From 2de7c6f5fc68cf3942b82fe19460533d6f127d28 Mon Sep 17 00:00:00 2001
From: Sauyon Lee <sauyon@github.com>
Date: Thu, 5 Dec 2019 15:37:20 -0800
Subject: [PATCH] HardcodedCredentials: Exclude passwords that include
 '0123456789'

---
 ql/src/semmle/go/security/SensitiveActions.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ql/src/semmle/go/security/SensitiveActions.qll b/ql/src/semmle/go/security/SensitiveActions.qll
index b842365c3cc..2b7fa8998f4 100644
--- a/ql/src/semmle/go/security/SensitiveActions.qll
+++ b/ql/src/semmle/go/security/SensitiveActions.qll
@@ -245,7 +245,7 @@ module PasswordHeuristics {
     exists(string normalized | normalized = password.toLowerCase() |
       count(normalized.charAt(_)) = 1 or
       normalized
-          .regexpMatch(".*(pass|test|sample|example|secret|root|admin|user|change|auth|redacted).*")
+          .regexpMatch(".*(pass|test|sample|example|secret|root|admin|user|change|auth|redacted|0123456789).*")
     )
   }
 }