A data-flow configuration that tracks hardcoded expressions flowing to a parameter whose name suggests it may be a credential, excluding those which flow on to other such insecure usage sites.
Import path
import semmle.code.java.security.HardcodedCredentialsSourceCallQuery