apply changes from @erik-krogh

2026-04-27 17:55:19 +02:00 · 2024-08-01 20:14:36 +02:00
parent b360c8adb8
commit 354fcbe7fe
3 changed files with 25 additions and 53 deletions
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsCustomizations.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsCustomizations.qll
@@ -4,6 +4,7 @@
 * own.
 */

+import semmle.javascript.filters.ClassifyFiles
 import javascript
 private import semmle.javascript.security.SensitiveActions

@@ -38,5 +39,9 @@ module HardcodedCredentials {
   */
  class DefaultCredentialsSink extends Sink instanceof CredentialsNode {
    override string getKind() { result = super.getCredentialsKind() }
+
+    DefaultCredentialsSink() {
+      not (super.getCredentialsKind() = "jwt key" and isTestFile(this.getFile()))
+    }
  }
-}
+}