Lower the precision of a range of harcoded password queries to remove them from query suites.

2025-12-16 16:53:25 +01:00 · 2025-05-16 11:58:15 +02:00
parent d7e07b0b2d
commit 03ecd24469
11 changed files with 11 additions and 11 deletions
--- a/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
+++ b/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
@@ -4,7 +4,7 @@
 * @kind problem
 * @problem.severity warning
 * @security-severity 7.5
- * @precision medium
+ * @precision low
 * @id cs/password-in-configuration
 * @tags security
 *       external/cwe/cwe-013
--- a/Features/CWE-798/HardcodedConnectionString.ql
+++ b/Features/CWE-798/HardcodedConnectionString.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id cs/hardcoded-connection-string-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/Features/CWE-798/HardcodedCredentials.ql
+++ b/Features/CWE-798/HardcodedCredentials.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id cs/hardcoded-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/go/ql/src/Security/CWE-798/HardcodedCredentials.ql
+++ b/go/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -5,7 +5,7 @@
 * @kind problem
 * @problem.severity warning
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id go/hardcoded-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsApiCall.ql
+++ b/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsApiCall.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id java/hardcoded-credential-api-call
 * @tags security
 *       external/cwe/cwe-798
--- a/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
+++ b/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
@@ -4,7 +4,7 @@
 * @kind problem
 * @problem.severity warning
 * @security-severity 7.5
- * @precision medium
+ * @precision low
 * @id js/password-in-configuration-file
 * @tags security
 *       external/cwe/cwe-256
--- a/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
+++ b/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -5,7 +5,7 @@
 * @kind path-problem
 * @problem.severity warning
 * @security-severity 9.8
- * @precision high
+ * @precision low
 * @id js/hardcoded-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
+++ b/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id py/hardcoded-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
+++ b/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 9.8
- * @precision medium
+ * @precision low
 * @id rb/hardcoded-credentials
 * @tags security
 *       external/cwe/cwe-259
--- a/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
+++ b/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 6.8
- * @precision high
+ * @precision low
 * @id swift/constant-password
 * @tags security
 *       external/cwe/cwe-259
--- a/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
+++ b/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
@@ -4,7 +4,7 @@
 * @kind path-problem
 * @problem.severity error
 * @security-severity 8.1
- * @precision high
+ * @precision low
 * @id swift/hardcoded-key
 * @tags security
 *       external/cwe/cwe-321