Skip to content

Commit

Permalink
Merge pull request #26 from grinish21/test-eb
Browse files Browse the repository at this point in the history
chore: update false postiive regex for token #patch
  • Loading branch information
grinish21 authored Jul 5, 2021
2 parents ba5a32c + 25fc914 commit 0f519db
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 1 deletion.
2 changes: 1 addition & 1 deletion config/falsepositives/false-positives.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -513,7 +513,7 @@ rules:
- 3075
- 6001
- 6002
Pattern: "(?i)((password|secret|credentials|passphrase)['\"]? ?[:=] ?['\"]?([a-z]+[\\._\\s]+)+(password|pass|pwd|pswd|secret|passphrase)['\"]?$)"
Pattern: "(?i)((password|secret|credentials|passphrase|token)['\"]? ?[:=] ?['\"]?([a-z]+[\\._\\s]+)+(password|pass|pwd|pswd|secret|passphrase|token)['\"]?[,]?$)"
FileExtensions: []
UseFullLine: true
Description: 'Ignore variable definitions as password values eg: password = mongo.password or password: couchbase_db_password'
Expand Down
9 changes: 9 additions & 0 deletions pkg/scan/falsePositives_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -681,6 +681,15 @@ func Test_findFalsePositive(t *testing.T) {
},
wantIsFP: false,
},
{
name: "Skip token as variable definitions",
hit: Hit{
Code: 3037,
Filename: "source.kt",
LineValue: ` const val AUTHORIZATION_TOKEN = "Authorization Token",`,
},
wantIsFP: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
Expand Down

0 comments on commit 0f519db

Please sign in to comment.