Remove user ids from the check since they get logged a lot and are less sensitive

2026-04-28 02:05:14 +02:00 · 2020-03-27 19:40:00 -04:00
parent d9327705d2
commit 048a33e143
1 changed files with 1 additions and 1 deletions
--- a/java/ql/src/experimental/CWE-532/SensitiveInfoLog.ql
+++ b/java/ql/src/experimental/CWE-532/SensitiveInfoLog.ql
@@ -48,7 +48,7 @@ class CredentialSource extends DataFlow::ExprNode {

 private string getACredentialRegex() {
  result = "(?i).*pass(wd|word|code|phrase)(?!.*question).*" or
-  result = "(?i).*(uid|uuid|puid|username|userid|url).*"
+  result = "(?i).*(username|url).*"
 }

 class SensitiveLoggingSink extends DataFlow::ExprNode {