As of today the rule S2068 is very noisy whatever the language but it generates good result after filtering False-Positives. This rule can become very powerful if its accuracy is improved.
The goal of this MMF is to implement in Swift the same heuristics other languages have already implemented to remove a maximum of FPs so that developers like to use it.
The goal is to have additional logic to the rule so that the most obvious FPs are filtered:
- Empty string (see
- Strings that contain the wordlist item (potential string constants) (see
The URL user info component can contain a hardcoded password (see