v1-prerelease docs

docs/.vitepress/config.mts

@@ -94,8 +94,11 @@ export default defineConfig({
     ],
 
     socialLinks: [
+      { icon: {
+        svg: '<svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 24 24"><path fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M4 3H3v18h1m16 0h1V3h-1M7 9v6m5 0v-3.5a2.5 2.5 0 1 0-5 0v.5m10 3v-3.5a2.5 2.5 0 1 0-5 0v.5"/></svg>'
+      }, link: 'https://matrix.to/#/#intercept:x.netsec.vip' },
       { icon: 'mastodon', link: 'https://netsec.vip/@intercept' },
-      { icon: 'x', link: 'https://matrix.to/#/#intercept:x.netsec.vip' },
+
       { icon: 'github', link: 'https://github.com/xfhg/intercept' },
 
     ],

docs/index.md

@@ -20,20 +20,20 @@ hero:
 features:
   - title: ELEGANT
     details: Multiplatform, Subsecond CI, Low footprint, SARIF output, Webhook Integration
-    icon: 🛸
+
   - title: CODE
     details: REGEX patterns, REGO Policies, CUE Lang Schemas, SERVERSPEC Monitoring
-    icon: 🧬
+
   - title: STANDARD
     details: Policy as Code, No custom languages, Reduced complexity, Industry Standards
-    icon: 📡
 
 
----
 
+---
+<br><br><br><br>
 ##
 
-**INTERCEPT**<Badge type="warning" text="1.0.X" /> is a specialised **DevSecOps toolkit** that provides comprehensive **Application/System/Service/Endpoint** Code Compliance, Security Testing and Monitoring capabilities. It's engineered to help development and security teams swiftly identify and mitigate vulnerabilities/misconfigurations/leaks in both code, API endpoints, running services or system configurations. It is an essential tool for all stages of your software development lifecycle.
+**INTERCEPT**<Badge type="warning" text="v1.0.X" /> is a specialised **DevSecOps toolkit** that provides comprehensive **Application/System/Service/Endpoint** Code Compliance, Security Testing and Monitoring capabilities. It's engineered to help development and security teams swiftly identify and mitigate vulnerabilities/misconfigurations/leaks in both code, API endpoints, running services or system configurations. It is an essential tool for all stages of your software development lifecycle.
 
 
 ### Full software lifecycle compliance in a heartbeat:
@@ -45,7 +45,7 @@ docker pull ghcr.io/xfhg/intercept:latest-$OS-$ARCH
 
 #### Check our [sandbox](docs/sandbox) after mastering the [basic concepts](docs/basics)
 
-<br><br><br><br><br><br><br>
+<br><br><br><br><br><br><br><br><br>
 <h4 align="center" class="details">Trusted by the coolest teams at</h4>
 <p align="center"> 
 

playground/policies/test_ignore.yaml

@@ -1,8 +1,8 @@
 Config:
   Flags:
     ignore: 
-      - "*.yml"
-      - "ignorethisfolder/"
+      - "*.yaml"
+      - "submodules/"
       - "*.codes"
 Policies:
   - id: "SCAN-001 Private Keys"
@@ -33,3 +33,32 @@ Policies:
       - \s*(-----BEGIN EC PRIVATE KEY-----)
       - \s*(-----BEGIN OPENSSH PRIVATE KEY-----)
       - \s*(-----BEGIN PGP PRIVATE KEY BLOCK-----)
+
+  - id: "SCAN-002 Private Keys"
+    type: "scan"
+    filepattern: "^.*\\.code$"
+    enforcement:
+      - environment: "production"
+        fatal: "true"
+        exceptions: "false"
+        confidence: "high"
+      - environment: "development"
+        fatal: "true"
+        exceptions: "false"
+        confidence: "high"
+    metadata:
+      name: "Detect private keys"
+      description: "Generic long description for (metadata) policy"
+      msg_solution: "Generic solution message to production issue."
+      msg_error: "Generic error message for production issue"
+      tags:
+        - "security"
+        - "encryption"
+      score: "9"
+    _regex:
+      - \s*(-----BEGIN PRIVATE KEY-----)
+      - \s*(-----BEGIN RSA PRIVATE KEY-----)
+      - \s*(-----BEGIN DSA PRIVATE KEY-----)
+      - \s*(-----BEGIN EC PRIVATE KEY-----)
+      - \s*(-----BEGIN OPENSSH PRIVATE KEY-----)
+      - \s*(-----BEGIN PGP PRIVATE KEY BLOCK-----)