Fix scan hits (#16788)

microsoft · Aug 17, 2021 · 12c4f03 · 12c4f03
1 parent 1660718
commit 12c4f03
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 1 deletion.
diff --git a/.config/CredScanSuppressions.json b/.config/CredScanSuppressions.json
@@ -16,6 +16,10 @@
         {
           "file": ".devcontainer\\devcontainer.json",
           "_justification": "Local development environment - not used in production"
+        },
+        {
+          "file": "extensions\\asde-deployment\\notebooks\\edge\\deploy-sql-edge-remote.ipynb",
+          "_justification": "Deployment Notebook - usernames/passwords are entered by user"
         }
     ]
 }
diff --git a/extensions/cms/src/cmsUtils.ts b/extensions/cms/src/cmsUtils.ts
@@ -32,6 +32,7 @@ export class CmsUtils {
 	private _cmsService: mssql.ICmsService;
 	private _registeredCmsServers: ICmsResourceNodeInfo[] = [];
 
+	// [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Used for unit testing, not actual valid credential")]
 	public async savePassword(username: string, password: string): Promise<boolean> {
 		let provider = await this.credentialProvider();
 		let result = await provider.saveCredential(username, password);

diff --git a/src/sql/platform/connection/test/common/connectionStore.test.ts b/src/sql/platform/connection/test/common/connectionStore.test.ts
@@ -26,7 +26,7 @@ suite('ConnectionStore', () => {
 		serverName: 'namedServer',
 		databaseName: 'bcd',
 		authenticationType: 'SqlLogin',
-		userName: 'cde',
+		userName: 'cde', // [SuppressMessage("Microsoft.Security", "CS001:SecretInline", Justification="Mock value, never actually used to connect")]
 		password: generateUuid(),
 		savePassword: true,
 		groupId: '',