Predicate HeuristicNames::notSensitiveRegexp
Gets a regular expression that identifies strings that may indicate the presence of data that is hashed or encrypted, and hence rendered non-sensitive, or contains special characters suggesting nouns within the string do not represent the meaning of the whole string (e.g. a URL or a SQL query).
We also filter out common words like certain
and concert
, since otherwise these could
be matched by the certificate regular expressions. Same for accountable
(account), or
secretarial
(secret).
Import path
import semmle.python.security.internal.SensitiveDataHeuristics