CodeQL library for JavaScript
Search

Predicate config

Holds if some JSON or YAML file contains a property with name key and value val, where valElement is the entity corresponding to the value.

The following are excluded by this predicate:

  • Dependencies in package.json files.
  • Values that look like template delimiters.
  • Files that appear to be API-specifications, dictonary, test, or example.

Import path

import semmle.javascript.security.PasswordInConfigurationFileQuery
predicate config(string key, string val, Locatable valElement)