CodeQL library for Ruby
codeql/ruby-all 3.0.3-dev (changelog, source)
Search

Module CleartextSources

Provides default sources and sanitizers for reasoning about data flow from sources of sensitive information, as well as extension points for adding your own sources and sanitizers.

Import path

import codeql.ruby.security.internal.CleartextSources

Predicates

nameIsNotSensitive

Holds if name is for a method or variable that appears, syntactically, to not be sensitive.

Classes

NonCleartextSensitiveFlow

A data flow node that receives flow that is not clear-text sensitive data.

Sanitizer

A sanitizer for cleartext sensitive information.

Source

A data flow source of cleartext sensitive information.

Aliases

NonCleartextPasswordFlow

DEPRECATED: Use NonCleartextSensitiveFlow instead.