hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 14:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #198 from sauyon/hardcoded-cred-fix

Browse Source 
HardcodedCredentials: Exclude passwords that include '0123456789'
This commit is contained in:
Max Schaefer
2019-12-06 09:02:17 +00:00
committed by GitHub Enterprise
parent 6bda80a47b 2de7c6f5fc
commit 80e7376189
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ql/src/semmle/go/security/SensitiveActions.qll
View File

@@ -245,7 +245,7 @@ module PasswordHeuristics {
exists(string normalized | normalized = password.toLowerCase() |
count(normalized.charAt(_)) = 1 or
normalized
.regexpMatch(".*(pass|test|sample|example|secret|root|admin|user|change|auth|redacted).*")
.regexpMatch(".*(pass|test|sample|example|secret|root|admin|user|change|auth|redacted|0123456789).*")
)
}
}