Uploaded image for project: 'Product Roadmaps'
  1. Product Roadmaps
  2. MMF-2134

Enhanced hard-coded credentials detection (S2068) for Swift

    XMLWordPrintable

    Details

    • Type: MMF
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Labels:

      Description

      WHY

      As of today the rule S2068 is very noisy whatever the language but it generates good result after filtering False-Positives. This rule can become very powerful if its accuracy is improved.
      The goal of this MMF is to implement in Swift the same heuristics other languages have already implemented to remove a maximum of FPs so that developers like to use it.

      WHAT

      Filter False-Positives

      The goal is to have additional logic to the rule so that the most obvious FPs are filtered:

      Support URL user info

      The URL user info component can contain a hardcoded password (see SONARSWIFT-455)

      let uri = "scheme://user:azerty123@domain.com" // Sensitive
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              hendrik.buchwald Hendrik Buchwald
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: