go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-11-23 22:15:04 +02:00
Code Issues Releases Activity

feat: adding new keyword for hardcoded credentials (#666)

Browse Source
This commit is contained in:
Nanik
2021-07-19 19:23:39 +10:00
committed by GitHub
parent a484c77736
commit 2a4064d45d
2 changed files with 77 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
rules/hardcoded_credentials.go
View File

@@ -117,7 +117,7 @@ func (r *credentials) matchEqualityCheck(binaryExpr *ast.BinaryExpr, ctx *gosec.
// NewHardcodedCredentials attempts to find high entropy string constants being
// assigned to variables that appear to be related to credentials.
func NewHardcodedCredentials(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
pattern := `(?i)passwd|pass|password|pwd|secret|token`
pattern := `(?i)passwd|pass|password|pwd|secret|token|pw|apiKey|bearer|cred`
entropyThreshold := 80.0
perCharThreshold := 3.0
ignoreEntropy := false