Python: ignore common words (certain/concert) as sensitive source

2026-04-30 11:15:13 +02:00 · 2022-06-22 11:02:00 +02:00
parent abdcfd55c3
commit 5dc2bb717a
2 changed files with 7 additions and 3 deletions
--- a/python/ql/test/experimental/dataflow/sensitive-data/test.py
+++ b/python/ql/test/experimental/dataflow/sensitive-data/test.py
@@ -58,8 +58,8 @@ def my_func(password): # $ SensitiveDataSource=password

 # FP where the `cert` in `uncertainty` makes us treat it like a certificate
 # https://github.com/github/codeql/issues/9632
-def my_other_func(uncertainty): # $ SPURIOUS: SensitiveDataSource=certificate
-    print(uncertainty) # $ SPURIOUS: SensitiveUse=certificate
+def my_other_func(uncertainty):
+    print(uncertainty)

 password = some_function() # $ SensitiveDataSource=password
 print(password) # $ SensitiveUse=password