Module InsufficientPasswordHashConfig

A taint tracking configuration for password hashing with insufficient computational effort.

This configuration identifies flows from Sources, which are sources of password data, to Sinks, which is an abstract class representing all the places password data may be hashed with insufficient computational effort. Additional sources or sinks can be added either by extending the relevant class, or by subclassing this configuration itself, and amending the sources and sinks.

Import path

import semmle.javascript.security.dataflow.InsufficientPasswordHashQuery

Predicates

isBarrier	Holds if data flow through `node` is prohibited. This completely removes `node` from the data flow graph.
isSink	Holds if `sink` is a relevant data flow sink.
isSource	Holds if `source` is a relevant data flow source.
observeDiffInformedIncrementalMode	Holds if sources and sinks should be filtered to only include those that may lead to a flow path with either a source or a sink in the location range given by `AlertFiltering`. This only has an effect when running in diff-informed incremental mode.