hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 20:58:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #17100 from owen-mc/java/sensitive-log/ignore-tokenizer

Browse Source 
Java: whitelist variable names containing "tokenizer" for `java/sensitive-log`
This commit is contained in:
Owen Mansel-Chan
2024-07-31 12:16:03 +01:00
committed by GitHub
parent 59e22f6cd9 44b6309e07
commit 8901b1fd14
4 changed files with 21 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/change-notes/2024-07-30-sensitive-log-whitelist-tokenizer.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Variables names containing the string "tokenizer" (case-insensitively) are no longer sources for the `java/sensitive-log` query. They normally relate to things like `java.util.StringTokenizer`, which are not sensitive information. This should fix some false positive alerts.