Module HardcodedCredentials
Provides classes and predicates relating to hardcoded credentials.
Import path
import semmle.code.java.security.HardcodedCredentials
Imports
SensitiveApi | Provides predicates defining methods that consume sensitive data, such as usernames and passwords. |
java | Provides all default Java QL imports. |
Classes
CredentialsApiSink | An argument to a sensitive call of a known API, expected to contain username, password or cryptographic key credentials. |
CredentialsSink | An argument to a sensitive call, expected to contain credentials. |
CredentialsSourceSink | An argument to a call, where the parameter name corresponding to the argument indicates that it may contain credentials. |
HardcodedExpr | An expression that is either a non-empty string literal or a hard-coded |
PasswordVariable | A variable whose name indicates that it may hold a password. |
UsernameVariable | A variable whose name indicates that it may hold a user name. |