Python: Move query tests to reflect new file layout

python/ql/test/query-tests/Security/BadPractice/HardcodedCredentials/HardcodedCredentials.expected

@@ -0,0 +1,8 @@
+edges
+| test.py:5:12:5:24 | hard coded value | test.py:14:18:14:25 | hard coded value |
+| test.py:5:12:5:24 | hard coded value | test.py:14:18:14:25 | hard coded value |
+| test.py:6:12:6:25 | hard coded value | test.py:15:18:15:25 | hard coded value |
+| test.py:6:12:6:25 | hard coded value | test.py:15:18:15:25 | hard coded value |
+#select
+| test.py:14:18:14:25 | USERNAME | test.py:5:12:5:24 | hard coded value | test.py:14:18:14:25 | hard coded value | Use of $@. | test.py:5:12:5:24 | Str | hardcoded credentials |
+| test.py:15:18:15:25 | PASSWORD | test.py:6:12:6:25 | hard coded value | test.py:15:18:15:25 | hard coded value | Use of $@. | test.py:6:12:6:25 | Str | hardcoded credentials |

python/ql/test/query-tests/Security/BadPractice/HardcodedCredentials/HardcodedCredentials.qlref

@@ -0,0 +1 @@
+Security/BadPractice/HardcodedCredentials/HardcodedCredentials.ql

python/ql/test/query-tests/Security/BadPractice/HardcodedCredentials/test.py

@@ -0,0 +1,30 @@
+
+
+HOST = "acme-trading.com"
+PORT = 8000
+USERNAME = "road_runner"
+PASSWORD = "insecure_pwd"
+
+
+def sell(client, units):
+
+    conn = client.connect(
+        host=HOST,
+        port=PORT,
+        username=USERNAME,
+        password=PASSWORD)
+
+    conn.cmd("sell", 1000)
+    conn.close()
+
+
+# Ignored
+test(password='short')
+test(password='Capitalized')
+test(password='  whitespace') # too much whitespace
+test(password='insecure__') # too many underscores
+test(password='aaaaaaaaaa') # too repetitive
+test(password='format_string_{}')
+
+# TODO: we think this is a format string :\
+test(password='''U]E8FPETCS_]{,y>bgyzh^$yC5>SP{E*2=`;3]G~k&+;khy3}4]jdpu;D(aP$SCFA{;hh4n46pUJ%+$nEP_gqNq#X!2$%*C-6y6%''')