Module CleartextSources

Provides default sources and sanitizers for reasoning about data flow from sources of sensitive information, as well as extension points for adding your own sources and sanitizers.

Import path

import codeql.ruby.security.internal.CleartextSources

Predicates

isAdditionalTaintStep	Holds if `nodeFrom` taints `nodeTo`.
nameIsNotSensitive	Holds if `name` is for a method or variable that appears, syntactically, to not be sensitive.

Classes

NonCleartextPasswordFlow	A data flow node that receives flow that is not a clear-text password.
Sanitizer	A sanitizer for cleartext sensitive information.
Source	A data flow source of cleartext sensitive information.