Possible security issue: hard-coded password

[akondasif]

Greetings,

We are security researchers and we are looking for insecure coding patterns and configurations in the microservice architecture repositories. In your repository, we have found instances of hard-coded passwords. According to CWE, "A hard-coded password typically leads to a significant authentication failure that can be difficult for the system administrator to detect."

Hopefully, you agree and will fix it.

Source: https://github.com/lbroudoux/chuck-norris-streams/blob/master/chuck-norris-filter-camel/src/main/resources/application-dev.properties and https://github.com/lbroudoux/chuck-norris-streams/blob/master/chuck-norris-filter-camel/src/main/resources/application.properties

[alainpham]

There is nothing to fix. These are placeholder property files for developers to signal to ops teams what externalized properties exists are settable for a real deployment on a runtime environment. On the contrary they are not hard coded.
Your analysis is out of context, please fix your analysis algorithm to take development context into account and please agree to stop spamming these messages.

[akondasif]

We will update our scanner. Thanks for the feedback.