Shared: Fix for 'wildcard'.

2026-05-24 08:07:07 +02:00 · 2026-05-06 11:52:05 +01:00
parent 07d4df18b9
commit cb84e633fa
2 changed files with 4 additions and 4 deletions
--- a/rust/ql/test/library-tests/sensitivedata/test.rs
+++ b/rust/ql/test/library-tests/sensitivedata/test.rs
@@ -368,7 +368,7 @@ fn test_private_info(
 	sink(info.financials.accounting);
 	sink(info.financials.unaccounted);
 	sink(info.financials.multiband);
-	sink(info.financials.wildcard_not_matched); // $ SPURIOUS: sensitive=private
+	sink(info.financials.wildcard_not_matched);

 	sink(ContactDetails::FavouriteColor("blue".to_string()));
 }
--- a/shared/concepts/codeql/concepts/internal/SensitiveDataHeuristics.qll
+++ b/shared/concepts/codeql/concepts/internal/SensitiveDataHeuristics.qll
@@ -145,13 +145,13 @@ module HeuristicNames {
   * suggesting nouns within the string do not represent the meaning of the whole string (e.g. a URL or a SQL query).
   *
   * We also filter out common words like `certain` and `concert`, since otherwise these could
-   * be matched by the certificate regular expressions. Same for `accountable` (account), or
-   * `secretarial` (secret).
+   * be matched by the certificate regular expressions. Same for `accountable` (account),
+   * `secretarial` (secret), `wildcard` (card).
   */
  string notSensitiveRegexp() {
    result =
      "(?is).*([^\\w$.-]|redact|censor|obfuscate|hash|md5|sha|random|((?<!un)(en))?(crypt|(?<!pass)code)|"
-        + "certain|concert|secretar|account(ant|ab|ing|ed)|file|path|([_-]|\\b)url).*"
+        + "certain|concert|secretar|wildcard|account(ant|ab|ing|ed)|file|path|([_-]|\\b)url).*"
  }

  /**