feat: update hubspot rules

cmd/generate/config/main.go

@@ -102,7 +102,9 @@ func main() {
 		rules.Hashicorp(),
 		rules.HashicorpField(),
 		rules.Heroku(),
-		rules.HubSpot(),
+		rules.HubSpotAPIKey(),
+		rules.HubSpotPrivateAppAccessToken(),
+		rules.HubSpotDeveloperAPIKey(),
 		rules.HuggingFaceAccessToken(),
 		rules.HuggingFaceOrganizationApiToken(),
 		rules.Intercom(),

cmd/generate/config/rules/hubspot.go

@@ -4,7 +4,7 @@ import (
 	"github.com/zricethezav/gitleaks/v8/config"
 )
 
-func HubSpot() *config.Rule {
+func HubSpotAPIKey() *config.Rule {
 	// define rule
 	r := config.Rule{
 		Description: "Found a HubSpot API Token, posing a risk to CRM data integrity and unauthorized marketing operations.",
@@ -21,3 +21,42 @@ func HubSpot() *config.Rule {
 	}
 	return validate(r, tps, nil)
 }
+
+func HubSpotPrivateAppAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		Description: "Found a HubSpot Private App API Token, posing a risk to CRM data integrity and unauthorized marketing operations.",
+		RuleID:      "hubspot-private-app-access-token",
+		Regex: generateSemiGenericRegex([]string{"hubspot"},
+			`[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}`, true),
+
+		Keywords: []string{"hubspot"},
+	}
+
+	// validate
+	tps := []string{
+		`const hubspotKey = "pat-eu1-12345678-ABCD-ABCD-ABCD-1234567890AB"`, // gitleaks:allow
+	}
+	return validate(r, tps, nil)
+}
+
+func HubSpotDeveloperAPIKey() *config.Rule {
+	// define rule
+	r := config.Rule{
+		Description: "Found a HubSpot Private App API Token, posing a risk to CRM data integrity and unauthorized marketing operations.",
+		RuleID:      "hubspot-developer-access-token",
+		Regex: generateSemiGenericRegex(
+			[]string{"hubspot"},
+			`(?:eu|na)/d-[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12)`,
+			true,
+		),
+
+		Keywords: []string{"hubspot"},
+	}
+
+	// validate
+	tps := []string{
+		`const hubspotKey = "eu1-1234-ABCD-1234-ABCD-1234567890AB"`, // gitleaks:allow
+	}
+	return validate(r, tps, nil)
+}