From 2622528e47a48417f49ddbface34d406aead5344 Mon Sep 17 00:00:00 2001
From: Hendrik Buchwald <hendrik.buchwald@sonarsource.com>
Date: Thu, 14 Nov 2024 15:20:31 +0100
Subject: [PATCH] Update config

---
 rules/S7168/secrets/metadata.json |  2 +-
 rules/S7168/secrets/rule.adoc     | 27 ++++++---------------------
 2 files changed, 7 insertions(+), 22 deletions(-)

diff --git a/rules/S7168/secrets/metadata.json b/rules/S7168/secrets/metadata.json
index 42b1643964e..aaad1ce4323 100644
--- a/rules/S7168/secrets/metadata.json
+++ b/rules/S7168/secrets/metadata.json
@@ -1,5 +1,5 @@
 {
-  "title": "SECRET_TYPE should not be disclosed",
+  "title": "DigitalOcean API tokens should not be disclosed",
   "type": "VULNERABILITY",
   "code": {
     "impacts": {
diff --git a/rules/S7168/secrets/rule.adoc b/rules/S7168/secrets/rule.adoc
index 28f3a64def8..6dbf9ca6314 100644
--- a/rules/S7168/secrets/rule.adoc
+++ b/rules/S7168/secrets/rule.adoc
@@ -7,21 +7,14 @@ include::../../../shared_content/secrets/rationale.adoc[]
 
 === What is the potential impact?
 
-// Optional: Give a general description of the secret and what it's used for.
-
 Below are some real-world scenarios that illustrate some impacts of an attacker
 exploiting the secret.
 
-// Set value that can be used to refer to the type of secret in, for example:
-// "An attacker can use this {secret_type} to ..."
-:secret_type: secret
+:secret_type: API token
 
-// Where possible, use predefined content for common impacts. This content can
-// be found in the folder "shared_content/secrets/impact".
-// When using predefined content, search for any required variables to be set and include them in this file.
-// Not adding them will not trigger warnings.
+include::../../../shared_content/secrets/impact/infrastructure_takeover.adoc[]
 
-//include::../../../shared_content/secrets/impact/some_impact.adoc[]
+include::../../../shared_content/secrets/impact/data_compromise.adoc[]
 
 == How to fix it
 
@@ -31,20 +24,12 @@ include::../../../shared_content/secrets/fix/vault.adoc[]
 
 === Code examples
 
-:example_secret: example_secret_value
-:example_name: java-property-name
-:example_env: ENV_VAR_NAME
+:example_secret: dop_v1_53918d3cd735062ca6ea791427910af10cf595f18dc6016c1cb1c3a11abcae84
+:example_name: digitalocean-api-token
+:example_env: DIGITALOCEAN_API_TOKEN
 
 include::../../../shared_content/secrets/examples.adoc[]
 
-//=== How does this work?
-
-//=== Pitfalls
-
-//=== Going the extra mile
-
 == Resources
 
 include::../../../shared_content/secrets/resources/standards.adoc[]
-
-//=== Benchmarks