Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update S2068: Credentials should not be hard-coded #623

Closed
michalb-sonar opened this issue Jul 31, 2017 · 0 comments
Closed

Update S2068: Credentials should not be hard-coded #623

michalb-sonar opened this issue Jul 31, 2017 · 0 comments
Assignees
@michalb-sonar
Labels
Type: Improvement Making existing code better.
Milestone
6.4

Comments

@michalb-sonar
Copy link
Contributor

michalb-sonar commented Jul 31, 2017
edited

RSPEC-2068

Current implementation only checks if variable is named "password" (or few different variants). It needs to be updated, so it also checks if the name contains password (like "dbPassword").

The message needs to be updated to point at the part that is noncompiant. Something along the lines:
"'password' detected in this variable name, review this potentially hardcoded password."
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@michalb-sonar michalb-sonar

Labels
Type: Improvement Making existing code better.
Projects
None yet
Milestone
6.4
Development

No branches or pull requests
3 participants
@Evangelink @valhristov @michalb-sonar