github
diff --git a/‎lib/analyze-action-post.js‎
Lines changed: 10 additions & 10 deletions b/‎lib/analyze-action-post.js‎
Lines changed: 10 additions & 10 deletions
diff --git a/‎lib/init-action-post.js‎
Lines changed: 10 additions & 10 deletions b/‎lib/init-action-post.js‎
Lines changed: 10 additions & 10 deletions
diff --git a/‎lib/start-proxy-action-post.js‎
Lines changed: 10 additions & 10 deletions b/‎lib/start-proxy-action-post.js‎
Lines changed: 10 additions & 10 deletions
diff --git a/‎lib/upload-sarif-action-post.js‎
Lines changed: 10 additions & 10 deletions b/‎lib/upload-sarif-action-post.js‎
Lines changed: 10 additions & 10 deletions
diff --git a/‎src/artifact-scanner.ts‎
Lines changed: 30 additions & 11 deletions b/‎src/artifact-scanner.ts‎
Lines changed: 30 additions & 11 deletions
@@ -7,37 +7,56 @@ import * as exec from "@actions/exec";
 import { Logger } from "./logging";
 import { getErrorMessage } from "./util";
 
+/**
+ * Enumerates known types of GitHub token formats.
+ */
+export enum TokenType {
+  PersonalAccessClassic = "Personal Access Token (Classic)",
+  PersonalAccessFineGrained = "Personal Access Token (Fine-grained)",
+  OAuth = "OAuth Access Token",
+  UserToServer = "User-to-Server Token",
+  ServerToServer = "Server-to-Server Token",
+  Refresh = "Refresh Token",
+  AppInstallationAccess = "App Installation Access Token",
+}
+
+/** A value of this type associates a token type with its pattern. */
+export interface TokenPattern {
+  type: TokenType;
+  pattern: RegExp;
+}
+
 /**
  * GitHub token patterns to scan for.
  * These patterns match various GitHub token formats.
  */
-const GITHUB_TOKEN_PATTERNS = [
+const GITHUB_TOKEN_PATTERNS: TokenPattern[] = [
   {
-    name: "Personal Access Token (Classic)",
+    type: TokenType.PersonalAccessClassic,
     pattern: /\bghp_[a-zA-Z0-9]{36}\b/g,
   },
   {
-    name: "Personal Access Token (Fine-grained)",
+    type: TokenType.PersonalAccessFineGrained,
     pattern: /\bgithub_pat_[a-zA-Z0-9_]+\b/g,
   },
   {
-    name: "OAuth Access Token",
+    type: TokenType.OAuth,
     pattern: /\bgho_[a-zA-Z0-9]{36}\b/g,
   },
   {
-    name: "User-to-Server Token",
+    type: TokenType.UserToServer,
     pattern: /\bghu_[a-zA-Z0-9]{36}\b/g,
   },
   {
-    name: "Server-to-Server Token",
+    type: TokenType.ServerToServer,
     pattern: /\bghs_[a-zA-Z0-9]{36}\b/g,
   },
   {
-    name: "Refresh Token",
+    type: TokenType.Refresh,
     pattern: /\bghr_[a-zA-Z0-9]{36}\b/g,
   },
   {
-    name: "App Installation Access Token",
+    type: TokenType.AppInstallationAccess,
     pattern: /\bghs_[a-zA-Z0-9]{255}\b/g,
   },
 ];
@@ -69,13 +88,13 @@ function scanFileForTokens(
   try {
     const content = fs.readFileSync(filePath, "utf8");
 
-    for (const { name, pattern } of GITHUB_TOKEN_PATTERNS) {
+    for (const { type, pattern } of GITHUB_TOKEN_PATTERNS) {
       const matches = content.match(pattern);
       if (matches) {
         for (let i = 0; i < matches.length; i++) {
-          findings.push({ tokenType: name, filePath: relativePath });
+          findings.push({ tokenType: type, filePath: relativePath });
         }
-        logger.debug(`Found ${matches.length} ${name}(s) in ${relativePath}`);
+        logger.debug(`Found ${matches.length} ${type}(s) in ${relativePath}`);
       }
     }