SONARJAVA-6528 S2068, S6418, and S6437: Make use of common secret exclusion filter#5745
Conversation
da498a5 to
7dc970a
Compare
8067e70 to
d6658b5
Compare
teemu-rytilahti-sonarsource
left a comment
There was a problem hiding this comment.
Thank you @pierre-loup-tristant-sonarsource, looks great already! I made some suggestions inline on how to improve this, let me know if something feels off and/or unclear!
Code Review ✅ Approved 1 resolved / 1 findingsIntegrates SecretClassifier into security rules S2068, S6418, and S6437 to improve credential filtering, while resolving typos in test-fixture comments. No issues found. ✅ 1 resolved✅ Quality: Typos in new test-fixture comments
OptionsAuto-apply is off → Gitar will not commit updates to this branch. Comment with these commands to change the behavior for this request:
Was this helpful? React with 👍 / 👎 | Gitar |
115d752 to
4cf2b51
Compare
teemu-rytilahti-sonarsource
left a comment
There was a problem hiding this comment.
LGTM, thanks @pierre-loup-tristant-sonarsource! 🚀
4cf2b51 to
1e23baf
Compare
|
Code Review ✅ Approved 1 resolved / 1 findingsIntegrates SecretClassifier into security rules S2068, S6418, and S6437 to improve credential filtering, while resolving typos in test-fixture comments. No issues found. ✅ 1 resolved✅ Quality: Typos in new test-fixture comments
OptionsAuto-apply is off → Gitar will not commit updates to this branch. Comment with these commands to change the behavior for this request:
Was this helpful? React with 👍 / 👎 | Gitar |




Part of SONARJAVA-6528
Summary by Gitar
analyzer-commonsto version2.25.0.4954.SecretClassifierintoS2068,S6418, andS6437to filter out known non-secret fake values.AbstractHardCodedCredentialCheckerto useSecretClassifierfor identifying potential credentials instead of hardcoded lists and length checks.This will update automatically on new commits.