hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-24 16:17:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

Shared: Fix for 'api_tok'.

Browse Source
This commit is contained in:
Geoffrey White
2026-05-06 12:04:59 +01:00
parent b60ce3cf04
commit 213ab902cd
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
rust/ql/test/library-tests/sensitivedata/test.rs
View File

@@ -58,7 +58,7 @@ fn test_passwords(
sink(oauth); // $ sensitive=password
sink(one_time_code); // $ MISSING: sensitive=password
sink(api_token); // $ sensitive=password
sink(api_tok); // $ MISSING: sensitive=password
sink(api_tok); // $ sensitive=password
sink(ms); // $ MISSING: sensitive=password
sink(ms.password.as_str()); // $ sensitive=password

2
shared/concepts/codeql/concepts/internal/SensitiveDataHeuristics.qll
View File

@@ -76,7 +76,7 @@ module HeuristicNames {
string maybePassword() {
result =
"(?is).*(pass(wd|word|code|.?phrase)(?!.*question)|(auth(entication|ori[sz]ation)?).?key|oauth|"
+ "api.?(key|token)|([_-]|\\b)mfa([_-]|\\b)).*"
+ "api.?(key|tok)|([_-]|\\b)mfa([_-]|\\b)).*"
}
/**