      "syntax": {
+        "name": "Databricks Personal Access Token",
+        "id": "np.databricks.1",
+        "pattern": "\\b(dapi[a-zA-Z0-9\\-]{32})\\b",
+        "examples": [
+          "DATABRICKS_TOKEN: 'dapicd295a7be286969133e18a58e4afe7bd-3'",
+          "dapif21ee53d2b3648c2a1ed38953312a203"
+        ],
+        "negative_examples": [],
+        "references": [
+          "https://docs.databricks.com/en/dev-tools/auth/pat.html"
+        ]
+      }
+    },
     {
       "id": "np.digitalocean.1",
       "structural_id": "f43e1590624961d1a9984818101cb6a91ca00081",
@@ -2822,7 +2840,7 @@ expression: stdout
     {
       "id": "default",
       "name": "Nosey Parker default rules",
-      "num_rules": 120
+      "num_rules": 121
     },
     {
       "id": "np.assets",
diff --git a/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_noargs-2.snap b/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_noargs-2.snap
index 757e51e46..cb789c9ae 100644
--- a/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_noargs-2.snap
+++ b/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_noargs-2.snap
@@ -27,6 +27,7 @@ expression: stdout
  np.blynk.7           Blynk Organization Client Secret (URL last) 
  np.codeclimate.1     CodeClimate Reporter ID 
  np.cratesio.1        crates.io API Key 
+ np.databricks.1      Databricks Personal Access Token 
  np.digitalocean.1    DigitalOcean Application Access Token 
  np.digitalocean.2    DigitalOcean Personal Access Token 
  np.digitalocean.3    DigitalOcean Refresh Token 
@@ -148,6 +149,6 @@ expression: stdout
 
  Ruleset ID   Ruleset Name                         Rules 
 ─────────────────────────────────────────────────────────
- default      Nosey Parker default rules             120 
+ default      Nosey Parker default rules             121 
  np.assets    Nosey Parker asset detection rules      15 
  np.hashes    Nosey Parker password hash rules         6

From 73f08dc268480b55aa0745ab6be36d1947826597 Mon Sep 17 00:00:00 2001
From: Brad Larsen <bradford.larsen@praetorian.com>
Date: Fri, 17 May 2024 15:30:03 -0400
Subject: [PATCH 4/5] Update CHANGELOG

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8a555e0d0..20957095a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -28,6 +28,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - New rules have been added:
 
   - AWS AppSync API Key ([#176](https://github.com/praetorian-inc/noseyparker/pull/176))
+  - Databricks Personal Access Token ([#187](https://github.com/praetorian-inc/noseyparker/pull/187) from @@tobiasgyoerfi)
   - Password Hash (Kerberos 5, etype 23, AS-REP) ([#176](https://github.com/praetorian-inc/noseyparker/pull/176))
 
 ### Changes

From 94c77b40fda24cf5aa7a7a031127c7ac0cb157cc Mon Sep 17 00:00:00 2001
From: Brad Larsen <bradford.larsen@praetorian.com>
Date: Fri, 17 May 2024 15:44:19 -0400
Subject: [PATCH 5/5] Tune Databricks rule for higher signal

---
 .../test_noseyparker__rules__rules_list_json-2.snap  |  8 +++++---
 .../data/default/builtin/rules/databricks.yml        | 12 +++++++++++-
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_json-2.snap b/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_json-2.snap
index 6e95bd80c..3dde695cf 100644
--- a/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_json-2.snap
+++ b/crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_json-2.snap
@@ -480,17 +480,19 @@ expression: stdout
     },
     {
       "id": "np.databricks.1",
-      "structural_id": "e4b5256bd60d4d5e84d87cc4288a37354c41ec38",
+      "structural_id": "652e0e0655c34bb2f8cb9252540f7305f0aaa006",
       "name": "Databricks Personal Access Token",
       "syntax": {
         "name": "Databricks Personal Access Token",
         "id": "np.databricks.1",
-        "pattern": "\\b(dapi[a-zA-Z0-9\\-]{32})\\b",
+        "pattern": "(?x)\n\\b\n(\n  dapi[a-f0-9]{32}\n  (?: -[0-9]+ )?      (?# optional -NUM suffix )\n)\n\\b\n",
         "examples": [
           "DATABRICKS_TOKEN: 'dapicd295a7be286969133e18a58e4afe7bd-3'",
           "dapif21ee53d2b3648c2a1ed38953312a203"
         ],
-        "negative_examples": [],
+        "negative_examples": [
+          "    dapiDataGetTopLongShortPositionRatio (params?: {}): Promise<implicitReturnType>;"
+        ],
         "references": [
           "https://docs.databricks.com/en/dev-tools/auth/pat.html"
         ]
diff --git a/crates/noseyparker/data/default/builtin/rules/databricks.yml b/crates/noseyparker/data/default/builtin/rules/databricks.yml
index e38969a63..7dc6de6b5 100644
--- a/crates/noseyparker/data/default/builtin/rules/databricks.yml
+++ b/crates/noseyparker/data/default/builtin/rules/databricks.yml
@@ -2,7 +2,14 @@ rules:
 
 - name: Databricks Personal Access Token
   id: np.databricks.1
-  pattern: '\b(dapi[a-zA-Z0-9\-]{32})\b'
+  pattern: |
+    (?x)
+    \b
+    (
+      dapi[a-f0-9]{32}
+      (?: -[0-9]+ )?      (?# optional -NUM suffix )
+    )
+    \b
 
   references:
   - https://docs.databricks.com/en/dev-tools/auth/pat.html
@@ -10,3 +17,6 @@ rules:
   examples:
   - "DATABRICKS_TOKEN: 'dapicd295a7be286969133e18a58e4afe7bd-3'"
   - "dapif21ee53d2b3648c2a1ed38953312a203"
+
+  negative_examples:
+  - "    dapiDataGetTopLongShortPositionRatio (params?: {}): Promise<implicitReturnType>;"