From 4832dc51edfd122cf82eb424b1b8c4e543f63171 Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Sat, 23 Mar 2024 21:33:02 +0000
Subject: [PATCH] Whitelist variable name `tokenImage`

---
 .../ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
index c599756a81c..70ef0b39405 100644
--- a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
@@ -12,7 +12,8 @@ class VariableWithSensitiveName extends Variable {
   VariableWithSensitiveName() {
     exists(string name | name = this.getName() |
       name.regexpMatch(getCommonSensitiveInfoRegex()) and
-      not name.regexpMatch("(?i).*null.*")
+      not name.regexpMatch("(?i).*null.*") and
+      not name.matches("tokenImage") // appears in parser code generated by JavaCC
     )
   }
 }