diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsQuery.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsQuery.qll
index b38d1908faf..121f6d247c4 100644
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsQuery.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsQuery.qll
@@ -12,19 +12,14 @@ import HardcodedCredentialsCustomizations::HardcodedCredentials
 /**
  * A data flow tracking configuration for hardcoded credentials.
  */
-class Configuration extends DataFlow::Configuration {
-  Configuration() { this = "HardcodedCredentials" }
+module HardcodedCredentialsConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node node) { node instanceof Source }
 
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
+  predicate isSink(DataFlow::Node node) { node instanceof Sink }
 
-  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
+  predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
 
-  override predicate isBarrier(DataFlow::Node node) {
-    super.isBarrier(node) or
-    node instanceof Sanitizer
-  }
-
-  override predicate isAdditionalFlowStep(DataFlow::Node src, DataFlow::Node trg) {
+  predicate isAdditionalFlowStep(DataFlow::Node src, DataFlow::Node trg) {
     exists(Base64::Encode encode | src = encode.getInput() and trg = encode.getOutput())
     or
     trg.(StringOps::ConcatenationRoot).getALeaf() = src and
@@ -37,3 +32,30 @@ class Configuration extends DataFlow::Configuration {
     )
   }
 }
+
+/**
+ * Data flow for reasoning about hardcoded credentials.
+ */
+module HardcodedCredentials = DataFlow::Global<HardcodedCredentialsConfig>;
+
+/**
+ * DEPRECATED. Use the `HardcodedCredentials` module instead.
+ */
+deprecated class Configuration extends DataFlow::Configuration {
+  Configuration() { this = "HardcodedCredentials" }
+
+  override predicate isSource(DataFlow::Node source) {
+    HardcodedCredentialsConfig::isSource(source)
+  }
+
+  override predicate isSink(DataFlow::Node sink) { HardcodedCredentialsConfig::isSink(sink) }
+
+  override predicate isBarrier(DataFlow::Node node) {
+    super.isBarrier(node) or
+    HardcodedCredentialsConfig::isBarrier(node)
+  }
+
+  override predicate isAdditionalFlowStep(DataFlow::Node src, DataFlow::Node trg) {
+    HardcodedCredentialsConfig::isAdditionalFlowStep(src, trg)
+  }
+}
diff --git a/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql b/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
index 3cc63e51dcf..0fb996acb27 100644
--- a/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
+++ b/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -15,14 +15,14 @@
 
 import javascript
 import semmle.javascript.security.dataflow.HardcodedCredentialsQuery
-import DataFlow::PathGraph
+import HardcodedCredentials::PathGraph
 
 bindingset[s]
 predicate looksLikeATemplate(string s) { s.regexpMatch(".*((\\{\\{.*\\}\\})|(<.*>)|(\\(.*\\))).*") }
 
-from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink, string value
+from HardcodedCredentials::PathNode source, HardcodedCredentials::PathNode sink, string value
 where
-  cfg.hasFlowPath(source, sink) and
+  HardcodedCredentials::flowPath(source, sink) and
   // use source value in message if it's available
   if source.getNode().asExpr() instanceof ConstantString
   then
diff --git a/javascript/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected b/javascript/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
index 3635090cb43..a1806eb239f 100644
--- a/javascript/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
@@ -1,340 +1,9 @@
-nodes
-| HardcodedCredentials.js:5:15:5:22 | 'dbuser' |
-| HardcodedCredentials.js:5:15:5:22 | 'dbuser' |
-| HardcodedCredentials.js:5:15:5:22 | 'dbuser' |
-| HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' |
-| HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' |
-| HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' |
-| HardcodedCredentials.js:15:36:15:50 | "user:hgfedcba" |
-| HardcodedCredentials.js:15:36:15:50 | "user:hgfedcba" |
-| HardcodedCredentials.js:15:36:15:50 | "user:hgfedcba" |
-| HardcodedCredentials.js:16:37:16:51 | "user:hgfedcba" |
-| HardcodedCredentials.js:16:37:16:51 | "user:hgfedcba" |
-| HardcodedCredentials.js:16:37:16:51 | "user:hgfedcba" |
-| HardcodedCredentials.js:18:16:18:30 | "user:hgfedcba" |
-| HardcodedCredentials.js:18:16:18:30 | "user:hgfedcba" |
-| HardcodedCredentials.js:20:36:20:51 | getCredentials() |
-| HardcodedCredentials.js:20:36:20:51 | getCredentials() |
-| HardcodedCredentials.js:27:25:27:31 | 'admin' |
-| HardcodedCredentials.js:27:25:27:31 | 'admin' |
-| HardcodedCredentials.js:27:25:27:31 | 'admin' |
-| HardcodedCredentials.js:27:34:27:43 | 'hgfedcba' |
-| HardcodedCredentials.js:27:34:27:43 | 'hgfedcba' |
-| HardcodedCredentials.js:27:34:27:43 | 'hgfedcba' |
-| HardcodedCredentials.js:29:11:29:30 | 'unknown-admin-name' |
-| HardcodedCredentials.js:29:11:29:30 | 'unknown-admin-name' |
-| HardcodedCredentials.js:29:11:29:30 | 'unknown-admin-name' |
-| HardcodedCredentials.js:29:35:29:44 | 'hgfedcba' |
-| HardcodedCredentials.js:29:35:29:44 | 'hgfedcba' |
-| HardcodedCredentials.js:29:35:29:44 | 'hgfedcba' |
-| HardcodedCredentials.js:35:15:35:24 | 'username' |
-| HardcodedCredentials.js:35:15:35:24 | 'username' |
-| HardcodedCredentials.js:35:15:35:24 | 'username' |
-| HardcodedCredentials.js:35:27:35:36 | 'hgfedcba' |
-| HardcodedCredentials.js:35:27:35:36 | 'hgfedcba' |
-| HardcodedCredentials.js:35:27:35:36 | 'hgfedcba' |
-| HardcodedCredentials.js:41:38:41:47 | 'username' |
-| HardcodedCredentials.js:41:38:41:47 | 'username' |
-| HardcodedCredentials.js:41:38:41:47 | 'username' |
-| HardcodedCredentials.js:41:67:41:76 | 'hgfedcba' |
-| HardcodedCredentials.js:41:67:41:76 | 'hgfedcba' |
-| HardcodedCredentials.js:41:67:41:76 | 'hgfedcba' |
-| HardcodedCredentials.js:42:35:42:44 | 'username' |
-| HardcodedCredentials.js:42:35:42:44 | 'username' |
-| HardcodedCredentials.js:42:35:42:44 | 'username' |
-| HardcodedCredentials.js:42:64:42:73 | 'hgfedcba' |
-| HardcodedCredentials.js:42:64:42:73 | 'hgfedcba' |
-| HardcodedCredentials.js:42:64:42:73 | 'hgfedcba' |
-| HardcodedCredentials.js:44:34:44:43 | 'username' |
-| HardcodedCredentials.js:44:34:44:43 | 'username' |
-| HardcodedCredentials.js:44:34:44:43 | 'username' |
-| HardcodedCredentials.js:44:63:44:72 | 'hgfedcba' |
-| HardcodedCredentials.js:44:63:44:72 | 'hgfedcba' |
-| HardcodedCredentials.js:44:63:44:72 | 'hgfedcba' |
-| HardcodedCredentials.js:46:25:46:34 | 'hgfedcba' |
-| HardcodedCredentials.js:46:25:46:34 | 'hgfedcba' |
-| HardcodedCredentials.js:46:25:46:34 | 'hgfedcba' |
-| HardcodedCredentials.js:53:27:53:36 | 'username' |
-| HardcodedCredentials.js:53:27:53:36 | 'username' |
-| HardcodedCredentials.js:53:27:53:36 | 'username' |
-| HardcodedCredentials.js:53:39:53:48 | 'hgfedcba' |
-| HardcodedCredentials.js:53:39:53:48 | 'hgfedcba' |
-| HardcodedCredentials.js:53:39:53:48 | 'hgfedcba' |
-| HardcodedCredentials.js:56:21:56:30 | 'username' |
-| HardcodedCredentials.js:56:21:56:30 | 'username' |
-| HardcodedCredentials.js:56:21:56:30 | 'username' |
-| HardcodedCredentials.js:57:21:57:30 | 'hgfedcba' |
-| HardcodedCredentials.js:57:21:57:30 | 'hgfedcba' |
-| HardcodedCredentials.js:57:21:57:30 | 'hgfedcba' |
-| HardcodedCredentials.js:61:42:61:54 | 'bearerToken' |
-| HardcodedCredentials.js:61:42:61:54 | 'bearerToken' |
-| HardcodedCredentials.js:61:42:61:54 | 'bearerToken' |
-| HardcodedCredentials.js:65:23:65:35 | 'bearerToken' |
-| HardcodedCredentials.js:65:23:65:35 | 'bearerToken' |
-| HardcodedCredentials.js:65:23:65:35 | 'bearerToken' |
-| HardcodedCredentials.js:69:28:69:37 | 'username' |
-| HardcodedCredentials.js:69:28:69:37 | 'username' |
-| HardcodedCredentials.js:69:28:69:37 | 'username' |
-| HardcodedCredentials.js:69:40:69:49 | 'hgfedcba' |
-| HardcodedCredentials.js:69:40:69:49 | 'hgfedcba' |
-| HardcodedCredentials.js:69:40:69:49 | 'hgfedcba' |
-| HardcodedCredentials.js:70:28:70:37 | 'username' |
-| HardcodedCredentials.js:70:28:70:37 | 'username' |
-| HardcodedCredentials.js:70:28:70:37 | 'username' |
-| HardcodedCredentials.js:70:40:70:49 | 'hgfedcba' |
-| HardcodedCredentials.js:70:40:70:49 | 'hgfedcba' |
-| HardcodedCredentials.js:70:40:70:49 | 'hgfedcba' |
-| HardcodedCredentials.js:72:23:72:32 | 'username' |
-| HardcodedCredentials.js:72:23:72:32 | 'username' |
-| HardcodedCredentials.js:72:23:72:32 | 'username' |
-| HardcodedCredentials.js:72:35:72:44 | 'hgfedcba' |
-| HardcodedCredentials.js:72:35:72:44 | 'hgfedcba' |
-| HardcodedCredentials.js:72:35:72:44 | 'hgfedcba' |
-| HardcodedCredentials.js:75:21:75:30 | 'username' |
-| HardcodedCredentials.js:75:21:75:30 | 'username' |
-| HardcodedCredentials.js:75:21:75:30 | 'username' |
-| HardcodedCredentials.js:76:21:76:30 | 'hgfedcba' |
-| HardcodedCredentials.js:76:21:76:30 | 'hgfedcba' |
-| HardcodedCredentials.js:76:21:76:30 | 'hgfedcba' |
-| HardcodedCredentials.js:84:38:84:47 | 'username' |
-| HardcodedCredentials.js:84:38:84:47 | 'username' |
-| HardcodedCredentials.js:84:38:84:47 | 'username' |
-| HardcodedCredentials.js:84:50:84:59 | 'hgfedcba' |
-| HardcodedCredentials.js:84:50:84:59 | 'hgfedcba' |
-| HardcodedCredentials.js:84:50:84:59 | 'hgfedcba' |
-| HardcodedCredentials.js:86:44:86:53 | 'username' |
-| HardcodedCredentials.js:86:44:86:53 | 'username' |
-| HardcodedCredentials.js:86:44:86:53 | 'username' |
-| HardcodedCredentials.js:86:56:86:65 | 'hgfedcba' |
-| HardcodedCredentials.js:86:56:86:65 | 'hgfedcba' |
-| HardcodedCredentials.js:86:56:86:65 | 'hgfedcba' |
-| HardcodedCredentials.js:91:25:91:31 | 'TOKEN' |
-| HardcodedCredentials.js:91:25:91:31 | 'TOKEN' |
-| HardcodedCredentials.js:91:25:91:31 | 'TOKEN' |
-| HardcodedCredentials.js:98:18:98:21 | 'x1' |
-| HardcodedCredentials.js:98:18:98:21 | 'x1' |
-| HardcodedCredentials.js:98:18:98:21 | 'x1' |
-| HardcodedCredentials.js:99:16:99:19 | 'x2' |
-| HardcodedCredentials.js:99:16:99:19 | 'x2' |
-| HardcodedCredentials.js:99:16:99:19 | 'x2' |
-| HardcodedCredentials.js:100:25:100:28 | 'x3' |
-| HardcodedCredentials.js:100:25:100:28 | 'x3' |
-| HardcodedCredentials.js:100:25:100:28 | 'x3' |
-| HardcodedCredentials.js:101:19:101:22 | 'x4' |
-| HardcodedCredentials.js:101:19:101:22 | 'x4' |
-| HardcodedCredentials.js:101:19:101:22 | 'x4' |
-| HardcodedCredentials.js:102:14:102:23 | 'hgfedcba' |
-| HardcodedCredentials.js:102:14:102:23 | 'hgfedcba' |
-| HardcodedCredentials.js:102:14:102:23 | 'hgfedcba' |
-| HardcodedCredentials.js:103:17:103:26 | 'hgfedcba' |
-| HardcodedCredentials.js:103:17:103:26 | 'hgfedcba' |
-| HardcodedCredentials.js:103:17:103:26 | 'hgfedcba' |
-| HardcodedCredentials.js:104:27:104:36 | 'hgfedcba' |
-| HardcodedCredentials.js:104:27:104:36 | 'hgfedcba' |
-| HardcodedCredentials.js:104:27:104:36 | 'hgfedcba' |
-| HardcodedCredentials.js:105:19:105:28 | 'hgfedcba' |
-| HardcodedCredentials.js:105:19:105:28 | 'hgfedcba' |
-| HardcodedCredentials.js:105:19:105:28 | 'hgfedcba' |
-| HardcodedCredentials.js:106:16:106:25 | 'hgfedcba' |
-| HardcodedCredentials.js:106:16:106:25 | 'hgfedcba' |
-| HardcodedCredentials.js:106:16:106:25 | 'hgfedcba' |
-| HardcodedCredentials.js:112:19:112:22 | 'x5' |
-| HardcodedCredentials.js:112:19:112:22 | 'x5' |
-| HardcodedCredentials.js:112:19:112:22 | 'x5' |
-| HardcodedCredentials.js:113:19:113:28 | 'hgfedcba' |
-| HardcodedCredentials.js:113:19:113:28 | 'hgfedcba' |
-| HardcodedCredentials.js:113:19:113:28 | 'hgfedcba' |
-| HardcodedCredentials.js:130:44:130:53 | 'hgfedcba' |
-| HardcodedCredentials.js:130:44:130:53 | 'hgfedcba' |
-| HardcodedCredentials.js:130:44:130:53 | 'hgfedcba' |
-| HardcodedCredentials.js:131:52:131:61 | 'hgfedcba' |
-| HardcodedCredentials.js:131:52:131:61 | 'hgfedcba' |
-| HardcodedCredentials.js:131:52:131:61 | 'hgfedcba' |
-| HardcodedCredentials.js:135:41:135:50 | "hgfedcba" |
-| HardcodedCredentials.js:135:41:135:50 | "hgfedcba" |
-| HardcodedCredentials.js:135:41:135:50 | "hgfedcba" |
-| HardcodedCredentials.js:160:38:160:48 | "change_me" |
-| HardcodedCredentials.js:160:38:160:48 | "change_me" |
-| HardcodedCredentials.js:160:38:160:48 | "change_me" |
-| HardcodedCredentials.js:161:41:161:51 | 'change_me' |
-| HardcodedCredentials.js:161:41:161:51 | 'change_me' |
-| HardcodedCredentials.js:161:41:161:51 | 'change_me' |
-| HardcodedCredentials.js:164:35:164:45 | 'change_me' |
-| HardcodedCredentials.js:164:35:164:45 | 'change_me' |
-| HardcodedCredentials.js:164:35:164:45 | 'change_me' |
-| HardcodedCredentials.js:171:11:171:25 | USER |
-| HardcodedCredentials.js:171:18:171:25 | 'sdsdag' |
-| HardcodedCredentials.js:171:18:171:25 | 'sdsdag' |
-| HardcodedCredentials.js:172:11:172:25 | PASS |
-| HardcodedCredentials.js:172:18:172:25 | 'sdsdag' |
-| HardcodedCredentials.js:172:18:172:25 | 'sdsdag' |
-| HardcodedCredentials.js:173:11:173:49 | AUTH |
-| HardcodedCredentials.js:173:18:173:49 | base64. ... PASS}`) |
-| HardcodedCredentials.js:173:32:173:48 | `${USER}:${PASS}` |
-| HardcodedCredentials.js:173:35:173:38 | USER |
-| HardcodedCredentials.js:173:43:173:46 | PASS |
-| HardcodedCredentials.js:178:30:178:44 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:178:30:178:44 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:178:39:178:42 | AUTH |
-| HardcodedCredentials.js:188:30:188:44 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:188:30:188:44 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:188:39:188:42 | AUTH |
-| HardcodedCredentials.js:195:37:195:51 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:195:37:195:51 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:195:46:195:49 | AUTH |
-| HardcodedCredentials.js:204:35:204:49 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:204:35:204:49 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:204:44:204:47 | AUTH |
-| HardcodedCredentials.js:214:11:214:25 | USER |
-| HardcodedCredentials.js:214:18:214:25 | 'sdsdag' |
-| HardcodedCredentials.js:214:18:214:25 | 'sdsdag' |
-| HardcodedCredentials.js:215:11:215:25 | PASS |
-| HardcodedCredentials.js:215:18:215:25 | 'sdsdag' |
-| HardcodedCredentials.js:215:18:215:25 | 'sdsdag' |
-| HardcodedCredentials.js:216:11:216:49 | AUTH |
-| HardcodedCredentials.js:216:18:216:49 | base64. ... PASS}`) |
-| HardcodedCredentials.js:216:32:216:48 | `${USER}:${PASS}` |
-| HardcodedCredentials.js:216:35:216:38 | USER |
-| HardcodedCredentials.js:216:43:216:46 | PASS |
-| HardcodedCredentials.js:221:37:221:51 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:221:37:221:51 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:221:46:221:49 | AUTH |
-| HardcodedCredentials.js:231:11:231:29 | username |
-| HardcodedCredentials.js:231:22:231:29 | 'sdsdag' |
-| HardcodedCredentials.js:231:22:231:29 | 'sdsdag' |
-| HardcodedCredentials.js:237:24:237:91 | 'Basic  ... ase64') |
-| HardcodedCredentials.js:237:24:237:91 | 'Basic  ... ase64') |
-| HardcodedCredentials.js:237:35:237:72 | Buffer. ... ssword) |
-| HardcodedCredentials.js:237:35:237:91 | Buffer. ... ase64') |
-| HardcodedCredentials.js:237:47:237:54 | username |
-| HardcodedCredentials.js:237:47:237:71 | usernam ... assword |
-| HardcodedCredentials.js:245:9:245:44 | privateKey |
-| HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" |
-| HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" |
-| HardcodedCredentials.js:246:42:246:51 | privateKey |
-| HardcodedCredentials.js:246:42:246:51 | privateKey |
-| HardcodedCredentials.js:260:30:260:40 | `Basic foo` |
-| HardcodedCredentials.js:260:30:260:40 | `Basic foo` |
-| HardcodedCredentials.js:260:30:260:40 | `Basic foo` |
-| HardcodedCredentials.js:268:30:268:73 | `${foo  ... Token}` |
-| HardcodedCredentials.js:268:30:268:73 | `${foo  ... Token}` |
-| HardcodedCredentials.js:268:33:268:56 | foo ? ' ... 'OAuth' |
-| HardcodedCredentials.js:268:39:268:46 | 'Bearer' |
-| HardcodedCredentials.js:268:39:268:46 | 'Bearer' |
-| HardcodedCredentials.js:268:50:268:56 | 'OAuth' |
-| HardcodedCredentials.js:268:50:268:56 | 'OAuth' |
-| HardcodedCredentials.js:275:36:275:59 | "user:{ ... ERE }}" |
-| HardcodedCredentials.js:275:36:275:59 | "user:{ ... ERE }}" |
-| HardcodedCredentials.js:275:36:275:59 | "user:{ ... ERE }}" |
-| HardcodedCredentials.js:276:36:276:65 | "user:t ... ERE }}" |
-| HardcodedCredentials.js:276:36:276:65 | "user:t ... ERE }}" |
-| HardcodedCredentials.js:276:36:276:65 | "user:t ... ERE }}" |
-| HardcodedCredentials.js:277:36:277:57 | "user:( ... HERE )" |
-| HardcodedCredentials.js:277:36:277:57 | "user:( ... HERE )" |
-| HardcodedCredentials.js:277:36:277:57 | "user:( ... HERE )" |
-| HardcodedCredentials.js:278:36:278:64 | "user:{ ... ken }}" |
-| HardcodedCredentials.js:278:36:278:64 | "user:{ ... ken }}" |
-| HardcodedCredentials.js:278:36:278:64 | "user:{ ... ken }}" |
-| HardcodedCredentials.js:279:36:279:50 | "user:abcdefgh" |
-| HardcodedCredentials.js:279:36:279:50 | "user:abcdefgh" |
-| HardcodedCredentials.js:279:36:279:50 | "user:abcdefgh" |
-| HardcodedCredentials.js:280:36:280:50 | "user:12345678" |
-| HardcodedCredentials.js:280:36:280:50 | "user:12345678" |
-| HardcodedCredentials.js:280:36:280:50 | "user:12345678" |
-| HardcodedCredentials.js:281:36:281:45 | "user:foo" |
-| HardcodedCredentials.js:281:36:281:45 | "user:foo" |
-| HardcodedCredentials.js:281:36:281:45 | "user:foo" |
-| HardcodedCredentials.js:282:36:282:52 | "user:mypassword" |
-| HardcodedCredentials.js:282:36:282:52 | "user:mypassword" |
-| HardcodedCredentials.js:282:36:282:52 | "user:mypassword" |
-| HardcodedCredentials.js:283:36:283:49 | "user:mytoken" |
-| HardcodedCredentials.js:283:36:283:49 | "user:mytoken" |
-| HardcodedCredentials.js:283:36:283:49 | "user:mytoken" |
-| HardcodedCredentials.js:284:36:284:52 | "user:fake token" |
-| HardcodedCredentials.js:284:36:284:52 | "user:fake token" |
-| HardcodedCredentials.js:284:36:284:52 | "user:fake token" |
-| HardcodedCredentials.js:285:36:285:46 | "user:dcba" |
-| HardcodedCredentials.js:285:36:285:46 | "user:dcba" |
-| HardcodedCredentials.js:285:36:285:46 | "user:dcba" |
-| HardcodedCredentials.js:286:36:286:55 | "user:custom string" |
-| HardcodedCredentials.js:286:36:286:55 | "user:custom string" |
-| HardcodedCredentials.js:286:36:286:55 | "user:custom string" |
-| HardcodedCredentials.js:292:37:292:57 | `Basic  ... sdsdag` |
-| HardcodedCredentials.js:292:37:292:57 | `Basic  ... sdsdag` |
-| HardcodedCredentials.js:292:37:292:57 | `Basic  ... sdsdag` |
-| HardcodedCredentials.js:293:37:293:65 | `Basic  ... xxxxxx` |
-| HardcodedCredentials.js:293:37:293:65 | `Basic  ... xxxxxx` |
-| HardcodedCredentials.js:293:37:293:65 | `Basic  ... xxxxxx` |
-| HardcodedCredentials.js:294:37:294:70 | `Basic  ... gbbbbb` |
-| HardcodedCredentials.js:294:37:294:70 | `Basic  ... gbbbbb` |
-| HardcodedCredentials.js:294:37:294:70 | `Basic  ... gbbbbb` |
-| HardcodedCredentials.js:295:37:295:66 | `Basic  ... 000001` |
-| HardcodedCredentials.js:295:37:295:66 | `Basic  ... 000001` |
-| HardcodedCredentials.js:295:37:295:66 | `Basic  ... 000001` |
 edges
-| HardcodedCredentials.js:5:15:5:22 | 'dbuser' | HardcodedCredentials.js:5:15:5:22 | 'dbuser' |
-| HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' |
-| HardcodedCredentials.js:15:36:15:50 | "user:hgfedcba" | HardcodedCredentials.js:15:36:15:50 | "user:hgfedcba" |
-| HardcodedCredentials.js:16:37:16:51 | "user:hgfedcba" | HardcodedCredentials.js:16:37:16:51 | "user:hgfedcba" |
 | HardcodedCredentials.js:18:16:18:30 | "user:hgfedcba" | HardcodedCredentials.js:20:36:20:51 | getCredentials() |
-| HardcodedCredentials.js:18:16:18:30 | "user:hgfedcba" | HardcodedCredentials.js:20:36:20:51 | getCredentials() |
-| HardcodedCredentials.js:18:16:18:30 | "user:hgfedcba" | HardcodedCredentials.js:20:36:20:51 | getCredentials() |
-| HardcodedCredentials.js:18:16:18:30 | "user:hgfedcba" | HardcodedCredentials.js:20:36:20:51 | getCredentials() |
-| HardcodedCredentials.js:27:25:27:31 | 'admin' | HardcodedCredentials.js:27:25:27:31 | 'admin' |
-| HardcodedCredentials.js:27:34:27:43 | 'hgfedcba' | HardcodedCredentials.js:27:34:27:43 | 'hgfedcba' |
-| HardcodedCredentials.js:29:11:29:30 | 'unknown-admin-name' | HardcodedCredentials.js:29:11:29:30 | 'unknown-admin-name' |
-| HardcodedCredentials.js:29:35:29:44 | 'hgfedcba' | HardcodedCredentials.js:29:35:29:44 | 'hgfedcba' |
-| HardcodedCredentials.js:35:15:35:24 | 'username' | HardcodedCredentials.js:35:15:35:24 | 'username' |
-| HardcodedCredentials.js:35:27:35:36 | 'hgfedcba' | HardcodedCredentials.js:35:27:35:36 | 'hgfedcba' |
-| HardcodedCredentials.js:41:38:41:47 | 'username' | HardcodedCredentials.js:41:38:41:47 | 'username' |
-| HardcodedCredentials.js:41:67:41:76 | 'hgfedcba' | HardcodedCredentials.js:41:67:41:76 | 'hgfedcba' |
-| HardcodedCredentials.js:42:35:42:44 | 'username' | HardcodedCredentials.js:42:35:42:44 | 'username' |
-| HardcodedCredentials.js:42:64:42:73 | 'hgfedcba' | HardcodedCredentials.js:42:64:42:73 | 'hgfedcba' |
-| HardcodedCredentials.js:44:34:44:43 | 'username' | HardcodedCredentials.js:44:34:44:43 | 'username' |
-| HardcodedCredentials.js:44:63:44:72 | 'hgfedcba' | HardcodedCredentials.js:44:63:44:72 | 'hgfedcba' |
-| HardcodedCredentials.js:46:25:46:34 | 'hgfedcba' | HardcodedCredentials.js:46:25:46:34 | 'hgfedcba' |
-| HardcodedCredentials.js:53:27:53:36 | 'username' | HardcodedCredentials.js:53:27:53:36 | 'username' |
-| HardcodedCredentials.js:53:39:53:48 | 'hgfedcba' | HardcodedCredentials.js:53:39:53:48 | 'hgfedcba' |
-| HardcodedCredentials.js:56:21:56:30 | 'username' | HardcodedCredentials.js:56:21:56:30 | 'username' |
-| HardcodedCredentials.js:57:21:57:30 | 'hgfedcba' | HardcodedCredentials.js:57:21:57:30 | 'hgfedcba' |
-| HardcodedCredentials.js:61:42:61:54 | 'bearerToken' | HardcodedCredentials.js:61:42:61:54 | 'bearerToken' |
-| HardcodedCredentials.js:65:23:65:35 | 'bearerToken' | HardcodedCredentials.js:65:23:65:35 | 'bearerToken' |
-| HardcodedCredentials.js:69:28:69:37 | 'username' | HardcodedCredentials.js:69:28:69:37 | 'username' |
-| HardcodedCredentials.js:69:40:69:49 | 'hgfedcba' | HardcodedCredentials.js:69:40:69:49 | 'hgfedcba' |
-| HardcodedCredentials.js:70:28:70:37 | 'username' | HardcodedCredentials.js:70:28:70:37 | 'username' |
-| HardcodedCredentials.js:70:40:70:49 | 'hgfedcba' | HardcodedCredentials.js:70:40:70:49 | 'hgfedcba' |
-| HardcodedCredentials.js:72:23:72:32 | 'username' | HardcodedCredentials.js:72:23:72:32 | 'username' |
-| HardcodedCredentials.js:72:35:72:44 | 'hgfedcba' | HardcodedCredentials.js:72:35:72:44 | 'hgfedcba' |
-| HardcodedCredentials.js:75:21:75:30 | 'username' | HardcodedCredentials.js:75:21:75:30 | 'username' |
-| HardcodedCredentials.js:76:21:76:30 | 'hgfedcba' | HardcodedCredentials.js:76:21:76:30 | 'hgfedcba' |
-| HardcodedCredentials.js:84:38:84:47 | 'username' | HardcodedCredentials.js:84:38:84:47 | 'username' |
-| HardcodedCredentials.js:84:50:84:59 | 'hgfedcba' | HardcodedCredentials.js:84:50:84:59 | 'hgfedcba' |
-| HardcodedCredentials.js:86:44:86:53 | 'username' | HardcodedCredentials.js:86:44:86:53 | 'username' |
-| HardcodedCredentials.js:86:56:86:65 | 'hgfedcba' | HardcodedCredentials.js:86:56:86:65 | 'hgfedcba' |
-| HardcodedCredentials.js:91:25:91:31 | 'TOKEN' | HardcodedCredentials.js:91:25:91:31 | 'TOKEN' |
-| HardcodedCredentials.js:98:18:98:21 | 'x1' | HardcodedCredentials.js:98:18:98:21 | 'x1' |
-| HardcodedCredentials.js:99:16:99:19 | 'x2' | HardcodedCredentials.js:99:16:99:19 | 'x2' |
-| HardcodedCredentials.js:100:25:100:28 | 'x3' | HardcodedCredentials.js:100:25:100:28 | 'x3' |
-| HardcodedCredentials.js:101:19:101:22 | 'x4' | HardcodedCredentials.js:101:19:101:22 | 'x4' |
-| HardcodedCredentials.js:102:14:102:23 | 'hgfedcba' | HardcodedCredentials.js:102:14:102:23 | 'hgfedcba' |
-| HardcodedCredentials.js:103:17:103:26 | 'hgfedcba' | HardcodedCredentials.js:103:17:103:26 | 'hgfedcba' |
-| HardcodedCredentials.js:104:27:104:36 | 'hgfedcba' | HardcodedCredentials.js:104:27:104:36 | 'hgfedcba' |
-| HardcodedCredentials.js:105:19:105:28 | 'hgfedcba' | HardcodedCredentials.js:105:19:105:28 | 'hgfedcba' |
-| HardcodedCredentials.js:106:16:106:25 | 'hgfedcba' | HardcodedCredentials.js:106:16:106:25 | 'hgfedcba' |
-| HardcodedCredentials.js:112:19:112:22 | 'x5' | HardcodedCredentials.js:112:19:112:22 | 'x5' |
-| HardcodedCredentials.js:113:19:113:28 | 'hgfedcba' | HardcodedCredentials.js:113:19:113:28 | 'hgfedcba' |
-| HardcodedCredentials.js:130:44:130:53 | 'hgfedcba' | HardcodedCredentials.js:130:44:130:53 | 'hgfedcba' |
-| HardcodedCredentials.js:131:52:131:61 | 'hgfedcba' | HardcodedCredentials.js:131:52:131:61 | 'hgfedcba' |
-| HardcodedCredentials.js:135:41:135:50 | "hgfedcba" | HardcodedCredentials.js:135:41:135:50 | "hgfedcba" |
-| HardcodedCredentials.js:160:38:160:48 | "change_me" | HardcodedCredentials.js:160:38:160:48 | "change_me" |
-| HardcodedCredentials.js:161:41:161:51 | 'change_me' | HardcodedCredentials.js:161:41:161:51 | 'change_me' |
-| HardcodedCredentials.js:164:35:164:45 | 'change_me' | HardcodedCredentials.js:164:35:164:45 | 'change_me' |
 | HardcodedCredentials.js:171:11:171:25 | USER | HardcodedCredentials.js:173:35:173:38 | USER |
 | HardcodedCredentials.js:171:18:171:25 | 'sdsdag' | HardcodedCredentials.js:171:11:171:25 | USER |
-| HardcodedCredentials.js:171:18:171:25 | 'sdsdag' | HardcodedCredentials.js:171:11:171:25 | USER |
 | HardcodedCredentials.js:172:11:172:25 | PASS | HardcodedCredentials.js:173:43:173:46 | PASS |
 | HardcodedCredentials.js:172:18:172:25 | 'sdsdag' | HardcodedCredentials.js:172:11:172:25 | PASS |
-| HardcodedCredentials.js:172:18:172:25 | 'sdsdag' | HardcodedCredentials.js:172:11:172:25 | PASS |
 | HardcodedCredentials.js:173:11:173:49 | AUTH | HardcodedCredentials.js:178:39:178:42 | AUTH |
 | HardcodedCredentials.js:173:11:173:49 | AUTH | HardcodedCredentials.js:188:39:188:42 | AUTH |
 | HardcodedCredentials.js:173:11:173:49 | AUTH | HardcodedCredentials.js:195:46:195:49 | AUTH |
@@ -344,61 +13,146 @@ edges
 | HardcodedCredentials.js:173:35:173:38 | USER | HardcodedCredentials.js:173:32:173:48 | `${USER}:${PASS}` |
 | HardcodedCredentials.js:173:43:173:46 | PASS | HardcodedCredentials.js:173:32:173:48 | `${USER}:${PASS}` |
 | HardcodedCredentials.js:178:39:178:42 | AUTH | HardcodedCredentials.js:178:30:178:44 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:178:39:178:42 | AUTH | HardcodedCredentials.js:178:30:178:44 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:188:39:188:42 | AUTH | HardcodedCredentials.js:188:30:188:44 | `Basic ${AUTH}` |
 | HardcodedCredentials.js:188:39:188:42 | AUTH | HardcodedCredentials.js:188:30:188:44 | `Basic ${AUTH}` |
 | HardcodedCredentials.js:195:46:195:49 | AUTH | HardcodedCredentials.js:195:37:195:51 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:195:46:195:49 | AUTH | HardcodedCredentials.js:195:37:195:51 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:204:44:204:47 | AUTH | HardcodedCredentials.js:204:35:204:49 | `Basic ${AUTH}` |
 | HardcodedCredentials.js:204:44:204:47 | AUTH | HardcodedCredentials.js:204:35:204:49 | `Basic ${AUTH}` |
 | HardcodedCredentials.js:214:11:214:25 | USER | HardcodedCredentials.js:216:35:216:38 | USER |
 | HardcodedCredentials.js:214:18:214:25 | 'sdsdag' | HardcodedCredentials.js:214:11:214:25 | USER |
-| HardcodedCredentials.js:214:18:214:25 | 'sdsdag' | HardcodedCredentials.js:214:11:214:25 | USER |
 | HardcodedCredentials.js:215:11:215:25 | PASS | HardcodedCredentials.js:216:43:216:46 | PASS |
 | HardcodedCredentials.js:215:18:215:25 | 'sdsdag' | HardcodedCredentials.js:215:11:215:25 | PASS |
-| HardcodedCredentials.js:215:18:215:25 | 'sdsdag' | HardcodedCredentials.js:215:11:215:25 | PASS |
 | HardcodedCredentials.js:216:11:216:49 | AUTH | HardcodedCredentials.js:221:46:221:49 | AUTH |
 | HardcodedCredentials.js:216:18:216:49 | base64. ... PASS}`) | HardcodedCredentials.js:216:11:216:49 | AUTH |
 | HardcodedCredentials.js:216:32:216:48 | `${USER}:${PASS}` | HardcodedCredentials.js:216:18:216:49 | base64. ... PASS}`) |
 | HardcodedCredentials.js:216:35:216:38 | USER | HardcodedCredentials.js:216:32:216:48 | `${USER}:${PASS}` |
 | HardcodedCredentials.js:216:43:216:46 | PASS | HardcodedCredentials.js:216:32:216:48 | `${USER}:${PASS}` |
 | HardcodedCredentials.js:221:46:221:49 | AUTH | HardcodedCredentials.js:221:37:221:51 | `Basic ${AUTH}` |
-| HardcodedCredentials.js:221:46:221:49 | AUTH | HardcodedCredentials.js:221:37:221:51 | `Basic ${AUTH}` |
 | HardcodedCredentials.js:231:11:231:29 | username | HardcodedCredentials.js:237:47:237:54 | username |
 | HardcodedCredentials.js:231:22:231:29 | 'sdsdag' | HardcodedCredentials.js:231:11:231:29 | username |
-| HardcodedCredentials.js:231:22:231:29 | 'sdsdag' | HardcodedCredentials.js:231:11:231:29 | username |
 | HardcodedCredentials.js:237:35:237:72 | Buffer. ... ssword) | HardcodedCredentials.js:237:35:237:91 | Buffer. ... ase64') |
 | HardcodedCredentials.js:237:35:237:91 | Buffer. ... ase64') | HardcodedCredentials.js:237:24:237:91 | 'Basic  ... ase64') |
-| HardcodedCredentials.js:237:35:237:91 | Buffer. ... ase64') | HardcodedCredentials.js:237:24:237:91 | 'Basic  ... ase64') |
 | HardcodedCredentials.js:237:47:237:54 | username | HardcodedCredentials.js:237:47:237:71 | usernam ... assword |
 | HardcodedCredentials.js:237:47:237:71 | usernam ... assword | HardcodedCredentials.js:237:35:237:72 | Buffer. ... ssword) |
 | HardcodedCredentials.js:245:9:245:44 | privateKey | HardcodedCredentials.js:246:42:246:51 | privateKey |
-| HardcodedCredentials.js:245:9:245:44 | privateKey | HardcodedCredentials.js:246:42:246:51 | privateKey |
 | HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" | HardcodedCredentials.js:245:9:245:44 | privateKey |
-| HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" | HardcodedCredentials.js:245:9:245:44 | privateKey |
-| HardcodedCredentials.js:260:30:260:40 | `Basic foo` | HardcodedCredentials.js:260:30:260:40 | `Basic foo` |
-| HardcodedCredentials.js:268:33:268:56 | foo ? ' ... 'OAuth' | HardcodedCredentials.js:268:30:268:73 | `${foo  ... Token}` |
 | HardcodedCredentials.js:268:33:268:56 | foo ? ' ... 'OAuth' | HardcodedCredentials.js:268:30:268:73 | `${foo  ... Token}` |
 | HardcodedCredentials.js:268:39:268:46 | 'Bearer' | HardcodedCredentials.js:268:33:268:56 | foo ? ' ... 'OAuth' |
-| HardcodedCredentials.js:268:39:268:46 | 'Bearer' | HardcodedCredentials.js:268:33:268:56 | foo ? ' ... 'OAuth' |
 | HardcodedCredentials.js:268:50:268:56 | 'OAuth' | HardcodedCredentials.js:268:33:268:56 | foo ? ' ... 'OAuth' |
-| HardcodedCredentials.js:268:50:268:56 | 'OAuth' | HardcodedCredentials.js:268:33:268:56 | foo ? ' ... 'OAuth' |
-| HardcodedCredentials.js:275:36:275:59 | "user:{ ... ERE }}" | HardcodedCredentials.js:275:36:275:59 | "user:{ ... ERE }}" |
-| HardcodedCredentials.js:276:36:276:65 | "user:t ... ERE }}" | HardcodedCredentials.js:276:36:276:65 | "user:t ... ERE }}" |
-| HardcodedCredentials.js:277:36:277:57 | "user:( ... HERE )" | HardcodedCredentials.js:277:36:277:57 | "user:( ... HERE )" |
-| HardcodedCredentials.js:278:36:278:64 | "user:{ ... ken }}" | HardcodedCredentials.js:278:36:278:64 | "user:{ ... ken }}" |
-| HardcodedCredentials.js:279:36:279:50 | "user:abcdefgh" | HardcodedCredentials.js:279:36:279:50 | "user:abcdefgh" |
-| HardcodedCredentials.js:280:36:280:50 | "user:12345678" | HardcodedCredentials.js:280:36:280:50 | "user:12345678" |
-| HardcodedCredentials.js:281:36:281:45 | "user:foo" | HardcodedCredentials.js:281:36:281:45 | "user:foo" |
-| HardcodedCredentials.js:282:36:282:52 | "user:mypassword" | HardcodedCredentials.js:282:36:282:52 | "user:mypassword" |
-| HardcodedCredentials.js:283:36:283:49 | "user:mytoken" | HardcodedCredentials.js:283:36:283:49 | "user:mytoken" |
-| HardcodedCredentials.js:284:36:284:52 | "user:fake token" | HardcodedCredentials.js:284:36:284:52 | "user:fake token" |
-| HardcodedCredentials.js:285:36:285:46 | "user:dcba" | HardcodedCredentials.js:285:36:285:46 | "user:dcba" |
-| HardcodedCredentials.js:286:36:286:55 | "user:custom string" | HardcodedCredentials.js:286:36:286:55 | "user:custom string" |
-| HardcodedCredentials.js:292:37:292:57 | `Basic  ... sdsdag` | HardcodedCredentials.js:292:37:292:57 | `Basic  ... sdsdag` |
-| HardcodedCredentials.js:293:37:293:65 | `Basic  ... xxxxxx` | HardcodedCredentials.js:293:37:293:65 | `Basic  ... xxxxxx` |
-| HardcodedCredentials.js:294:37:294:70 | `Basic  ... gbbbbb` | HardcodedCredentials.js:294:37:294:70 | `Basic  ... gbbbbb` |
-| HardcodedCredentials.js:295:37:295:66 | `Basic  ... 000001` | HardcodedCredentials.js:295:37:295:66 | `Basic  ... 000001` |
+nodes
+| HardcodedCredentials.js:5:15:5:22 | 'dbuser' | semmle.label | 'dbuser' |
+| HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:15:36:15:50 | "user:hgfedcba" | semmle.label | "user:hgfedcba" |
+| HardcodedCredentials.js:16:37:16:51 | "user:hgfedcba" | semmle.label | "user:hgfedcba" |
+| HardcodedCredentials.js:18:16:18:30 | "user:hgfedcba" | semmle.label | "user:hgfedcba" |
+| HardcodedCredentials.js:20:36:20:51 | getCredentials() | semmle.label | getCredentials() |
+| HardcodedCredentials.js:27:25:27:31 | 'admin' | semmle.label | 'admin' |
+| HardcodedCredentials.js:27:34:27:43 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:29:11:29:30 | 'unknown-admin-name' | semmle.label | 'unknown-admin-name' |
+| HardcodedCredentials.js:29:35:29:44 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:35:15:35:24 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:35:27:35:36 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:41:38:41:47 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:41:67:41:76 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:42:35:42:44 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:42:64:42:73 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:44:34:44:43 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:44:63:44:72 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:46:25:46:34 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:53:27:53:36 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:53:39:53:48 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:56:21:56:30 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:57:21:57:30 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:61:42:61:54 | 'bearerToken' | semmle.label | 'bearerToken' |
+| HardcodedCredentials.js:65:23:65:35 | 'bearerToken' | semmle.label | 'bearerToken' |
+| HardcodedCredentials.js:69:28:69:37 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:69:40:69:49 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:70:28:70:37 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:70:40:70:49 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:72:23:72:32 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:72:35:72:44 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:75:21:75:30 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:76:21:76:30 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:84:38:84:47 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:84:50:84:59 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:86:44:86:53 | 'username' | semmle.label | 'username' |
+| HardcodedCredentials.js:86:56:86:65 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:91:25:91:31 | 'TOKEN' | semmle.label | 'TOKEN' |
+| HardcodedCredentials.js:98:18:98:21 | 'x1' | semmle.label | 'x1' |
+| HardcodedCredentials.js:99:16:99:19 | 'x2' | semmle.label | 'x2' |
+| HardcodedCredentials.js:100:25:100:28 | 'x3' | semmle.label | 'x3' |
+| HardcodedCredentials.js:101:19:101:22 | 'x4' | semmle.label | 'x4' |
+| HardcodedCredentials.js:102:14:102:23 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:103:17:103:26 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:104:27:104:36 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:105:19:105:28 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:106:16:106:25 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:112:19:112:22 | 'x5' | semmle.label | 'x5' |
+| HardcodedCredentials.js:113:19:113:28 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:130:44:130:53 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:131:52:131:61 | 'hgfedcba' | semmle.label | 'hgfedcba' |
+| HardcodedCredentials.js:135:41:135:50 | "hgfedcba" | semmle.label | "hgfedcba" |
+| HardcodedCredentials.js:160:38:160:48 | "change_me" | semmle.label | "change_me" |
+| HardcodedCredentials.js:161:41:161:51 | 'change_me' | semmle.label | 'change_me' |
+| HardcodedCredentials.js:164:35:164:45 | 'change_me' | semmle.label | 'change_me' |
+| HardcodedCredentials.js:171:11:171:25 | USER | semmle.label | USER |
+| HardcodedCredentials.js:171:18:171:25 | 'sdsdag' | semmle.label | 'sdsdag' |
+| HardcodedCredentials.js:172:11:172:25 | PASS | semmle.label | PASS |
+| HardcodedCredentials.js:172:18:172:25 | 'sdsdag' | semmle.label | 'sdsdag' |
+| HardcodedCredentials.js:173:11:173:49 | AUTH | semmle.label | AUTH |
+| HardcodedCredentials.js:173:18:173:49 | base64. ... PASS}`) | semmle.label | base64. ... PASS}`) |
+| HardcodedCredentials.js:173:32:173:48 | `${USER}:${PASS}` | semmle.label | `${USER}:${PASS}` |
+| HardcodedCredentials.js:173:35:173:38 | USER | semmle.label | USER |
+| HardcodedCredentials.js:173:43:173:46 | PASS | semmle.label | PASS |
+| HardcodedCredentials.js:178:30:178:44 | `Basic ${AUTH}` | semmle.label | `Basic ${AUTH}` |
+| HardcodedCredentials.js:178:39:178:42 | AUTH | semmle.label | AUTH |
+| HardcodedCredentials.js:188:30:188:44 | `Basic ${AUTH}` | semmle.label | `Basic ${AUTH}` |
+| HardcodedCredentials.js:188:39:188:42 | AUTH | semmle.label | AUTH |
+| HardcodedCredentials.js:195:37:195:51 | `Basic ${AUTH}` | semmle.label | `Basic ${AUTH}` |
+| HardcodedCredentials.js:195:46:195:49 | AUTH | semmle.label | AUTH |
+| HardcodedCredentials.js:204:35:204:49 | `Basic ${AUTH}` | semmle.label | `Basic ${AUTH}` |
+| HardcodedCredentials.js:204:44:204:47 | AUTH | semmle.label | AUTH |
+| HardcodedCredentials.js:214:11:214:25 | USER | semmle.label | USER |
+| HardcodedCredentials.js:214:18:214:25 | 'sdsdag' | semmle.label | 'sdsdag' |
+| HardcodedCredentials.js:215:11:215:25 | PASS | semmle.label | PASS |
+| HardcodedCredentials.js:215:18:215:25 | 'sdsdag' | semmle.label | 'sdsdag' |
+| HardcodedCredentials.js:216:11:216:49 | AUTH | semmle.label | AUTH |
+| HardcodedCredentials.js:216:18:216:49 | base64. ... PASS}`) | semmle.label | base64. ... PASS}`) |
+| HardcodedCredentials.js:216:32:216:48 | `${USER}:${PASS}` | semmle.label | `${USER}:${PASS}` |
+| HardcodedCredentials.js:216:35:216:38 | USER | semmle.label | USER |
+| HardcodedCredentials.js:216:43:216:46 | PASS | semmle.label | PASS |
+| HardcodedCredentials.js:221:37:221:51 | `Basic ${AUTH}` | semmle.label | `Basic ${AUTH}` |
+| HardcodedCredentials.js:221:46:221:49 | AUTH | semmle.label | AUTH |
+| HardcodedCredentials.js:231:11:231:29 | username | semmle.label | username |
+| HardcodedCredentials.js:231:22:231:29 | 'sdsdag' | semmle.label | 'sdsdag' |
+| HardcodedCredentials.js:237:24:237:91 | 'Basic  ... ase64') | semmle.label | 'Basic  ... ase64') |
+| HardcodedCredentials.js:237:35:237:72 | Buffer. ... ssword) | semmle.label | Buffer. ... ssword) |
+| HardcodedCredentials.js:237:35:237:91 | Buffer. ... ase64') | semmle.label | Buffer. ... ase64') |
+| HardcodedCredentials.js:237:47:237:54 | username | semmle.label | username |
+| HardcodedCredentials.js:237:47:237:71 | usernam ... assword | semmle.label | usernam ... assword |
+| HardcodedCredentials.js:245:9:245:44 | privateKey | semmle.label | privateKey |
+| HardcodedCredentials.js:245:22:245:44 | "myHard ... ateKey" | semmle.label | "myHard ... ateKey" |
+| HardcodedCredentials.js:246:42:246:51 | privateKey | semmle.label | privateKey |
+| HardcodedCredentials.js:260:30:260:40 | `Basic foo` | semmle.label | `Basic foo` |
+| HardcodedCredentials.js:268:30:268:73 | `${foo  ... Token}` | semmle.label | `${foo  ... Token}` |
+| HardcodedCredentials.js:268:33:268:56 | foo ? ' ... 'OAuth' | semmle.label | foo ? ' ... 'OAuth' |
+| HardcodedCredentials.js:268:39:268:46 | 'Bearer' | semmle.label | 'Bearer' |
+| HardcodedCredentials.js:268:50:268:56 | 'OAuth' | semmle.label | 'OAuth' |
+| HardcodedCredentials.js:275:36:275:59 | "user:{ ... ERE }}" | semmle.label | "user:{ ... ERE }}" |
+| HardcodedCredentials.js:276:36:276:65 | "user:t ... ERE }}" | semmle.label | "user:t ... ERE }}" |
+| HardcodedCredentials.js:277:36:277:57 | "user:( ... HERE )" | semmle.label | "user:( ... HERE )" |
+| HardcodedCredentials.js:278:36:278:64 | "user:{ ... ken }}" | semmle.label | "user:{ ... ken }}" |
+| HardcodedCredentials.js:279:36:279:50 | "user:abcdefgh" | semmle.label | "user:abcdefgh" |
+| HardcodedCredentials.js:280:36:280:50 | "user:12345678" | semmle.label | "user:12345678" |
+| HardcodedCredentials.js:281:36:281:45 | "user:foo" | semmle.label | "user:foo" |
+| HardcodedCredentials.js:282:36:282:52 | "user:mypassword" | semmle.label | "user:mypassword" |
+| HardcodedCredentials.js:283:36:283:49 | "user:mytoken" | semmle.label | "user:mytoken" |
+| HardcodedCredentials.js:284:36:284:52 | "user:fake token" | semmle.label | "user:fake token" |
+| HardcodedCredentials.js:285:36:285:46 | "user:dcba" | semmle.label | "user:dcba" |
+| HardcodedCredentials.js:286:36:286:55 | "user:custom string" | semmle.label | "user:custom string" |
+| HardcodedCredentials.js:292:37:292:57 | `Basic  ... sdsdag` | semmle.label | `Basic  ... sdsdag` |
+| HardcodedCredentials.js:293:37:293:65 | `Basic  ... xxxxxx` | semmle.label | `Basic  ... xxxxxx` |
+| HardcodedCredentials.js:294:37:294:70 | `Basic  ... gbbbbb` | semmle.label | `Basic  ... gbbbbb` |
+| HardcodedCredentials.js:295:37:295:66 | `Basic  ... 000001` | semmle.label | `Basic  ... 000001` |
+subpaths
 #select
 | HardcodedCredentials.js:5:15:5:22 | 'dbuser' | HardcodedCredentials.js:5:15:5:22 | 'dbuser' | HardcodedCredentials.js:5:15:5:22 | 'dbuser' | The hard-coded value "dbuser" is used as $@. | HardcodedCredentials.js:5:15:5:22 | 'dbuser' | user name |
 | HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | The hard-coded value "hgfedcba" is used as $@. | HardcodedCredentials.js:8:19:8:28 | 'hgfedcba' | password |