From 273271b462936ab1f84b8bb88f66fa71b216ccec Mon Sep 17 00:00:00 2001
From: Sourav Patnaik <souravpatnaik123@gmail.com>
Date: Wed, 6 Dec 2023 15:37:01 +0530
Subject: [PATCH] add support of GitHub fine-grained tokens Issue:
 https://github.com/aquasecurity/trivy/issues/5650

---
 pkg/fanal/secret/builtin-rules.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pkg/fanal/secret/builtin-rules.go b/pkg/fanal/secret/builtin-rules.go
index 4c434e89253d..f923601abf0b 100644
--- a/pkg/fanal/secret/builtin-rules.go
+++ b/pkg/fanal/secret/builtin-rules.go
@@ -142,6 +142,14 @@ var builtinRules = []Rule{
 		Regex:    MustCompile(`ghr_[0-9a-zA-Z]{76}`),
 		Keywords: []string{"ghr_"},
 	},
+	{
+		ID:       "github_pat",
+		Category: CategoryGitHub,
+		Title:    "GitHub Fine-grained personal access tokens",
+		Severity: "CRITICAL",
+		Regex:    MustCompile(`^github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59}$`),
+		Keywords: []string{"github_pat_"},
+	},
 	{
 		ID:       "gitlab-pat",
 		Category: CategoryGitLab,